mirror of
https://github.com/alyraffauf/nixcfg.git
synced 2024-11-25 13:51:54 -05:00
added port options for oci containers
This commit is contained in:
parent
3ed4b57417
commit
8bbc321005
|
@ -10,7 +10,6 @@
|
|||
domain = "raffauflabs.com";
|
||||
mediaDirectory = "/mnt/Media";
|
||||
archiveDirectory = "/mnt/Archive";
|
||||
openPorts = [80 443 51413 9091];
|
||||
in {
|
||||
imports = [./hardware-configuration.nix ./home.nix];
|
||||
|
||||
|
@ -59,9 +58,12 @@ in {
|
|||
};
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
allowedTCPPorts = openPorts;
|
||||
allowedUDPPorts = openPorts;
|
||||
firewall = let
|
||||
transmissionPort = config.alyraffauf.containers.oci.transmission.port;
|
||||
bitTorrentPort = config.alyraffauf.containers.oci.transmission.bitTorrentPort;
|
||||
in {
|
||||
allowedTCPPorts = [80 443 transmissionPort bitTorrentPort];
|
||||
allowedUDPPorts = [bitTorrentPort];
|
||||
};
|
||||
# My router doesn't expose settings for NAT loopback
|
||||
# So we have to use this workaround.
|
||||
|
@ -102,7 +104,7 @@ in {
|
|||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:8080";
|
||||
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.freshRSS.port}";
|
||||
proxyWebsockets = true; # needed if you need to use WebSocket
|
||||
extraConfig = ''
|
||||
proxy_buffering off;
|
||||
|
@ -126,7 +128,7 @@ in {
|
|||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:32400";
|
||||
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.plexMediaServer.port}";
|
||||
proxyWebsockets = true; # needed if you need to use WebSocket
|
||||
extraConfig = ''
|
||||
proxy_buffering off;
|
||||
|
@ -138,7 +140,7 @@ in {
|
|||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:13378";
|
||||
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.audiobookshelf.port}";
|
||||
# proxyWebsockets = true; # This breaks audiobookshelf.
|
||||
extraConfig = ''
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
|
|
@ -12,12 +12,17 @@
|
|||
default = "/mnt/Media";
|
||||
type = lib.types.str;
|
||||
};
|
||||
alyraffauf.containers.oci.audiobookshelf.port = lib.mkOption {
|
||||
description = "Port for audiobookshelf.";
|
||||
default = 13378;
|
||||
type = lib.types.int;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.alyraffauf.containers.oci.audiobookshelf.enable {
|
||||
virtualisation.oci-containers.containers = {
|
||||
audiobookshelf = {
|
||||
ports = ["0.0.0.0:13378:80"];
|
||||
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.audiobookshelf.port}:80"];
|
||||
image = "ghcr.io/advplyr/audiobookshelf:latest";
|
||||
environment = {TZ = "America/New_York";};
|
||||
volumes = ["abs_config:/config" "abs_metadata:/metadata" "${config.alyraffauf.containers.oci.audiobookshelf.mediaDirectory}:/Media"];
|
||||
|
|
|
@ -7,12 +7,17 @@
|
|||
options = {
|
||||
alyraffauf.containers.oci.freshRSS.enable =
|
||||
lib.mkEnableOption "Enable FreshRSS news client.";
|
||||
alyraffauf.containers.oci.freshRSS.port = lib.mkOption {
|
||||
description = "Port for FreshRSS.";
|
||||
default = 8080;
|
||||
type = lib.types.int;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.alyraffauf.containers.oci.freshRSS.enable {
|
||||
virtualisation.oci-containers.containers = {
|
||||
freshrss = {
|
||||
ports = ["0.0.0.0:8080:80"];
|
||||
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.freshRSS.port}:80"];
|
||||
image = "freshrss/freshrss:latest";
|
||||
environment = {
|
||||
TZ = "America/New_York";
|
||||
|
|
|
@ -17,12 +17,17 @@
|
|||
default = "/mnt/Archive";
|
||||
type = lib.types.str;
|
||||
};
|
||||
alyraffauf.containers.oci.jellyfin.port = lib.mkOption {
|
||||
description = "Port for Jellyfin.";
|
||||
default = 8096;
|
||||
type = lib.types.int;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.alyraffauf.containers.oci.jellyfin.enable {
|
||||
virtualisation.oci-containers.containers = {
|
||||
jellyfin = {
|
||||
ports = ["0.0.0.0:8096:8096"];
|
||||
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.jellyfin.port}:8096"];
|
||||
image = "jellyfin/jellyfin";
|
||||
environment = {TZ = "America/New_York";};
|
||||
volumes = [
|
||||
|
|
|
@ -17,12 +17,17 @@
|
|||
default = "/mnt/Archive";
|
||||
type = lib.types.str;
|
||||
};
|
||||
alyraffauf.containers.oci.plexMediaServer.port = lib.mkOption {
|
||||
description = "Port for Plex Media Server.";
|
||||
default = 32400;
|
||||
type = lib.types.int;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.alyraffauf.containers.oci.plexMediaServer.enable {
|
||||
virtualisation.oci-containers.containers = {
|
||||
plexMediaServer = {
|
||||
ports = ["0.0.0.0:32400:32400"];
|
||||
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.plexMediaServer.port}:32400"];
|
||||
image = "plexinc/pms-docker:public";
|
||||
environment = {TZ = "America/New_York";};
|
||||
volumes = [
|
||||
|
|
|
@ -17,12 +17,22 @@
|
|||
default = "/mnt/Archive";
|
||||
type = lib.types.str;
|
||||
};
|
||||
alyraffauf.containers.oci.transmission.port = lib.mkOption {
|
||||
description = "Port for Transmission.";
|
||||
default = 9091;
|
||||
type = lib.types.int;
|
||||
};
|
||||
alyraffauf.containers.oci.transmission.bitTorrentPort = lib.mkOption {
|
||||
description = "Port for BitTorrent p2p services..";
|
||||
default = 5143;
|
||||
type = lib.types.int;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.alyraffauf.containers.oci.transmission.enable {
|
||||
virtualisation.oci-containers.containers = {
|
||||
transmission = {
|
||||
ports = ["0.0.0.0:9091:9091" "0.0.0.0:51413:51413"];
|
||||
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.port}:9091" "0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.bitTorrentPort}:51413"];
|
||||
image = "linuxserver/transmission:latest";
|
||||
environment = {
|
||||
PGID = "1000";
|
||||
|
|
Loading…
Reference in a new issue