sloane
/
homelab-apps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: sloane:ae2160851cf887160121d297dfb0cdcbc435d06b
Branches Tags
sloane:main
..
compare: sloane:60d59ba031eef2b5bce62f8bda695b21fb89859e
Branches Tags
sloane:main

No commits in common. "ae2160851cf887160121d297dfb0cdcbc435d06b" and "60d59ba031eef2b5bce62f8bda695b21fb89859e" have entirely different histories.
ae2160851c ... 60d59ba031

6 changed files with 34 additions and 69 deletions
Show Stats Expand all files Collapse all files

2
.envrc
View File

@ -1,2 +1,2 @@
use flake use flake
dotenv_if_exists .env dotenv .env

2
.gitignore vendored
View File

@ -1,4 +1,2 @@
.env .env
.direnv .direnv
.secrets.jsonnet

13
compose.libsonnet
View File

@ -22,14 +22,9 @@ local traefikLabels(name, host, port, extras) = toLabels({
'traefik.docker.network': 'traefik', 'traefik.docker.network': 'traefik',
} + extras); } + extras);
local mkNetwork(svc) = if std.get(svc, 'gluetun', false) then {
network_mode: 'service:gluetun',
} else {
networks: ['traefik'],
};
local mkService(name, svc) = svc { local mkService(name, svc) = svc {
container_name: name, container_name: name,
networks: ['traefik'],
volumes: toVolumes(optional(svc, 'volumes')) volumes: toVolumes(optional(svc, 'volumes'))
+ toVolumes(optional(svc, 'mounts')) + toVolumes(optional(svc, 'mounts'))
+ if std.get(svc, 'docker', false) + if std.get(svc, 'docker', false)
@ -37,7 +32,7 @@ local mkService(name, svc) = svc {
else [], else [],
labels: traefikLabels(name, std.get(svc, 'host', name), svc.webPort, optional(svc, 'traefik')), labels: traefikLabels(name, std.get(svc, 'host', name), svc.webPort, optional(svc, 'traefik')),
restart: 'always', restart: 'always',
} + mkNetwork(svc); };
local extractVolumes(cfg) = { local extractVolumes(cfg) = {
[name]: { [name]: {
@ -70,12 +65,12 @@ local mediaMounts(mounts) = {
MediaMounts:: mediaMounts, MediaMounts:: mediaMounts,
MediaService(name, tag='latest', env={}, mounts={}, webPort, ports=[], extras={}):: { MediaService(name, tag='latest', env={}, mounts={}, webPort, ports=[]):: {
image: 'lscr.io/linuxserver/%s:%s' % [name, tag], image: 'lscr.io/linuxserver/%s:%s' % [name, tag],
environment: mediaEnv + env, environment: mediaEnv + env,
volumes: { ['media_%s_config' % name]: '/config' }, volumes: { ['media_%s_config' % name]: '/config' },
mounts:: mediaMounts(mounts), mounts:: mediaMounts(mounts),
webPort:: webPort, webPort:: webPort,
ports: ports, ports: ports,
} + extras, },
} }

18
flake.lock
View File

@ -5,11 +5,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1688466019, "lastModified": 1666885127,
"narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", "narHash": "sha256-uXA/3lhLhwOTBMn9a5zJODKqaRT+SuL5cpEmOz2ULoo=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", "rev": "0e101dbae756d35a376a5e1faea532608e4a4b9a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -20,11 +20,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1690031011, "lastModified": 1667629849,
"narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=", "narHash": "sha256-P+v+nDOFWicM4wziFK9S/ajF2lc0N2Rg9p6Y35uMoZI=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "12303c652b881435065a98729eb7278313041e49", "rev": "3bacde6273b09a21a8ccfba15586fb165078fb62",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -37,11 +37,11 @@
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"dir": "lib", "dir": "lib",
"lastModified": 1688049487, "lastModified": 1665349835,
"narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", "narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1",
"type": "github" "type": "github"
}, },
"original": { "original": {

17
flake.nix
View File

@ -6,17 +6,24 @@
flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.url = "github:hercules-ci/flake-parts";
}; };
outputs = inputs@{ self, flake-parts, ... }: outputs = { self, flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit self; } {
systems = [ "x86_64-linux" "aarch64-darwin" ]; systems = [ "x86_64-linux" "aarch64-darwin" ];
perSystem = { config, self', inputs', pkgs, system, ... }: perSystem = { config, self', inputs', pkgs, system, ... }:
let let
to-docker-compose = pkgs.writeShellApplication { to-docker-compose = pkgs.writeShellApplication {
name = "to-docker-compose"; name = "to-docker-compose";
runtimeInputs = [ pkgs.go-jsonnet ]; runtimeInputs = [ pkgs.jsonnet ];
text = text =
let
vars = [ "PLEX_CLAIM" "PLEX_ADVERTISE_IP" "FIREFLY_APP_KEY" ];
varRow = var: "${var}: '\$${var}',";
in
'' ''
jsonnet services.jsonnet --tla-code-file secrets=.secrets.jsonnet jsonnet services.jsonnet \
--tla-code secrets="{
${pkgs.lib.concatMapStrings varRow vars}
}"
''; '';
}; };
remote-docker-compose = pkgs.writeShellApplication { remote-docker-compose = pkgs.writeShellApplication {
@ -34,7 +41,7 @@
{ {
devShells.default = pkgs.mkShell { devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [ buildInputs = with pkgs; [
go-jsonnet jsonnet
to-docker-compose to-docker-compose
remote-docker-compose remote-docker-compose
]; ];

51
services.jsonnet
View File

@ -7,30 +7,6 @@ local MediaMounts = compose.MediaMounts;
function(secrets={}) function(secrets={})
Compose({ Compose({
gluetun: {
image: 'qmcgaw/gluetun',
cap_add: ['NET_ADMIN'],
devices: ['/dev/net/tun:/dev/net/tun'],
environment: {
TZ: 'America/New_York',
VPN_SERVICE_PROVIDER: 'custom',
VPN_TYPE: 'wireguard',
// VPN_PORT_FORWARDING: 'on',
// VPN_PORT_FORWARDING_PROVIDER: 'protonvpn',
VPN_ENDPOINT_IP: std.get(secrets, 'VPN_ENDPOINT_IP'),
VPN_ENDPOINT_PORT: std.get(secrets, 'VPN_ENDPOINT_PORT'),
WIREGUARD_PUBLIC_KEY: std.get(secrets, 'WIREGUARD_PUBLIC_KEY'),
WIREGUARD_PRIVATE_KEY: std.get(secrets, 'WIREGUARD_PRIVATE_KEY'),
WIREGUARD_ADDRESSES: std.get(secrets, 'WIREGUARD_ADDRESSES'),
},
ports: [
Port(8888),
Port(8388),
Port(8388, kind='udp'),
],
webPort:: 8000,
volumes: { gluetun_data: '/gluetun' },
},
traefik: { traefik: {
image: 'traefik:latest', image: 'traefik:latest',
command: Command({ command: Command({
@ -43,10 +19,7 @@ function(secrets={})
}), }),
docker:: true, docker:: true,
webPort:: 8080, webPort:: 8080,
ports: [ ports: [Port(80) /* Port(443) */],
Port(80),
// Port(443),
],
traefik:: { traefik:: {
// 'traefik.http.routers.http-catchall.rule': 'hostregexp(`{host:.+}`)' // 'traefik.http.routers.http-catchall.rule': 'hostregexp(`{host:.+}`)'
// 'traefik.http.routers.http-catchall.entrypoints': 'web' // 'traefik.http.routers.http-catchall.entrypoints': 'web'
@ -66,11 +39,7 @@ function(secrets={})
env={ DELUGE_LOGLEVEL: 'error' }, env={ DELUGE_LOGLEVEL: 'error' },
mounts={ torrents: '/downloads' }, mounts={ torrents: '/downloads' },
webPort=8112, webPort=8112,
// ports=[ ports=[Port(54979), Port(54979, kind='udp')],
// Port(54979),
// Port(54979, kind='udp'),
// ],
extras={ gluetun:: true },
), ),
prowlarr: MediaService( prowlarr: MediaService(
name='prowlarr', name='prowlarr',
@ -81,7 +50,6 @@ function(secrets={})
'passport-5tb': '/passport-5tb', 'passport-5tb': '/passport-5tb',
'passport-1tb': '/passport-1tb', 'passport-1tb': '/passport-1tb',
}, },
extras={ gluetun:: true },
), ),
bazarr: MediaService( bazarr: MediaService(
name='bazarr', name='bazarr',
@ -90,7 +58,6 @@ function(secrets={})
'passport-5tb': '/passport-5tb', 'passport-5tb': '/passport-5tb',
'passport-1tb': '/passport-1tb', 'passport-1tb': '/passport-1tb',
}, },
extras={ gluetun:: true },
), ),
radarr: MediaService( radarr: MediaService(
name='radarr', name='radarr',
@ -100,7 +67,6 @@ function(secrets={})
'passport-1tb/movies': '/passport-1tb', 'passport-1tb/movies': '/passport-1tb',
torrents: '/downloads', torrents: '/downloads',
}, },
extras={ gluetun:: true },
), ),
sonarr: MediaService( sonarr: MediaService(
name='sonarr', name='sonarr',
@ -109,15 +75,14 @@ function(secrets={})
'passport-5tb/tv': '/passport-5tb', 'passport-5tb/tv': '/passport-5tb',
'passport-1tb/tv': '/passport-1tb', 'passport-1tb/tv': '/passport-1tb',
torrents: '/downloads', torrents: '/downloads',
}, }
extras={ gluetun:: true },
), ),
plex: { plex: {
image: 'plexinc/pms-docker', image: 'plexinc/pms-docker',
environment: { environment: {
TZ: 'America/New_York', TZ: 'America/New_York',
PLEX_CLAIM: std.get(secrets, 'PLEX_CLAIM'), PLEX_CLAIM: std.get(secrets, 'PLEX_CLAIM'),
// ADVERTISE_IP: std.get(secrets, 'PLEX_ADVERTISE_IP'), ADVERTISE_IP: std.get(secrets, 'PLEX_ADVERTISE_IP'),
}, },
volumes: { media_plex_config: '/config' }, volumes: { media_plex_config: '/config' },
mounts:: MediaMounts({ mounts:: MediaMounts({
@ -128,7 +93,7 @@ function(secrets={})
devices: ['/dev/dri:/dev/dri'], devices: ['/dev/dri:/dev/dri'],
webPort:: 32400, webPort:: 32400,
ports: [ ports: [
Port(32400), Port(56463, src=32400),
Port(3005), Port(3005),
Port(8324), Port(8324),
Port(32469), Port(32469),
@ -141,10 +106,10 @@ function(secrets={})
}, },
archivebox: { archivebox: {
image: 'archivebox/archivebox:dev', image: 'archivebox/archivebox:dev',
command: 'server --quick-init 0.0.0.0:8000', // command: 'server --quick-init 0.0.0.0:8000',
// TODO: hack to workaround https://github.com/ArchiveBox/ArchiveBox/issues/1002 // TODO: hack to workaround https://github.com/ArchiveBox/ArchiveBox/issues/1002
// entrypoint: '/bin/bash', entrypoint: '/bin/bash',
// command: '-c "chown -R archivebox:archivebox /app/archivebox/core/migrations && /app/bin/docker_entrypoint.sh server --quick-init 0.0.0.0:8000"', command: '-c "chown -R archivebox:archivebox /app/archivebox/core/migrations && /app/bin/docker_entrypoint.sh server --quick-init 0.0.0.0:8000"',
environment: { environment: {
ALLOWED_HOSTS: '*', ALLOWED_HOSTS: '*',
MEDIA_MAX_SIZE: '750m', MEDIA_MAX_SIZE: '750m',