From 13fd35a05f40fb6facc3525439d1e960e53e42b0 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Thu, 23 Jan 2025 10:46:55 -0600 Subject: [PATCH] update containers jellyfin, ollama, and scrypted --- .../nixos/containers/jellyfin/default.nix | 28 +++++++++---------- .../nixos/containers/ollama/default.nix | 23 ++++++++------- .../nixos/containers/scrypted/default.nix | 21 +++++++------- 3 files changed, 35 insertions(+), 37 deletions(-) diff --git a/nixos/modules/nixos/containers/jellyfin/default.nix b/nixos/modules/nixos/containers/jellyfin/default.nix index f501db8..cc87864 100644 --- a/nixos/modules/nixos/containers/jellyfin/default.nix +++ b/nixos/modules/nixos/containers/jellyfin/default.nix @@ -4,24 +4,24 @@ pkgs, ... }: -with lib; -let +with lib; let app = "jellyfin"; cfg = config.mySystem.containers.${app}; group = "kah"; image = "ghcr.io/jellyfin/jellyfin:${version}"; user = "kah"; # renovate: depName=ghcr.io/jellyfin/jellyfin datasource=docker - version = "10.10.3"; + version = "10.10.4"; volumeLocation = "/nahar/containers/volumes/jellyfin"; -in -{ +in { # Options options.mySystem.containers.${app} = { enable = mkEnableOption "${app}"; - openFirewall = mkEnableOption "Open firewall for ${app}" // { - default = true; - }; + openFirewall = + mkEnableOption "Open firewall for ${app}" + // { + default = true; + }; }; # Implementation @@ -29,8 +29,8 @@ in # Systemd service for container systemd.services.${app} = { description = "Jellyfin Media Server"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; serviceConfig = { ExecStartPre = "${pkgs.writeShellScript "jellyfin-start-pre" '' @@ -46,8 +46,8 @@ in --rm \ --name=${app} \ --user="${toString config.users.users."${user}".uid}:${ - toString config.users.groups."${group}".gid - }" \ + toString config.users.groups."${group}".gid + }" \ --device='nvidia.com/gpu=all' \ --log-driver=journald \ --cidfile=/run/${app}.ctr-id \ @@ -113,10 +113,10 @@ in services.restic.backups = config.lib.mySystem.mkRestic { inherit app user; environmentFile = config.sops.secrets."restic/jellyfin/env".path; - excludePaths = [ ]; + excludePaths = []; localResticTemplate = "/eru/restic/jellyfin"; passwordFile = config.sops.secrets."restic/jellyfin/password".path; - paths = [ volumeLocation ]; + paths = [volumeLocation]; remoteResticTemplateFile = config.sops.secrets."restic/jellyfin/template".path; }; # TODO add nginx proxy diff --git a/nixos/modules/nixos/containers/ollama/default.nix b/nixos/modules/nixos/containers/ollama/default.nix index e6b297a..026ea49 100644 --- a/nixos/modules/nixos/containers/ollama/default.nix +++ b/nixos/modules/nixos/containers/ollama/default.nix @@ -4,15 +4,13 @@ pkgs, ... }: -with lib; -let +with lib; let app = "ollama"; # renovate: depName=docker.io/ollama/ollama datasource=docker - version = "0.5.5"; + version = "0.5.7"; image = "docker.io/ollama/ollama:${version}"; cfg = config.mySystem.containers.${app}; -in -{ +in { # Options options.mySystem.containers.${app} = { enable = mkEnableOption "${app}"; @@ -20,9 +18,11 @@ in # addToHomepage = mkEnableOption "Add ${app} to homepage" // { # default = true; # }; - openFirewall = mkEnableOption "Open firewall for ${app}" // { - default = true; - }; + openFirewall = + mkEnableOption "Open firewall for ${app}" + // { + default = true; + }; }; # Implementation @@ -30,8 +30,8 @@ in # Systemd service for container systemd.services.${app} = { description = "Ollama"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; serviceConfig = { ExecStartPre = "${pkgs.writeShellScript "ollama-start-pre" '' @@ -76,7 +76,7 @@ in allowedTCPPorts = [ 11434 # HTTP web interface ]; - allowedUDPPorts = [ ]; + allowedUDPPorts = []; }; # TODO add nginx proxy @@ -131,6 +131,5 @@ in # paths = [ appFolder ]; # inherit appFolder; # }; - }; } diff --git a/nixos/modules/nixos/containers/scrypted/default.nix b/nixos/modules/nixos/containers/scrypted/default.nix index a91892d..676d42e 100644 --- a/nixos/modules/nixos/containers/scrypted/default.nix +++ b/nixos/modules/nixos/containers/scrypted/default.nix @@ -4,15 +4,13 @@ pkgs, ... }: -with lib; -let +with lib; let app = "scrypted"; # renovate: depName=ghcr.io/koush/scrypted datasource=docker versioning=docker - version = "v0.123.58-jammy-nvidia"; + version = "v0.127.1-noble-nvidia"; image = "ghcr.io/koush/scrypted:${version}"; cfg = config.mySystem.containers.${app}; -in -{ +in { # Options options.mySystem.containers.${app} = { enable = mkEnableOption "${app}"; @@ -20,9 +18,11 @@ in # addToHomepage = mkEnableOption "Add ${app} to homepage" // { # default = true; # }; - openFirewall = mkEnableOption "Open firewall for ${app}" // { - default = true; - }; + openFirewall = + mkEnableOption "Open firewall for ${app}" + // { + default = true; + }; }; # Implementation @@ -30,8 +30,8 @@ in # Systemd service for container systemd.services.${app} = { description = "Scrypted Home Security"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; serviceConfig = { ExecStartPre = "${pkgs.writeShellScript "scrypted-start-pre" '' @@ -134,6 +134,5 @@ in # paths = [ appFolder ]; # inherit appFolder; # }; - }; }