jahanson/mochi
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

better as inherit

Browse source
This commit is contained in:
Joseph Hanson 2025-01-23 10:52:50 -06:00
parent 13fd35a05f
commit 0c778e5994
2 changed files with 19 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
nixos/modules/nixos/containers/jellyfin/default.nix
View file

@ -90,21 +90,21 @@ in {
sops.secrets = { sops.secrets = {
"restic/jellyfin/env" = { "restic/jellyfin/env" = {
inherit group;
sopsFile = ./secrets.sops.yaml; sopsFile = ./secrets.sops.yaml;
owner = user; owner = user;
group = group;
mode = "0400"; mode = "0400";
}; };
"restic/jellyfin/password" = { "restic/jellyfin/password" = {
inherit group;
sopsFile = ./secrets.sops.yaml; sopsFile = ./secrets.sops.yaml;
owner = user; owner = user;
group = group;
mode = "0400"; mode = "0400";
}; };
"restic/jellyfin/template" = { "restic/jellyfin/template" = {
inherit group;
sopsFile = ./secrets.sops.yaml; sopsFile = ./secrets.sops.yaml;
owner = user; owner = user;
group = group;
mode = "0400"; mode = "0400";
}; };
}; };

25
nixos/modules/nixos/containers/plex/default.nix
View file

@ -4,8 +4,7 @@
pkgs, pkgs,
... ...
}: }:
with lib; with lib; let
let
app = "plex"; app = "plex";
cfg = config.mySystem.containers.${app}; cfg = config.mySystem.containers.${app};
group = "kah"; group = "kah";
@ -14,12 +13,13 @@ let
# renovate: depName=ghcr.io/onedr0p/plex datasource=docker versioning=loose # renovate: depName=ghcr.io/onedr0p/plex datasource=docker versioning=loose
version = "1.41.3.9314-a0bfb8370"; version = "1.41.3.9314-a0bfb8370";
volumeLocation = "/nahar/containers/volumes/plex"; volumeLocation = "/nahar/containers/volumes/plex";
in in {
{
# Options # Options
options.mySystem.containers.${app} = { options.mySystem.containers.${app} = {
enable = mkEnableOption "${app}"; enable = mkEnableOption "${app}";
openFirewall = mkEnableOption "Open firewall for ${app}" // { openFirewall =
mkEnableOption "Open firewall for ${app}"
// {
default = true; default = true;
}; };
}; };
@ -29,8 +29,8 @@ in
# Systemd service for container # Systemd service for container
systemd.services.${app} = { systemd.services.${app} = {
description = "Plex Media Server"; description = "Plex Media Server";
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
after = [ "network.target" ]; after = ["network.target"];
serviceConfig = { serviceConfig = {
ExecStartPre = "${pkgs.writeShellScript "plex-start-pre" '' ExecStartPre = "${pkgs.writeShellScript "plex-start-pre" ''
@ -82,21 +82,21 @@ in
sops.secrets = { sops.secrets = {
"restic/plex/env" = { "restic/plex/env" = {
inherit group;
sopsFile = ./secrets.sops.yaml; sopsFile = ./secrets.sops.yaml;
owner = user; owner = user;
group = group;
mode = "0400"; mode = "0400";
}; };
"restic/plex/password" = { "restic/plex/password" = {
inherit group;
sopsFile = ./secrets.sops.yaml; sopsFile = ./secrets.sops.yaml;
owner = user; owner = user;
group = group;
mode = "0400"; mode = "0400";
}; };
"restic/plex/template" = { "restic/plex/template" = {
inherit group;
sopsFile = ./secrets.sops.yaml; sopsFile = ./secrets.sops.yaml;
owner = user; owner = user;
group = group;
mode = "0400"; mode = "0400";
}; };
}; };
@ -105,10 +105,10 @@ in
services.restic.backups = config.lib.mySystem.mkRestic { services.restic.backups = config.lib.mySystem.mkRestic {
inherit app user; inherit app user;
environmentFile = config.sops.secrets."restic/plex/env".path; environmentFile = config.sops.secrets."restic/plex/env".path;
excludePaths = [ "${volumeLocation}/Library/Application Support/Plex Media Server/Cache" ]; excludePaths = ["${volumeLocation}/Library/Application Support/Plex Media Server/Cache"];
localResticTemplate = "/eru/restic/plex"; localResticTemplate = "/eru/restic/plex";
passwordFile = config.sops.secrets."restic/plex/password".path; passwordFile = config.sops.secrets."restic/plex/password".path;
paths = [ "${volumeLocation}/Library" ]; paths = ["${volumeLocation}/Library"];
remoteResticTemplateFile = config.sops.secrets."restic/plex/template".path; remoteResticTemplateFile = config.sops.secrets."restic/plex/template".path;
}; };
@ -156,6 +156,5 @@ in
# ]; # ];
# } # }
# ]; # ];
}; };
} }