moritz
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

switched to docker containers

dev-docs
Moritz Böhme 2021-10-03 16:30:35 +02:00
parent ff8212fff3
commit 9fe9cbed9e
3 changed files with 60 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
modules/containers/default.nix
View File

@ -2,4 +2,5 @@
{ {
imports = [ ./media.nix ]; imports = [ ./media.nix ];
virtualisation.docker.enable = true;
} }

99
modules/containers/media.nix
View File

@ -1,53 +1,72 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
containers.radarr = { virtualisation.oci-containers.containers = {
config = { config, pkgs, ... }: { services.radarr.enable = true; }; "transmission" = {
bindMounts = { image = "haugene/transmission-openvpn";
"/dowloads" = { environmentFiles = [ /run/secrets/nordvpn ];
hostPath = "/var/lib/Transmission/Downloads/completed/"; environment = {
isReadOnly = true; "LOCAL_NETWORK" = "192.168.0.0/24";
"OPENVPN_PROVIDER" = "NORDVPN";
"TRANSMISSION_ALT_SPEED_DOWN" = "20000";
"TRANSMISSION_ALT_SPEED_TIME_ENABLED" = "true";
"TRANSMISSION_ALT_SPEED_UP" = "2000";
"TRANSMISSION_MAX_PEERS_GLOBAL" = "1000";
"TRANSMISSION_PEER_LIMIT_GLOBAL" = "1000";
"TRANSMISSION_PEER_LIMIT_PER_TORRENT" = "100";
"TRANSMISSION_RATIO_LIMIT" = "10";
"TRANSMISSION_RATIO_LIMIT_ENABLED" = "true";
"TZ" = "DE";
"ENABLE_UFW" = "true";
"PUID" = "1000";
"PGID" = "100";
}; };
ports = [ "9091:9091" ];
volumes = [ "/home/moritz/Docker/Transmission:/data/" ];
extraOptions = [ "--cap-add=NET_ADMIN" ];
}; };
};
containers.sonarr = { "jackett" = {
config = { config, pkgs, ... }: { services.sonarr.enable = true; }; image = "linuxserver/jackett";
bindMounts = { environment = {
"/dowloads" = { "PUID" = "1000";
hostPath = "/var/lib/Transmission/Downloads/completed/"; "PGID" = "100";
isReadOnly = true; "TZ" = "DE";
}; };
volumes = [
"/home/moritz/Docker/jackett/config:/config"
"/home/moritz/Docker/jackett/blackhole:/downloads"
];
ports = [ "9117:9117" ];
}; };
};
containers.jackett = {
config = { config, pkgs, ... }: { services.jackett.enable = true; };
};
containers.transmission = {
config = { config, pkgs, ... }: {
# services.openvpn = { servers = { nordvpn = { }; }; };
networking.firewall = {
enable = true;
# extraStopCommands = ''
# sudo iptables -N ALLOWVPN
# sudo iptables -N BLOCKALL
# # allow access for the interfaces loopback, tun, and tap "radarr" = {
# sudo iptables -A OUTPUT -o tun+ -j ACCEPT; image = "linuxserver/radarr";
# sudo iptables -A OUTPUT -o tap+ -j ACCEPT; environment = {
# sudo iptables -A OUTPUT -o lo+ -j ACCEPT; "PUID" = "1000";
"PGID" = "100";
# # route outgoing data via our created chains "TZ" = "DE";
# sudo iptables -A OUTPUT -j ALLOWVPN;
# sudo iptables -A OUTPUT -j BLOCKALL;
# # block all disallowed connections
# sudo iptables -A BLOCKALL -j DROP
# '';
}; };
volumes = [
"/auto/media/movies:/movies"
"/home/moritz/Docker/transmission/completed/movies:/downloads"
"/home/moritz/Docker/radarr"
];
ports = [ "7878:7878" ];
}; };
bindMounts = { "sonarr" = {
"/var/lib/transmission" = { hostPath = "/home/moritz/Transmission/"; }; image = "linuxserver/sonarr";
environment = {
"PUID" = "1000";
"PGID" = "100";
"TZ" = "DE";
};
volumes = [
"/auto/media/tv:/tv"
"/home/moritz/Docker/transmission/completed/movies:/downloads"
"/home/moritz/Docker/sonarr"
];
ports = [ "8989:8989" ];
}; };
}; };
} }

BIN
secrets/nordvpn.age
View File

Binary file not shown.