jahanson/mochi
1
0
Fork 0
Code Issues 1 Pull requests 3 Projects Releases Packages Wiki Activity Actions

migrate plex container to manual systemd podman for nvidia device

Browse source
This commit is contained in:
Joseph Hanson 2024-11-23 08:46:26 -06:00
parent a2480da0b9
commit 79cbd4b1a8
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
2 changed files with 85 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
nixos/hosts/shadowfax/default.nix
View file

@ -1,19 +1,26 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, inputs, pkgs, ... }: {
config,
lib,
inputs,
pkgs,
...
}:
let let
sanoidConfig = import ./config/sanoid.nix { }; sanoidConfig = import ./config/sanoid.nix { };
disks = import ./config/disks.nix; disks = import ./config/disks.nix;
smartdDevices = map (device: { inherit device; }) disks; smartdDevices = map (device: { inherit device; }) disks;
in in
{ {
imports = imports = [
[ inputs.disko.nixosModules.disko
inputs.disko.nixosModules.disko (import ../../profiles/disko-nixos.nix {
(import ../../profiles/disko-nixos.nix { disks = [ "/dev/sda|/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_500GB_S58SNM0W406409E" ]; }) disks = [ "/dev/sda|/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_500GB_S58SNM0W406409E" ];
inputs.nix-minecraft.nixosModules.minecraft-servers })
]; inputs.nix-minecraft.nixosModules.minecraft-servers
];
boot = { boot = {
initrd = { initrd = {
@ -21,7 +28,12 @@ in
supportedFilesystems = [ "nfs" ]; supportedFilesystems = [ "nfs" ];
}; };
kernelModules = [ "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; kernelModules = [
"vfio"
"vfio_iommu_type1"
"vfio_pci"
"vfio_virqfd"
];
extraModulePackages = [ ]; extraModulePackages = [ ];
kernelParams = [ "zfs.zfs_arc_max=107374182400" ]; # 100GB kernelParams = [ "zfs.zfs_arc_max=107374182400" ]; # 100GB
}; };
@ -88,19 +100,29 @@ in
services = { services = {
xserver.videoDrivers = [ "nvidia" ]; xserver.videoDrivers = [ "nvidia" ];
# Minecraft # # Minecraft
minecraft-servers = { # minecraft-servers = {
# Me cc858467-2744-4c22-8514-86568fefd03b # # Me cc858467-2744-4c22-8514-86568fefd03b
enable = true; # enable = true;
eula = true; # eula = true;
servers.eregion = { # servers.eregion = {
enable = true; # enable = true;
package = pkgs.paper-server; # package = pkgs.fabricServers.fabric;
serverProperties = { # serverProperties = {
motd = "§6§lEregion§r §7- §6§lMinecraft§r"; # motd = "§6§lEregion§r §7- §6§lMinecraft§r";
}; # };
}; # symlinks = {
}; # mods = pkgs.linkFarmFromDrvs "mods" (
# builtins.attrValues {
# LanAnnouncer = pkgs.fetchurl {
# url = "https://cdn.modrinth.com/data/eVUWDaxc/versions/ZKZr8EfM/lanannouncer-1.0.2.jar";
# sha512 = "f2833b12a2e07390c4969ce95c5c9b759e3ddff0b9610054ff4e731a287789280b2c1b801bd08efe685da0d16daebf0562f15af2c86edd481c62f47ec21699c6";
# };
# }
# );
# };
# };
# };
# Smart daemon for monitoring disk health. # Smart daemon for monitoring disk health.
smartd = { smartd = {

68
nixos/modules/nixos/containers/plex/default.nix
View file

@ -9,7 +9,6 @@ let
# renovate: depName=ghcr.io/onedr0p/plex datasource=docker versioning=loose # renovate: depName=ghcr.io/onedr0p/plex datasource=docker versioning=loose
version = "1.41.2.9200-c6bbc1b53"; version = "1.41.2.9200-c6bbc1b53";
image = "ghcr.io/onedr0p/plex:${version}"; image = "ghcr.io/onedr0p/plex:${version}";
port = 32400; # int
cfg = config.mySystem.containers.${app}; cfg = config.mySystem.containers.${app};
in in
{ {
@ -27,35 +26,52 @@ in
# Implementation # Implementation
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Container # Systemd service for container
virtualisation.oci-containers.containers.${app} = { systemd.services.${app} = {
image = "${image}"; description = "Plex Media Server";
user = "568:568"; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
volumes = [ serviceConfig = {
"/nahar/containers/volumes/plex:/config/Library/Application Support/Plex Media Server:rw" ExecStartPre = ''
"/moria/media:/media:rw" set -o errexit
"tmpfs:/config/Library/Application Support/Plex Media Server/Logs:rw" set -o nounset
"tmpfs:/tmp:rw" set -o pipefail
];
extraOptions = [ podman rm -f ${app} || true
# "--device nvidia.com/gpu=all" rm -f /run/${app}.ctr-id
]; '';
ExecStart = ''
environment = { ${pkgs.podman}/bin/podman run \
TZ = "America/Chicago"; --rm \
PLEX_ADVERTISE_URL = "https://10.1.1.61:32400"; --name=${app} \
PLEX_NO_AUTH_NETWORKS = "10.1.1.0/24"; --device='nvidia.com/gpu=all' \
--log-driver=journald \
--cidfile=/run/${app}.ctr-id \
--cgroups=no-conmon \
--sdnotify=conmon \
--user=568:568 \
--volume="/nahar/containers/volumes/plex:/config/Library/Application Support/Plex Media Server:rw" \
--volume="/moria/media:/media:rw" \
--volume="tmpfs:/config/Library/Application Support/Plex Media Server/Logs:rw" \
--volume="tmpfs:/tmp:rw" \
--env=TZ=America/Chicago \
--env=PLEX_ADVERTISE_URL=https://10.1.1.61:32400 \
--env=PLEX_NO_AUTH_NETWORKS=10.1.1.0/24 \
-p 32400:32400 \
${image}
'';
ExecStop = "${pkgs.podman}/bin/podman stop --ignore --cidfile=/run/${app}.ctr-id";
ExecStopPost = "${pkgs.podman}/bin/podman rm --force --ignore --cidfile=/run/${app}.ctr-id";
Type = "simple";
Restart = "always";
}; };
ports = [ "${toString port}:${toString port}" ]; # expose port networking.firewall = mkIf cfg.openFirewall {
}; allowedTCPPorts = [
32400 # Primary Plex port
# Firewall ];
networking.firewall = mkIf cfg.openFirewall { };
allowedTCPPorts = [ port ];
allowedUDPPorts = [ port ];
}; };
# TODO add nginx proxy # TODO add nginx proxy