diff options
| author | tdback <tyler@tdback.net> | 2025-01-26 11:31:39 -0500 |
|---|---|---|
| committer | tdback <tyler@tdback.net> | 2025-01-26 11:31:39 -0500 |
| commit | 1b40ddcb978dec8cf52a82319f1f8b4e4eedd3f8 (patch) | |
| tree | af7b6b2ff316e42fa8c59ff772970a16a3b8c4cb /modules/containers/jellyfin | |
| parent | a7c3d07078d0ca67afadd6fb24ab4b60b38c1109 (diff) | |
containers: reworked each container to be a standalone module
Diffstat (limited to 'modules/containers/jellyfin')
| -rw-r--r-- | modules/containers/jellyfin/default.nix | 96 |
1 files changed, 79 insertions, 17 deletions
diff --git a/modules/containers/jellyfin/default.nix b/modules/containers/jellyfin/default.nix index a7b9557..aa0d4b1 100644 --- a/modules/containers/jellyfin/default.nix +++ b/modules/containers/jellyfin/default.nix @@ -1,24 +1,86 @@ -{ ... }: +{ + config, + lib, + ... +}: +with lib; let - directory = "/opt/jellyfin"; + service = "jellyfin"; + cfg = config.modules.containers.${service}; in { - systemd.tmpfiles.rules = builtins.map (x: "d ${x} 0755 share share - -") [ directory ]; + options.modules.containers.${service} = { + enable = mkEnableOption service; + user = mkOption { + default = "share"; + type = types.str; + }; + group = mkOption { + default = "share"; + type = types.str; + }; + port = mkOption { + default = 8096; + type = types.int; + }; + url = mkOption { + default = null; + type = types.str; + }; + mediaDir = mkOption { + type = types.str; + }; + configDir = mkOption { + default = "/opt/${service}"; + type = types.str; + }; + }; + + config = mkIf cfg.enable { + users.users.${cfg.user} = { + isSystemUser = true; + group = cfg.group; + }; - virtualisation.oci-containers.containers.jellyfin = { - image = "jellyfin/jellyfin:latest"; - autoStart = true; - user = "994:994"; - ports = [ "8096:8096/tcp" ]; - volumes = [ - "${directory}/config:/config" - "${directory}/cache:/cache" - "/tank/media:/media" + users.groups.${cfg.group} = { }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 ]; - }; - services.caddy.virtualHosts."buttered.brownbread.net".extraConfig = '' - encode zstd gzip - reverse_proxy http://localhost:8096 - ''; + services.caddy = { + enable = true; + virtualHosts = { + ${cfg.url}.extraConfig = '' + encode zstd gzip + reverse_proxy http://localhost:${builtins.toString cfg.port} + ''; + }; + }; + + systemd.tmpfiles.rules = builtins.map (f: "d ${f} 0755 ${cfg.user} ${cfg.group} - -") [ + cfg.configDir + ]; + + virtualisation.oci-containers.containers.${service} = + with config.users; + with builtins; + let + uid = toString users.${cfg.user}.uid; + gid = toString groups.${cfg.group}.gid; + port = toString cfg.port; + in + { + image = "${service}/${service}:latest"; + autoStart = true; + user = "${uid}:${gid}"; + ports = [ "${port}:${port}/tcp" ]; + volumes = [ + "${cfg.configDir}/config:/config" + "${cfg.configDir}/cache:/cache" + "${cfg.mediaDir}:/media" + ]; + }; + }; } |