update containers

jellyfin, ollama, and scrypted
2025-01-23 10:46:55 -06:00 · 2025-01-23 10:46:55 -06:00 · 13fd35a05f
commit 13fd35a05f
parent eed4e314a3
3 changed files with 35 additions and 37 deletions
--- a/nixos/modules/nixos/containers/jellyfin/default.nix
+++ b/nixos/modules/nixos/containers/jellyfin/default.nix
@ -4,24 +4,24 @@
  pkgs,
  ...
 }:
-with lib;
+with lib; let
 let
  app = "jellyfin";
  cfg = config.mySystem.containers.${app};
  group = "kah";
  image = "ghcr.io/jellyfin/jellyfin:${version}";
  user = "kah";
  # renovate: depName=ghcr.io/jellyfin/jellyfin datasource=docker
-  version = "10.10.3";
+  version = "10.10.4";
  volumeLocation = "/nahar/containers/volumes/jellyfin";
-in
+in {
 {
  # Options
  options.mySystem.containers.${app} = {
    enable = mkEnableOption "${app}";
-    openFirewall = mkEnableOption "Open firewall for ${app}" // {
+    openFirewall =
-      default = true;
+      mkEnableOption "Open firewall for ${app}"
-    };
+      // {
        default = true;
      };
  };
  # Implementation
@ -29,8 +29,8 @@ in
    # Systemd service for container
    systemd.services.${app} = {
      description = "Jellyfin Media Server";
-      wantedBy = [ "multi-user.target" ];
+      wantedBy = ["multi-user.target"];
-      after = [ "network.target" ];
+      after = ["network.target"];
      serviceConfig = {
        ExecStartPre = "${pkgs.writeShellScript "jellyfin-start-pre" ''
@ -46,8 +46,8 @@ in
            --rm \
            --name=${app} \
            --user="${toString config.users.users."${user}".uid}:${
-              toString config.users.groups."${group}".gid
+            toString config.users.groups."${group}".gid
-            }" \
+          }" \
            --device='nvidia.com/gpu=all' \
            --log-driver=journald \
            --cidfile=/run/${app}.ctr-id \
@ -113,10 +113,10 @@ in
    services.restic.backups = config.lib.mySystem.mkRestic {
      inherit app user;
      environmentFile = config.sops.secrets."restic/jellyfin/env".path;
-      excludePaths = [ ];
+      excludePaths = [];
      localResticTemplate = "/eru/restic/jellyfin";
      passwordFile = config.sops.secrets."restic/jellyfin/password".path;
-      paths = [ volumeLocation ];
+      paths = [volumeLocation];
      remoteResticTemplateFile = config.sops.secrets."restic/jellyfin/template".path;
    };
    # TODO add nginx proxy
--- a/nixos/modules/nixos/containers/ollama/default.nix
+++ b/nixos/modules/nixos/containers/ollama/default.nix
@ -4,15 +4,13 @@
  pkgs,
  ...
 }:
-with lib;
+with lib; let
 let
  app = "ollama";
  # renovate: depName=docker.io/ollama/ollama datasource=docker
-  version = "0.5.5";
+  version = "0.5.7";
  image = "docker.io/ollama/ollama:${version}";
  cfg = config.mySystem.containers.${app};
-in
+in {
 {
  # Options
  options.mySystem.containers.${app} = {
    enable = mkEnableOption "${app}";
@ -20,9 +18,11 @@ in
    # addToHomepage = mkEnableOption "Add ${app} to homepage" // {
    #   default = true;
    # };
-    openFirewall = mkEnableOption "Open firewall for ${app}" // {
+    openFirewall =
-      default = true;
+      mkEnableOption "Open firewall for ${app}"
-    };
+      // {
        default = true;
      };
  };
  # Implementation
@ -30,8 +30,8 @@ in
    # Systemd service for container
    systemd.services.${app} = {
      description = "Ollama";
-      wantedBy = [ "multi-user.target" ];
+      wantedBy = ["multi-user.target"];
-      after = [ "network.target" ];
+      after = ["network.target"];
      serviceConfig = {
        ExecStartPre = "${pkgs.writeShellScript "ollama-start-pre" ''
@ -76,7 +76,7 @@ in
      allowedTCPPorts = [
        11434 # HTTP web interface
      ];
-      allowedUDPPorts = [ ];
+      allowedUDPPorts = [];
    };
    # TODO add nginx proxy
@ -131,6 +131,5 @@ in
    #   paths = [ appFolder ];
    #   inherit appFolder;
    # };
  };
 }
--- a/nixos/modules/nixos/containers/scrypted/default.nix
+++ b/nixos/modules/nixos/containers/scrypted/default.nix
@ -4,15 +4,13 @@
  pkgs,
  ...
 }:
-with lib;
+with lib; let
 let
  app = "scrypted";
  # renovate: depName=ghcr.io/koush/scrypted datasource=docker versioning=docker
-  version = "v0.123.58-jammy-nvidia";
+  version = "v0.127.1-noble-nvidia";
  image = "ghcr.io/koush/scrypted:${version}";
  cfg = config.mySystem.containers.${app};
-in
+in {
 {
  # Options
  options.mySystem.containers.${app} = {
    enable = mkEnableOption "${app}";
@ -20,9 +18,11 @@ in
    # addToHomepage = mkEnableOption "Add ${app} to homepage" // {
    #   default = true;
    # };
-    openFirewall = mkEnableOption "Open firewall for ${app}" // {
+    openFirewall =
-      default = true;
+      mkEnableOption "Open firewall for ${app}"
-    };
+      // {
        default = true;
      };
  };
  # Implementation
@ -30,8 +30,8 @@ in
    # Systemd service for container
    systemd.services.${app} = {
      description = "Scrypted Home Security";
-      wantedBy = [ "multi-user.target" ];
+      wantedBy = ["multi-user.target"];
-      after = [ "network.target" ];
+      after = ["network.target"];
      serviceConfig = {
        ExecStartPre = "${pkgs.writeShellScript "scrypted-start-pre" ''
@ -134,6 +134,5 @@ in
    #   paths = [ appFolder ];
    #   inherit appFolder;
    # };
  };
 }