Add container system module

2023-05-24 20:25:25 +02:00
parent 6ecaed47b6
commit feee85b79d
5 changed files with 158 additions and 234 deletions
--- a/system/modules/containers/default.nix
+++ b/system/modules/containers/default.nix
@ -0,0 +1,99 @@
+{
+  config,
+  nixosConfig,
+  lib,
+  mylib,
+  pkgs,
+  ...
+}:
+with lib;
+with mylib.virtualisation;
+with mylib.modules; let
+  cfg = config.modules.containers;
+in {
+  options.modules.containers = import ./options.nix {inherit lib mylib;};
+
+  config = mkIf cfg.enable {
+    virtualisation.oci-containers.containers = {
+      # Home Automation
+      homeassistant = mkIf cfg.homeassistant.enable mkOciContainer {
+        image = "homeassistant/home-assistant:2023:5";
+        id-ports = [8123];
+        vols = [
+          "homeassistant-config:/config:Z"
+        ];
+      };
+
+      # Multimedia
+      jellyfin = mkIf cfg.jellyfin.enable mkOciContainer {
+        image = "linuxserver/jellyfin:10.8.10";
+        id-ports = [8096];
+        vols = [
+          "jellyfin-cache:/cache:Z"
+          "jellyfin-config:/config:Z"
+          "/home/christoph/Videos/Video:/media/Video"
+          "/home/christoph/Videos/Picture:/media/Picture"
+          "/home/christoph/GameHDD/Video:/media/Video2"
+        ];
+      };
+
+      fileflows = mkIf cfg.fileflows.enable mkOciContainer {
+        image = "revenz/fileflows";
+        id-ports = [5000];
+        vols = [
+          "fileflows-cache:/temp:Z"
+          "fileflows-data:/app/Data:Z"
+          "/home/christoph/Videos/Video:/media"
+        ];
+      };
+
+      # Errr...
+      sonarr = mkIf cfg.sonarr.enable mkOciContainer {
+        image = "linuxserver/sonarr:3.0.10";
+        id-ports = [8989];
+        vols = [
+          "sonarr-config:/config:Z"
+          "/home/christoph/Videos/Shows:/tv"
+          "/home/christoph/Videos/SabNzbd:/downloads"
+        ];
+        netns = "wg0-de-115";
+        netdns = "10.2.0.1";
+      };
+
+      radarr = mkIf cfg.radarr.enable mkOciContainer {
+        image = "linuxserver/radarr:4.4.4";
+        id-ports = [7878];
+        vols = [
+          "radarr-config:/config:Z"
+          "/home/christoph/Videos/Movies:/movies"
+          "/home/christoph/Videos/SabNzbd:/downloads"
+        ];
+        netns = "wg0-de-115";
+        netdns = "10.2.0.1";
+      };
+
+      hydra = mkIf cfg.hydra.enable mkOciContainer {
+        image = "linuxserver/nzbhydra2:5.1.8";
+        id-ports = [5076];
+        vols = [
+          "hydra-config:/config:Z"
+          "/home/christoph/Videos/SabNzbd:/downloads"
+        ];
+        netns = "wg0-de-115";
+        netdns = "10.2.0.1";
+      };
+
+      sabnzbd = mkIf cfg.sabnzbd.enable mkOciContainer {
+        image = "linuxserver/sabnzbd:4.0.1";
+        id-ports = [8080];
+        vols = [
+          "sabnzbd-config:/config:Z"
+          "/home/christoph/Videos/SabNzbd:/downloads"
+          "/home/christoph/Videos/.sabnzbd:/incomplete-downloads"
+        ];
+        netns = "wg0-de-115";
+        netdns = "10.2.0.1";
+      };
+    };
+  };
+}
--- a/system/modules/containers/options.nix
+++ b/system/modules/containers/options.nix
@ -0,0 +1,45 @@
+{
+  lib,
+  mylib,
+  ...
+}:
+with lib;
+with mylib.modules; {
+  enable = mkEnableOpt "Enable OCI Containers";
+
+  homeassistant = {
+    enable = mkEnableOpt "Enable HomeAssistant Container";
+  };
+  jellyfin = {
+    enable = mkEnableOpt "Enable Jellyfin Container";
+  };
+  fileflows = {
+    enable = mkEnableOpt "Enable FileFlows Container";
+  };
+  sonarr = {
+    enable = mkEnableOpt "Enable Sonarr Container";
+  };
+  radarr = {
+    enable = mkEnableOpt "Enable Radarr Container";
+  };
+  hydra = {
+    enable = mkEnableOpt "Enable Hydra Container";
+  };
+  sabnzbd = {
+    enable = mkEnableOpt "Enable SabNzbd Container";
+  };
+
+  # TODO: I need to set the keys through the hyprland module
+  #       and generate the menu through the rofi module
+  rofiIntegration = {
+    enable = mkEnableOpt "Enable Rofi Menu for Container Servicing";
+    hotkey = mkOption {
+      type = types.str;
+      example = ''
+        "$mainMod, D"
+      '';
+      default = "$mainMod, D";
+      description = "What Key should trigger the Menu";
+    };
+  };
+}
--- a/system/nixinator/default.nix
+++ b/system/nixinator/default.nix
@ -9,10 +9,23 @@
  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
+    ../modules

    inputs.musnix.nixosModules.musnix
  ];

+  modules = {
+    containers = {
+      homeassistant.enable = false;
+      jellyfin.enable = true;
+      fileflows.enable = false;
+      sonarr.enable = true;
+      radarr.enable = true;
+      hydra.enable = true;
+      sabnzbd.enable = true;
+    };
+  };
+
  # Low latency audio
  musnix = {
    enable = true;
@ -27,232 +40,4 @@
    # videoDrivers = [ "nvidia" ]; # NVIDIA
    videoDrivers = ["amdgpu"];
  };
-
-  # TODO: System module for these
-  # TODO: I also want a function to generate these configs, I just want to pass volumes, ports, env and image
-  virtualisation.oci-containers.containers = {
-    jellyfin = {
-      image = "linuxserver/jellyfin:10.8.10";
-      autoStart = false;
-
-      ports = [
-        "8096:8096/tcp"
-      ];
-
-      volumes = [
-        "jellyfin-cache:/cache:Z"
-        "jellyfin-config:/config:Z"
-        # "/home/christoph/Videos/Movies:/media/Movies"
-        # "/home/christoph/Videos/Shows:/media/Shows"
-        "/home/christoph/Videos/Video:/media/Video"
-        "/home/christoph/Videos/Picture:/media/Picture"
-        # "/home/christoph/Videos/Concerts:/media/Concerts"
-        # "/home/christoph/Music/Spotify:/media/Music:ro"
-        "/home/christoph/GameHDD/Video:/media/Video2"
-      ];
-
-      environment = {
-        PUID = "1000";
-        PGID = "1000";
-        TZ = "Europe/Berlin";
-      };
-    };
-
-    # TODO: When setting PUID/PGID fileflows can't access /temp dir
-    # fileflows = {
-    #   image = "revenz/fileflows";
-    #   autoStart = false;
-
-    #   ports = [
-    #     "5000:5000"
-    #   ];
-
-    #   volumes = [
-    #     "fileflows-cache:/temp:Z"
-    #     "fileflows-data:/app/Data:Z"
-    #     "/home/christoph/Videos/Video:/media"
-    #   ];
-
-    #   environment = {
-    #     PUID = "1000";
-    #     PGID = "1000";
-    #     TZ = "Europe/Berlin";
-    #   };
-    # };
-
-    sonarr = {
-      image = "linuxserver/sonarr:3.0.10";
-      autoStart = false;
-
-      extraOptions = [
-        "--network=ns:/var/run/netns/vpn"
-        "--dns=10.2.0.1"
-      ];
-
-      ports = [
-        "8989:8989"
-      ];
-
-      volumes = [
-        "sonarr-config:/config:Z"
-        "/home/christoph/Videos/Shows:/tv"
-        "/home/christoph/Videos/SabNzbd:/downloads"
-      ];
-
-      environment = {
-        PUID = "1000";
-        PGID = "1000";
-        TZ = "Europe/Berlin";
-      };
-    };
-
-    radarr = {
-      image = "linuxserver/radarr:4.4.4";
-      autoStart = false;
-
-      extraOptions = [
-        "--network=ns:/var/run/netns/vpn"
-        "--dns=10.2.0.1"
-      ];
-
-      ports = [
-        "7878:7878"
-      ];
-
-      volumes = [
-        "radarr-config:/config:Z"
-        "/home/christoph/Videos/Movies:/movies"
-        "/home/christoph/Videos/SabNzbd:/downloads"
-      ];
-
-      environment = {
-        PUID = "1000";
-        PGID = "1000";
-        TZ = "Europe/Berlin";
-      };
-    };
-
-    hydra = {
-      image = "linuxserver/nzbhydra2:5.1.8";
-      autoStart = false;
-
-      extraOptions = [
-        "--network=ns:/var/run/netns/vpn"
-        "--dns=10.2.0.1"
-      ];
-
-      ports = [
-        "5076:5076"
-      ];
-
-      volumes = [
-        "hydra-config:/config:Z"
-        "/home/christoph/Videos/SabNzbd:/downloads"
-      ];
-
-      environment = {
-        PUID = "1000";
-        PGID = "1000";
-        TZ = "Europe/Berlin";
-      };
-    };
-
-    sabnzbd = {
-      image = "linuxserver/sabnzbd:4.0.1";
-      autoStart = false;
-
-      extraOptions = [
-        "--network=ns:/var/run/netns/vpn"
-        "--dns=10.2.0.1"
-      ];
-
-      ports = [
-        "8080:8080"
-      ];
-
-      volumes = [
-        "sabnzbd-config:/config:Z"
-        "/home/christoph/Videos/SabNzbd:/downloads"
-        "/home/christoph/Videos/.sabnzbd:/incomplete-downloads"
-      ];
-
-      environment = {
-        PUID = "1000";
-        PGID = "1000";
-        TZ = "Europe/Berlin";
-      };
-    };
-
-    homeassistant = {
-      image = "homeassistant/home-assistant:2023.5";
-      autoStart = false;
-
-      ports = [
-        "8123:8123"
-      ];
-
-      volumes = [
-        "homeassistant-config:/config:Z"
-      ];
-
-      environment = {
-        PUID = "1000";
-        PGID = "1000";
-        TZ = "Europe/Berlin";
-      };
-    };
-
-    # NOTE: PyTorch ROCM image is 36 GB large...
-    # NOTE: This requires to setup the PodmanROCM direcory beforehand, as described here:
-    #       https://github.com/AUTOMATIC1111/stable-diffusion-webui/wiki/Install-and-Run-on-AMD-GPUs#running-inside-docker
-    # stablediffusion = {
-    #   image = "rocm/pytorch";
-    #   autoStart = false;
-
-    #   extraOptions = [
-    #     "--network=host"
-    #     "--device=/dev/kfd"
-    #     "--device=/dev/dri"
-    #     "--group-add=video"
-    #     "--ipc=host"
-    #     "--cap-add=SYS_PTRACE"
-    #     "--security-opt=seccomp=unconfined"
-    #   ];
-
-    #   volumes = [
-    #     "/home/christoph/NoSync/StableDiffusionWebUI:/webui-data"
-    #   ];
-
-    #   # TODO: User christoph not found in passwd file
-    #   # user = "christoph:users";
-
-    #   environment = {
-    #     UID = "1000";
-    #     GID = "100";
-    #     TZ = "Europe/Berlin";
-    #   };
-
-    #   entrypoint = "/webui-data/launch.sh";
-    # };
-  };
-
-  # Make the system services available to the user
-  # NOTE: This doesn't work, since the cidfile is located in /run, which is not writable for regular users...
-  systemd.user.services = let
-    # Filter all system service attributes that the user units don't have and add some required attributes
-    system2user = attrs:
-      lib.mergeAttrs (lib.attrsets.filterAttrs (n: v:
-        !(
-          n
-          == "confinement"
-          || n == "runner"
-          || n == "environment"
-        ))
-      attrs) {
-        startLimitIntervalSec = 1;
-        startLimitBurst = 5;
-      };
-  in {
-    # podman-stablediffusion = system2user config.systemd.services.podman-stablediffusion;
-  };
 }
--- a/system/nixtop/default.nix
+++ b/system/nixtop/default.nix
@ -9,6 +9,7 @@
  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
+    ../modules
  ];

  services.xserver = {