jahanson/mochi
1
0
Fork 0
Code Issues 1 Pull requests 3 Projects Releases Packages Wiki Activity Actions

add plex jellyfin and scrypted

Browse source
This commit is contained in:
Joseph Hanson 2024-11-21 17:05:29 -06:00
parent cd64a74160
commit eafcd7412a
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
7 changed files with 249 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nixos/home/jahanson/global.nix
View file

@ -94,6 +94,10 @@ with config;
# nix tools # nix tools
nvd nvd
# backup tools
unstable.rclone
unstable.restic
]; ];
}; };
}; };

14
nixos/hosts/shadowfax/default.nix
View file

@ -28,7 +28,12 @@ in
swapDevices = [ ]; swapDevices = [ ];
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware = {
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
nvidia.open = true;
graphics.enable = true;
nvidia-container-toolkit.enable = true;
};
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGSFTSVPt43PBpSMSF1dGTzN2JbxztDZUml7g4+PnWe CSI-Driver@talos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGSFTSVPt43PBpSMSF1dGTzN2JbxztDZUml7g4+PnWe CSI-Driver@talos"
@ -79,6 +84,7 @@ in
}; };
services = { services = {
xserver.videoDrivers = [ "nvidia" ];
# Minecraft # Minecraft
minecraft-servers = { minecraft-servers = {
@ -137,9 +143,9 @@ in
# Containers # Containers
containers = { containers = {
plex = { plex.enable = true;
enable = true; scrypted.enable = true;
}; jellyfin.enable = true;
}; };
# System # System

2
nixos/modules/nixos/containers/default.nix
View file

@ -1,7 +1,9 @@
{ {
imports = [ imports = [
./jellyfin
./lego-auto ./lego-auto
./plex ./plex
./scrutiny ./scrutiny
./scrypted
]; ];
} }

117
nixos/modules/nixos/containers/jellyfin/default.nix Normal file
View file

@ -0,0 +1,117 @@
{
lib,
config,
...
}:
with lib;
let
app = "jellyfin";
# renovate: depName=ghcr.io/jellyfin/jellyfin datasource=docker
version = "10.10.2";
image = "ghcr.io/jellyfin/jellyfin:${version}";
port = 8096; # int
cfg = config.mySystem.containers.${app};
in
{
# Options
options.mySystem.containers.${app} = {
enable = mkEnableOption "${app}";
# TODO add to homepage
# addToHomepage = mkEnableOption "Add ${app} to homepage" // {
# default = true;
# };
openFirewall = mkEnableOption "Open firewall for ${app}" // {
default = true;
};
};
# Implementation
config = mkIf cfg.enable {
# Container
virtualisation.oci-containers.containers.${app} = {
image = "${image}";
user = "568:568";
volumes = [
"/nahar/containers/volumes/jellyfin:/config:rw"
"/moria/media:/media:rw"
"tmpfs:/cache:rw"
"tmpfs:/transcode:rw"
"tmpfs:/tmp:rw"
];
environment = {
TZ = "America/Chicago";
DOTNET_SYSTEM_IO_DISABLEFILELOCKING = "true";
JELLYFIN_FFmpeg__probesize = "50000000";
JELLYFIN_FFmpeg__analyzeduration = "50000000";
};
ports = [ "${toString port}:${toString port}" ]; # expose port
extraOptions = [
# "--runtime=nvidia"
];
};
# Firewall
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ port ];
allowedUDPPorts = [ port ];
};
# TODO add nginx proxy
# services.nginx.virtualHosts."${app}.${config.networking.domain}" = {
# useACMEHost = config.networking.domain;
# forceSSL = true;
# locations."^~ /" = {
# proxyPass = "http://${app}:${builtins.toString port}";
# extraConfig = "resolver 10.88.0.1;";
# };
# };
## TODO add to homepage
# mySystem.services.homepage.media = mkIf cfg.addToHomepage [
# {
# Plex = {
# icon = "${app}.svg";
# href = "https://${app}.${config.mySystem.domain}";
# description = "Media streaming service";
# container = "${app}";
# widget = {
# type = "tautulli";
# url = "https://tautulli.${config.mySystem.domain}";
# key = "{{HOMEPAGE_VAR_TAUTULLI__API_KEY}}";
# };
# };
# }
# ];
# TODO add gatus monitor
# mySystem.services.gatus.monitors = [
# {
# name = app;
# group = "media";
# url = "https://${app}.${config.mySystem.domain}/web/";
# interval = "1m";
# conditions = [
# "[CONNECTED] == true"
# "[STATUS] == 200"
# "[RESPONSE_TIME] < 50"
# ];
# }
# ];
# TODO add restic backup
# services.restic.backups = config.lib.mySystem.mkRestic {
# inherit app user;
# excludePaths = [ "Backups" ];
# paths = [ appFolder ];
# inherit appFolder;
# };
};
}

2
nixos/modules/nixos/containers/plex/default.nix
View file

@ -9,8 +9,6 @@ let
# renovate: depName=ghcr.io/onedr0p/plex datasource=docker versioning=loose # renovate: depName=ghcr.io/onedr0p/plex datasource=docker versioning=loose
version = "1.41.2.9200-c6bbc1b53"; version = "1.41.2.9200-c6bbc1b53";
image = "ghcr.io/onedr0p/plex:${version}"; image = "ghcr.io/onedr0p/plex:${version}";
user = "kah"; # string
group = "kah"; # string
port = 32400; # int port = 32400; # int
cfg = config.mySystem.containers.${app}; cfg = config.mySystem.containers.${app};
in in

116
nixos/modules/nixos/containers/scrypted/default.nix Normal file
View file

@ -0,0 +1,116 @@
{
lib,
config,
...
}:
with lib;
let
app = "scrypted";
# renovate: depName=ghcr.io/koush/scrypted datasource=docker versioning=docker
version = "v0.123.30-jammy-nvidia";
image = "ghcr.io/koush/scrypted:${version}";
port = 11080; # int
cfg = config.mySystem.containers.${app};
in
{
# Options
options.mySystem.containers.${app} = {
enable = mkEnableOption "${app}";
# TODO add to homepage
# addToHomepage = mkEnableOption "Add ${app} to homepage" // {
# default = true;
# };
openFirewall = mkEnableOption "Open firewall for ${app}" // {
default = true;
};
};
# Implementation
config = mkIf cfg.enable {
# Container
virtualisation.oci-containers.containers.${app} = {
image = "${image}";
volumes = [
"/nahar/containers/volumes/scrypted:/server/volume:rw"
# "/nahar/scrypted:/recordings:rw"
"tmpfs:/.cache:rw"
"tmpfs:/.npm:rw"
"tmpfs:/tmp:rw"
];
extraOptions = [
# all usb devices, such as coral tpu
"--device=/dev/bus/usb"
"--network=host"
# "--runtime=nvidia"
];
environment = {
TZ = "America/Chicago";
};
ports = [ "${toString port}:${toString port}" ]; # expose port
};
# Firewall
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ port ];
allowedUDPPorts = [ port ];
};
# TODO add nginx proxy
# services.nginx.virtualHosts."${app}.${config.networking.domain}" = {
# useACMEHost = config.networking.domain;
# forceSSL = true;
# locations."^~ /" = {
# proxyPass = "http://${app}:${builtins.toString port}";
# extraConfig = "resolver 10.88.0.1;";
# };
# };
## TODO add to homepage
# mySystem.services.homepage.media = mkIf cfg.addToHomepage [
# {
# Plex = {
# icon = "${app}.svg";
# href = "https://${app}.${config.mySystem.domain}";
# description = "Media streaming service";
# container = "${app}";
# widget = {
# type = "tautulli";
# url = "https://tautulli.${config.mySystem.domain}";
# key = "{{HOMEPAGE_VAR_TAUTULLI__API_KEY}}";
# };
# };
# }
# ];
# TODO add gatus monitor
# mySystem.services.gatus.monitors = [
# {
# name = app;
# group = "media";
# url = "https://${app}.${config.mySystem.domain}/web/";
# interval = "1m";
# conditions = [
# "[CONNECTED] == true"
# "[STATUS] == 200"
# "[RESPONSE_TIME] < 50"
# ];
# }
# ];
# TODO add restic backup
# services.restic.backups = config.lib.mySystem.mkRestic {
# inherit app user;
# excludePaths = [ "Backups" ];
# paths = [ appFolder ];
# inherit appFolder;
# };
};
}

1
nixos/profiles/role-server.nix
View file

@ -31,7 +31,6 @@ with lib;
nixos.enable = mkDefault false; nixos.enable = mkDefault false;
}; };
sound.enable = false;
hardware.pulseaudio.enable = false; hardware.pulseaudio.enable = false;
services.udisks2.enable = mkDefault false; services.udisks2.enable = mkDefault false;