setup new host + migrate containers to it

2023-10-30 16:39:05 +08:00 · 2023-10-30 16:39:05 +08:00 · 0949fbc9c7
commit 0949fbc9c7
parent 804423319f
12 changed files with 8 additions and 15 deletions
--- a/nixos/viridian/containers/default.nix
+++ b/nixos/viridian/containers/default.nix
@ -0,0 +1,19 @@
+{ ... }:
+
+{
+  # Import our containers.
+  imports = [
+    ./homepage
+    ./pihole
+    ./sonarr
+    ./radarr
+    ./prowlarr
+    ./recyclarr
+    ./qbittorrent
+    ./minecraft
+    ./traefik
+  ];
+
+  # Set docker as container implementation.
+  virtualisation.oci-containers.backend = "docker";
+}
--- a/nixos/viridian/containers/homepage/default.nix
+++ b/nixos/viridian/containers/homepage/default.nix
@ -0,0 +1,15 @@
+{ ... }:
+
+{
+  # Homepage
+  virtualisation.oci-containers.containers."homepage" = {
+    autoStart = true;
+    image = "ghcr.io/benphelps/homepage:latest";
+    volumes = [
+      "/srv/containers/homepage:/app/config"
+      "/srv/data:/srv/data:ro"
+      "/var/run/docker.sock:/var/run/docker.sock" # pass local proxy
+    ];
+    extraOptions = ["--network=host"];
+  };
+}
--- a/nixos/viridian/containers/minecraft/default.nix
+++ b/nixos/viridian/containers/minecraft/default.nix
@ -0,0 +1,16 @@
+{ ... }:
+
+{
+  # Minecraft
+  virtualisation.oci-containers.containers."minecraft" = {
+    autoStart = true;
+    image = "marctv/minecraft-papermc-server:latest";
+    volumes = [
+      "/srv/containers/minecraft:/data"
+    ];
+    ports = [ "25565:25565" ];
+    environment = {
+      MEMORYSIZE = "1G";
+    };
+  };
+}
--- a/nixos/viridian/containers/pihole/default.nix
+++ b/nixos/viridian/containers/pihole/default.nix
@ -0,0 +1,24 @@
+{ ... }:
+
+{
+  # Pi-hole
+  virtualisation.oci-containers.containers."pihole" = {
+    autoStart = true;
+    image = "pihole/pihole:latest";
+    volumes = [
+      "/srv/containers/pihole/etc-pihole:/etc/pihole"
+      "/srv/containers/pihole/etc-dnsmasq.d:/etc/dnsmasq.d"
+      "/srv/containers/pihole/secrets:/secrets"
+    ];
+    ports = [ 
+      "192.168.1.100:53:53/tcp"   # pihole-FTL (DNS)
+      "192.168.1.100:53:53/udp"   # pihole-FTL (DNS)
+      "192.168.1.100:8181:80/tcp" # lighttpd   (HTTP)
+    ];
+    environment = {
+      WEBPASSWORD_FILE = "/secrets/admin-password";
+      DNSMASQ_LISTENING = "all";
+    };
+  };
+}
+
--- a/nixos/viridian/containers/prowlarr/default.nix
+++ b/nixos/viridian/containers/prowlarr/default.nix
@ -0,0 +1,15 @@
+{ ... }:
+
+{
+  # Prowlarr
+  virtualisation.oci-containers.containers."prowlarr" = {
+    autoStart = true;
+    image = "cr.hotio.dev/hotio/prowlarr";
+    volumes = [
+      "/srv/containers/prowlarr:/config"
+      "/srv/data:/data"
+    ];
+    ports = [ "9696:9696" ];
+    extraOptions = ["--network=media-stack"];
+  };
+}
--- a/nixos/viridian/containers/qbittorrent/default.nix
+++ b/nixos/viridian/containers/qbittorrent/default.nix
@ -0,0 +1,18 @@
+{ ... }:
+
+{
+  # Qbittorrent
+  virtualisation.oci-containers.containers."qbittorrent" = {
+    autoStart = true;
+    image = "cr.hotio.dev/hotio/qbittorrent:release";
+    volumes = [
+      "/srv/containers/qbittorrent:/config"
+      "/srv/data/torrents:/data/torrents"
+    ];
+    ports = [ 
+      "8383:8080"
+      "32372:32372"
+    ];
+    extraOptions = ["--network=media-stack"];
+  };
+}
--- a/nixos/viridian/containers/radarr/default.nix
+++ b/nixos/viridian/containers/radarr/default.nix
@ -0,0 +1,15 @@
+{ ... }:
+
+{
+  # Radarr
+  virtualisation.oci-containers.containers."radarr" = {
+    autoStart = true;
+    image = "cr.hotio.dev/hotio/radarr";
+    volumes = [
+      "/srv/containers/radarr:/config"
+      "/srv/data:/data"
+    ];
+    ports = [ "7878:7878" ];
+    extraOptions = ["--network=media-stack"];
+  };
+}
--- a/nixos/viridian/containers/recyclarr/default.nix
+++ b/nixos/viridian/containers/recyclarr/default.nix
@ -0,0 +1,13 @@
+{ ... }:
+
+{
+  # Recyclarr
+  virtualisation.oci-containers.containers."recyclarr" = {
+    autoStart = true;
+    image = "ghcr.io/recyclarr/recyclarr:latest";
+    volumes = [
+      "/srv/containers/recyclarr:/config"
+    ];
+    extraOptions = ["--network=media-stack"];
+  };
+}
--- a/nixos/viridian/containers/sonarr/default.nix
+++ b/nixos/viridian/containers/sonarr/default.nix
@ -0,0 +1,15 @@
+{ ... }:
+
+{
+  # Sonarr
+  virtualisation.oci-containers.containers."sonarr" = {
+    autoStart = true;
+    image = "cr.hotio.dev/hotio/sonarr:v4";
+    volumes = [
+      "/srv/containers/sonarr:/config"
+      "/srv/data:/data"
+    ];
+    ports = [ "8989:8989" ];
+    extraOptions = ["--network=media-stack"];
+  };
+}
--- a/nixos/viridian/containers/traefik/default.nix
+++ b/nixos/viridian/containers/traefik/default.nix
@ -0,0 +1,20 @@
+{ ... }:
+
+{
+  # Traefik
+  virtualisation.oci-containers.containers."traefik" = {
+    autoStart = true;
+    image = "traefik:v2.10";
+    volumes = [
+      "/srv/containers/traefik/traefik.yaml:/etc/traefik/traefik.yaml"
+      "/srv/containers/traefik/config:/config"
+      "/srv/containers/traefik/letsencrypt:/letsencrypt"
+      "/srv/containers/traefik/secrets:/secrets"
+    ];
+    environment = {
+      CF_API_EMAIL_FILE = "/secrets/cf-api-email";
+      CF_API_KEY_FILE = "/secrets/cf-api-key";
+    };
+    extraOptions = ["--network=host"];
+  };
+}