christoph/flake-nixinator
1
Fork 0
Code Activity

Add container system module

Browse Source
This commit is contained in:
Christoph Urlacher
2023-05-24 20:25:25 +02:00
parent 6ecaed47b6
commit feee85b79d
5 changed files with 158 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
TODO.md
View File

@ -1,6 +0,0 @@
# TODO
## Environments
- Use one default flake.nix (from `nix flake new -t "github:numtide/devshell"`)
- Provide a `devshell.toml` for the different environments

99
system/modules/containers/default.nix Normal file
View File

@ -0,0 +1,99 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
...
}:
with lib;
with mylib.virtualisation;
with mylib.modules; let
cfg = config.modules.containers;
in {
options.modules.containers = import ./options.nix {inherit lib mylib;};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers = {
# Home Automation
homeassistant = mkIf cfg.homeassistant.enable mkOciContainer {
image = "homeassistant/home-assistant:2023:5";
id-ports = [8123];
vols = [
"homeassistant-config:/config:Z"
];
};
# Multimedia
jellyfin = mkIf cfg.jellyfin.enable mkOciContainer {
image = "linuxserver/jellyfin:10.8.10";
id-ports = [8096];
vols = [
"jellyfin-cache:/cache:Z"
"jellyfin-config:/config:Z"
"/home/christoph/Videos/Video:/media/Video"
"/home/christoph/Videos/Picture:/media/Picture"
"/home/christoph/GameHDD/Video:/media/Video2"
];
};
fileflows = mkIf cfg.fileflows.enable mkOciContainer {
image = "revenz/fileflows";
id-ports = [5000];
vols = [
"fileflows-cache:/temp:Z"
"fileflows-data:/app/Data:Z"
"/home/christoph/Videos/Video:/media"
];
};
# Errr...
sonarr = mkIf cfg.sonarr.enable mkOciContainer {
image = "linuxserver/sonarr:3.0.10";
id-ports = [8989];
vols = [
"sonarr-config:/config:Z"
"/home/christoph/Videos/Shows:/tv"
"/home/christoph/Videos/SabNzbd:/downloads"
];
netns = "wg0-de-115";
netdns = "10.2.0.1";
};
radarr = mkIf cfg.radarr.enable mkOciContainer {
image = "linuxserver/radarr:4.4.4";
id-ports = [7878];
vols = [
"radarr-config:/config:Z"
"/home/christoph/Videos/Movies:/movies"
"/home/christoph/Videos/SabNzbd:/downloads"
];
netns = "wg0-de-115";
netdns = "10.2.0.1";
};
hydra = mkIf cfg.hydra.enable mkOciContainer {
image = "linuxserver/nzbhydra2:5.1.8";
id-ports = [5076];
vols = [
"hydra-config:/config:Z"
"/home/christoph/Videos/SabNzbd:/downloads"
];
netns = "wg0-de-115";
netdns = "10.2.0.1";
};
sabnzbd = mkIf cfg.sabnzbd.enable mkOciContainer {
image = "linuxserver/sabnzbd:4.0.1";
id-ports = [8080];
vols = [
"sabnzbd-config:/config:Z"
"/home/christoph/Videos/SabNzbd:/downloads"
"/home/christoph/Videos/.sabnzbd:/incomplete-downloads"
];
netns = "wg0-de-115";
netdns = "10.2.0.1";
};
};
};
}

45
system/modules/containers/options.nix Normal file
View File

@ -0,0 +1,45 @@
{
lib,
mylib,
...
}:
with lib;
with mylib.modules; {
enable = mkEnableOpt "Enable OCI Containers";
homeassistant = {
enable = mkEnableOpt "Enable HomeAssistant Container";
};
jellyfin = {
enable = mkEnableOpt "Enable Jellyfin Container";
};
fileflows = {
enable = mkEnableOpt "Enable FileFlows Container";
};
sonarr = {
enable = mkEnableOpt "Enable Sonarr Container";
};
radarr = {
enable = mkEnableOpt "Enable Radarr Container";
};
hydra = {
enable = mkEnableOpt "Enable Hydra Container";
};
sabnzbd = {
enable = mkEnableOpt "Enable SabNzbd Container";
};
# TODO: I need to set the keys through the hyprland module
# and generate the menu through the rofi module
rofiIntegration = {
enable = mkEnableOpt "Enable Rofi Menu for Container Servicing";
hotkey = mkOption {
type = types.str;
example = ''
"$mainMod, D"
'';
default = "$mainMod, D";
description = "What Key should trigger the Menu";
};
};
}

241
system/nixinator/default.nix
View File

@ -9,10 +9,23 @@
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../modules
inputs.musnix.nixosModules.musnix inputs.musnix.nixosModules.musnix
]; ];
modules = {
containers = {
homeassistant.enable = false;
jellyfin.enable = true;
fileflows.enable = false;
sonarr.enable = true;
radarr.enable = true;
hydra.enable = true;
sabnzbd.enable = true;
};
};
# Low latency audio # Low latency audio
musnix = { musnix = {
enable = true; enable = true;
@ -27,232 +40,4 @@
# videoDrivers = [ "nvidia" ]; # NVIDIA # videoDrivers = [ "nvidia" ]; # NVIDIA
videoDrivers = ["amdgpu"]; videoDrivers = ["amdgpu"];
}; };
# TODO: System module for these
# TODO: I also want a function to generate these configs, I just want to pass volumes, ports, env and image
virtualisation.oci-containers.containers = {
jellyfin = {
image = "linuxserver/jellyfin:10.8.10";
autoStart = false;
ports = [
"8096:8096/tcp"
];
volumes = [
"jellyfin-cache:/cache:Z"
"jellyfin-config:/config:Z"
# "/home/christoph/Videos/Movies:/media/Movies"
# "/home/christoph/Videos/Shows:/media/Shows"
"/home/christoph/Videos/Video:/media/Video"
"/home/christoph/Videos/Picture:/media/Picture"
# "/home/christoph/Videos/Concerts:/media/Concerts"
# "/home/christoph/Music/Spotify:/media/Music:ro"
"/home/christoph/GameHDD/Video:/media/Video2"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
};
};
# TODO: When setting PUID/PGID fileflows can't access /temp dir
# fileflows = {
# image = "revenz/fileflows";
# autoStart = false;
# ports = [
# "5000:5000"
# ];
# volumes = [
# "fileflows-cache:/temp:Z"
# "fileflows-data:/app/Data:Z"
# "/home/christoph/Videos/Video:/media"
# ];
# environment = {
# PUID = "1000";
# PGID = "1000";
# TZ = "Europe/Berlin";
# };
# };
sonarr = {
image = "linuxserver/sonarr:3.0.10";
autoStart = false;
extraOptions = [
"--network=ns:/var/run/netns/vpn"
"--dns=10.2.0.1"
];
ports = [
"8989:8989"
];
volumes = [
"sonarr-config:/config:Z"
"/home/christoph/Videos/Shows:/tv"
"/home/christoph/Videos/SabNzbd:/downloads"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
};
};
radarr = {
image = "linuxserver/radarr:4.4.4";
autoStart = false;
extraOptions = [
"--network=ns:/var/run/netns/vpn"
"--dns=10.2.0.1"
];
ports = [
"7878:7878"
];
volumes = [
"radarr-config:/config:Z"
"/home/christoph/Videos/Movies:/movies"
"/home/christoph/Videos/SabNzbd:/downloads"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
};
};
hydra = {
image = "linuxserver/nzbhydra2:5.1.8";
autoStart = false;
extraOptions = [
"--network=ns:/var/run/netns/vpn"
"--dns=10.2.0.1"
];
ports = [
"5076:5076"
];
volumes = [
"hydra-config:/config:Z"
"/home/christoph/Videos/SabNzbd:/downloads"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
};
};
sabnzbd = {
image = "linuxserver/sabnzbd:4.0.1";
autoStart = false;
extraOptions = [
"--network=ns:/var/run/netns/vpn"
"--dns=10.2.0.1"
];
ports = [
"8080:8080"
];
volumes = [
"sabnzbd-config:/config:Z"
"/home/christoph/Videos/SabNzbd:/downloads"
"/home/christoph/Videos/.sabnzbd:/incomplete-downloads"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
};
};
homeassistant = {
image = "homeassistant/home-assistant:2023.5";
autoStart = false;
ports = [
"8123:8123"
];
volumes = [
"homeassistant-config:/config:Z"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
};
};
# NOTE: PyTorch ROCM image is 36 GB large...
# NOTE: This requires to setup the PodmanROCM direcory beforehand, as described here:
# https://github.com/AUTOMATIC1111/stable-diffusion-webui/wiki/Install-and-Run-on-AMD-GPUs#running-inside-docker
# stablediffusion = {
# image = "rocm/pytorch";
# autoStart = false;
# extraOptions = [
# "--network=host"
# "--device=/dev/kfd"
# "--device=/dev/dri"
# "--group-add=video"
# "--ipc=host"
# "--cap-add=SYS_PTRACE"
# "--security-opt=seccomp=unconfined"
# ];
# volumes = [
# "/home/christoph/NoSync/StableDiffusionWebUI:/webui-data"
# ];
# # TODO: User christoph not found in passwd file
# # user = "christoph:users";
# environment = {
# UID = "1000";
# GID = "100";
# TZ = "Europe/Berlin";
# };
# entrypoint = "/webui-data/launch.sh";
# };
};
# Make the system services available to the user
# NOTE: This doesn't work, since the cidfile is located in /run, which is not writable for regular users...
systemd.user.services = let
# Filter all system service attributes that the user units don't have and add some required attributes
system2user = attrs:
lib.mergeAttrs (lib.attrsets.filterAttrs (n: v:
!(
n
== "confinement"
|| n == "runner"
|| n == "environment"
))
attrs) {
startLimitIntervalSec = 1;
startLimitBurst = 5;
};
in {
# podman-stablediffusion = system2user config.systemd.services.podman-stablediffusion;
};
} }

1
system/nixtop/default.nix
View File

@ -9,6 +9,7 @@
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../modules
]; ];
services.xserver = { services.xserver = {