raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(self_host/jellyfin): adding the dockerisation of arr services

Browse source
This commit is contained in:
Raphael 2026-01-05 16:53:04 +01:00
parent d611b4cc01
commit 098da27752
No known key found for this signature in database
1 changed files with 101 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

160
services/self_host/jellyfin.nix
View file

@ -6,79 +6,121 @@ lib,
}:
let
cfg = config.service.selfhost.jellyfin;
wireguard-key = config.age.secrets."wireguard-secret".path;
in
{
config = lib.mkIf cfg {
virtualisation = {
docker.enable = true;
oci-containers = {
backend = "docker";
containers = {
gluetun = {
image = "qmcgaw/gluetun:latest";
autoStart = true;
extraOptions = [
"--cap-add=NET_ADMIN"
"--device=/dev/net/tun"
];
environment = {
VPN_SERVICE_PROVIDER = "mullvad";
VPN_TYPE = "wireguard";
WIREGUARD_PRIVATE_KEY = builtins.readFile wireguard-key;
BLOCK_MALICIOUS = "off";
BLOCK_SURVEILLANCE = "off";
BLOCK_ADS = "off";
WIREGUARD_ADDRESSES = "10.70.168.94/32";
SERVER_COUNTRIES = "Sweden";
SERVER_CITIES = "Stockholm";
SERVER_HOSTNAMES = "se-sto-wg-206";
TZ = "Europe/Paris";
};
ports = [
"8080:8080"
"7878:7878"
"8989:8989"
"9696:9696"
];
};
qbittorrent = {
image = "lscr.io/linuxserver/qbittorrent:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
WEBUI_PORT = "8080";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/qbittorrent/config:/config"
"/mnt/data/downloads:/downloads"
];
};
radarr = {
image = "lscr.io/linuxserver/radarr:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/radarr/config:/config"
"/mnt/data:/data"
];
};
sonarr = {
image = "lscr.io/linuxserver/sonarr:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/sonarr/config:/config"
"/mnt/data:/data"
];
};
prowlarr = {
image = "lscr.io/linuxserver/prowlarr:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/prowlarr/config:/config"
];
};
};
};
};
users = {
groups.datausers = { };
users = {
jellyfin.extraGroups = [ "datausers" ];
radarr.extraGroups = [ "datausers" ];
sonarr.extraGroups = [ "datausers" ];
};
};
services = {
jellyfin = {
enable = true;
dataDir = "/mnt/data/media";
dataDir = "/mnt/data/jellyfin";
openFirewall = true;
};
qbittorrent = {
enable = true;
openFirewall = true;
user = "qbittorrent";
group = "datausers";
webuiPort = 8137;
serverConfig = {
Preferences = {
Downloads = {
SavePath = "/mnt/data/downloads";
TempPathEnabled = false;
};
General = {
Locale = "fr_FR";
};
WebUI = {
Username = "raphael";
Password_PBKDF2 = "@ByteArray(CmH/e4LVehCMTT2BUTVo5g==:VqhgnDIsg0owhZqINmi6O0Ac3tXgz6JYAkxB7sqSH18VPQ6R6Tz9jT2a6KXtld4wG6ld41nFXSst0UqRFTUTUw==)";
};
};
};
};
flaresolverr = {
enable = true;
openFirewall = true;
port = 8191;
};
sonarr = {
enable = true;
dataDir = "/var/lib/sonarr";
user = "sonarr";
group = "datausers";
openFirewall = true;
};
radarr = {
enable = true;
dataDir = "/var/lib/radarr";
user = "radarr";
group = "datausers";
openFirewall = true;
};
prowlarr = {
enable = true;
dataDir = "/var/lib/prowlarr";
openFirewall = true;
};
bazarr.enable = true;
nginx.virtualHosts = {
"jellyfin.enium.eu" = {
enableACME = true;