From c2004c61c73ef46228620c27122fd2778f1e63c2 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Thu, 20 Feb 2025 11:31:20 -0600 Subject: [PATCH] add jellyseerr to containers --- nixos/hosts/shadowfax/default.nix | 2 + nixos/modules/nixos/containers/default.nix | 1 + .../nixos/containers/jellyseerr/default.nix | 86 +++++++++++++++++++ 3 files changed, 89 insertions(+) create mode 100644 nixos/modules/nixos/containers/jellyseerr/default.nix diff --git a/nixos/hosts/shadowfax/default.nix b/nixos/hosts/shadowfax/default.nix index ba4665e..84823a5 100644 --- a/nixos/hosts/shadowfax/default.nix +++ b/nixos/hosts/shadowfax/default.nix @@ -251,6 +251,7 @@ in { # Containers containers = { jellyfin.enable = true; + jellyseerr.enable = true; ollama.enable = true; plex.enable = true; scrypted.enable = true; @@ -388,6 +389,7 @@ in { hardening = true; openFirewall = true; }; + # Unpackerr unpackerr = { enable = true; package = pkgs.unstable.unpackerr; diff --git a/nixos/modules/nixos/containers/default.nix b/nixos/modules/nixos/containers/default.nix index 77fce25..79ab69e 100644 --- a/nixos/modules/nixos/containers/default.nix +++ b/nixos/modules/nixos/containers/default.nix @@ -1,6 +1,7 @@ { imports = [ ./jellyfin + ./jellyseerr ./ollama ./plex ./scrutiny diff --git a/nixos/modules/nixos/containers/jellyseerr/default.nix b/nixos/modules/nixos/containers/jellyseerr/default.nix new file mode 100644 index 0000000..edc67c1 --- /dev/null +++ b/nixos/modules/nixos/containers/jellyseerr/default.nix @@ -0,0 +1,86 @@ +{ + lib, + config, + pkgs, + ... +}: +with lib; let + app = "jellyseerr"; + cfg = config.mySystem.containers.${app}; + group = "kah"; + image = "ghcr.io/fallenbagel/jellyseerr:${version}"; + user = "jellyseerr"; + # renovate: depName=ghcr.io/fallenbagel/jellyseerr datasource=docker + version = "2.3.0"; + volumeLocation = "/nahar/containers/volumes/jellyseerr"; +in { + # Options + options.mySystem.containers.${app} = { + enable = mkEnableOption "${app}"; + openFirewall = + mkEnableOption "Open firewall for ${app}" + // { + default = true; + }; + }; + + # Implementation + config = mkIf cfg.enable { + # User configuration + users = mkIf (user == "jellyseerr") { + users.jellyseerr = { + inherit group; + isSystemUser = true; + }; + }; + + # Systemd service for container + systemd.services.${app} = { + description = "Jellyseerr media request and discovery manager for Jellyfin"; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; + + serviceConfig = { + ExecStartPre = "${pkgs.writeShellScript "jellyseerr-start-pre" '' + set -o errexit + set -o nounset + set -o pipefail + + ${pkgs.podman}/bin/podman rm -f ${app} || true + rm -f /run/${app}.ctr-id + ''}"; + ExecStart = '' + ${pkgs.podman}/bin/podman run \ + --rm \ + --name=${app} \ + --user="${toString config.users.users."${user}".uid}:${ + toString config.users.groups."${group}".gid + }" \ + --log-driver=journald \ + --cidfile=/run/${app}.ctr-id \ + --cgroups=no-conmon \ + --sdnotify=conmon \ + --volume="${volumeLocation}:/app/config:rw" \ + --volume="/moria/media:/media:rw" \ + --volume="tmpfs:/cache:rw" \ + --volume="tmpfs:/transcode:rw" \ + --volume="tmpfs:/tmp:rw" \ + --env=TZ=America/Chicago \ + -p 5055:5055 \ + ${image} + ''; + ExecStop = "${pkgs.podman}/bin/podman stop --ignore --cidfile=/run/${app}.ctr-id"; + ExecStopPost = "${pkgs.podman}/bin/podman rm --force --ignore --cidfile=/run/${app}.ctr-id"; + Type = "simple"; + Restart = "always"; + }; + }; + + # Firewall + networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = [ + 5055 # HTTP web interface + ]; + }; + }; +}