diff --git a/.envrc b/.envrc index 3550a30..f2b0f16 100644 --- a/.envrc +++ b/.envrc @@ -1 +1,2 @@ use flake +dotenv .env diff --git a/.gitignore b/.gitignore index 00c1844..b016d04 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -.direnv/ \ No newline at end of file +.env +.direnv diff --git a/compose.libsonnet b/compose.libsonnet index b63f4c3..e503e42 100644 --- a/compose.libsonnet +++ b/compose.libsonnet @@ -35,7 +35,10 @@ local mkService(name, svc) = svc { }; local extractVolumes(cfg) = { - [name]: { external: true } + [name]: { + // this is very ugly, a data driven approach would be better but very verbose + external: std.length(std.findSubstr('_', name)) >= 2, + } for name in std.flattenArrays([ std.objectFields(optional(svc, 'volumes')) for svc in std.objectValues(cfg) @@ -65,7 +68,7 @@ local mediaMounts(mounts) = { MediaService(name, tag='latest', env={}, mounts={}, webPort, ports=[]):: { image: 'lscr.io/linuxserver/%s:%s' % [name, tag], environment: mediaEnv + env, - volumes: { ['%s_config' % name]: '/config' }, + volumes: { ['media_%s_config' % name]: '/config' }, mounts:: mediaMounts(mounts), webPort:: webPort, ports: ports, diff --git a/flake.nix b/flake.nix index 77b4a24..0f183d6 100644 --- a/flake.nix +++ b/flake.nix @@ -14,13 +14,17 @@ to-docker-compose = pkgs.writeShellApplication { name = "to-docker-compose"; runtimeInputs = [ pkgs.jsonnet ]; - text = '' - jsonnet services.jsonnet \ - --tla-code secrets="{ - PLEX_CLAIM: '$PLEX_CLAIM', - ADVERTISE_IP: '$ADVERTISE_IP', - }" - ''; + text = + let + vars = [ "PLEX_CLAIM" "PLEX_ADVERTISE_IP" "FIREFLY_APP_KEY" ]; + varRow = var: "${var}: '\$${var}'"; + in + '' + jsonnet services.jsonnet \ + --tla-code secrets="{ + ${pkgs.lib.concatMapStrings varRow vars} + }" + ''; }; in { diff --git a/services.jsonnet b/services.jsonnet index cbc45d2..15868d0 100644 --- a/services.jsonnet +++ b/services.jsonnet @@ -18,8 +18,8 @@ function(secrets={}) // 'entrypoints.websecure.address': ':443', }), docker:: true, - webPort:: 80, - ports: [Port(80), /* Port(443), */ Port(8080)], + webPort:: 8080, + ports: [Port(80) /* Port(443) */], traefik:: { // 'traefik.http.routers.http-catchall.rule': 'hostregexp(`{host:.+}`)' // 'traefik.http.routers.http-catchall.entrypoints': 'web' @@ -30,7 +30,7 @@ function(secrets={}) portainer: { image: 'portainer/portainer-ce:latest', docker:: true, - volumes: { portainer_data: '/data' }, + volumes: { portainer_portainer_data: '/data' }, webPort:: 9000, ports: [Port(9443)], }, @@ -82,9 +82,9 @@ function(secrets={}) environment: { TZ: 'America/New_York', PLEX_CLAIM: std.get(secrets, 'PLEX_CLAIM'), - ADVERTISE_IP: std.get(secrets, 'ADVERTISE_IP'), + ADVERTISE_IP: std.get(secrets, 'PLEX_ADVERTISE_IP'), }, - volumes: { plex_config: '/config' }, + volumes: { media_plex_config: '/config' }, mounts:: MediaMounts({ 'torrents/plex-transcode': '/transcode', 'passport-5tb': '/passport-5tb', @@ -106,7 +106,10 @@ function(secrets={}) }, archivebox: { image: 'archivebox/archivebox:dev', - command: 'server --quick-init 0.0.0.0:8000', + // command: 'server --quick-init 0.0.0.0:8000', + // TODO: hack to workaround https://github.com/ArchiveBox/ArchiveBox/issues/1002 + entrypoint: '/bin/bash', + command: '-c "chown -R archivebox:archivebox /app/archivebox/core/migrations && /app/bin/docker_entrypoint.sh server --quick-init 0.0.0.0:8000"', environment: { ALLOWED_HOSTS: '*', MEDIA_MAX_SIZE: '750m', @@ -116,4 +119,20 @@ function(secrets={}) webPort:: 8000, host:: 'archive', }, + firefly: { + image: 'fireflyiii/core:latest', + environment: { + DB_CONNECTION: 'sqlite', + APP_DEBUG: true, + SITE_OWNER: 'mat@mat.services', + APP_KEY: std.get(secrets, 'FIREFLY_APP_KEY'), + TZ: 'America/New_York', + TRUSTED_PROXIES: '**', + }, + volumes: { + firefly_data: '/storage', + firefly_uploads: '/var/www/html/storage/upload', + }, + webPort:: 8080, + }, })