raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nixos/services/self_host/jellyfin.nix

149 lines
3.9 KiB
Nix
Raw Blame History

{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.jellyfin;
wireguard-key = config.age.secrets."wireguard-secret".path;
in
{
config = lib.mkIf cfg {
virtualisation = {
docker.enable = true;
oci-containers = {
backend = "docker";
containers = {
gluetun = {
image = "qmcgaw/gluetun:latest";
autoStart = true;
extraOptions = [
"--cap-add=NET_ADMIN"
"--device=/dev/net/tun"
];
environment = {
VPN_SERVICE_PROVIDER = "mullvad";
VPN_TYPE = "wireguard";
WIREGUARD_PRIVATE_KEY = builtins.readFile wireguard-key;
BLOCK_MALICIOUS = "off";
BLOCK_SURVEILLANCE = "off";
BLOCK_ADS = "off";
WIREGUARD_ADDRESSES = "10.70.168.94/32";
SERVER_COUNTRIES = "Sweden";
SERVER_CITIES = "Stockholm";
SERVER_HOSTNAMES = "se-sto-wg-206";
TZ = "Europe/Paris";
};
ports = [
"8080:8080"
"7878:7878"
"8989:8989"
"9696:9696"
];
};
qbittorrent = {
image = "lscr.io/linuxserver/qbittorrent:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
WEBUI_PORT = "8080";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/qbittorrent/config:/config"
"/mnt/data/downloads:/downloads"
];
};
radarr = {
image = "lscr.io/linuxserver/radarr:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/radarr/config:/config"
"/mnt/data:/data"
];
};
sonarr = {
image = "lscr.io/linuxserver/sonarr:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/sonarr/config:/config"
"/mnt/data:/data"
];
};
prowlarr = {
image = "lscr.io/linuxserver/prowlarr:latest";
autoStart = true;
extraOptions = [
"--network=container:gluetun"
];
environment = {
PUID = "1000";
PGID = "991";
TZ = "Europe/Paris";
};
volumes = [
"/mnt/data/prowlarr/config:/config"
];
};
};
};
};
users = {
groups.datausers = { };
users = {
jellyfin.extraGroups = [ "datausers" ];
};
};
services = {
jellyfin = {
enable = true;
dataDir = "/mnt/data/jellyfin";
openFirewall = true;
};
nginx.virtualHosts = {
"jellyfin.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8096";
};
};
"radarr.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:7878";
};
};
"sonarr.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8989";
};
};
};
};
};
}
Reference in a new issue View git blame Copy permalink