diff --git a/hosts/franz/arion/dashboard/arion-compose.nix b/hosts/franz/arion/dashboard/arion-compose.nix index d3a3ea9..ee9bcbf 100644 --- a/hosts/franz/arion/dashboard/arion-compose.nix +++ b/hosts/franz/arion/dashboard/arion-compose.nix @@ -8,7 +8,7 @@ services = { homarr.service = { - image = "ghcr.io/ajnart/homarr:latest"; + image = "ghcr.io/ajnart/homarr:0.15.2"; container_name = "homarr"; labels = { "traefik.enable" = "true"; @@ -18,8 +18,9 @@ "traefik.http.routers.homarr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/dashboard/homarr_data:/app/data/configs" - "/drives/hdd/docker/dashboard/homarr_icons:/app/public/imgs" + "/storage/dataset/docker/dashboard/homarr_data:/data" + "/storage/dataset/docker/dashboard/homarr_config:/app/data/configs" + "/storage/dataset/docker/dashboard/homarr_icons:/app/public/imgs" ]; restart = "always"; networks = [ diff --git a/hosts/franz/arion/dns/arion-compose.nix b/hosts/franz/arion/dns/arion-compose.nix index 0c7b0c6..77daf15 100644 --- a/hosts/franz/arion/dns/arion-compose.nix +++ b/hosts/franz/arion/dns/arion-compose.nix @@ -20,7 +20,7 @@ services = { pihole.service = { - image = "pihole/pihole:latest"; + image = "pihole/pihole:2024.03.1"; container_name = "pihole"; hostname = "pihole"; environment = { @@ -30,8 +30,8 @@ VIRTUAL_HOST = "pihole.ghoscht.com"; }; volumes = [ - "/drives/hdd/docker/dns/pihole_data:/etc/pihole" - "/drives/hdd/docker/dns/pihole_dnsmasq:/etc/dnsmasq.d" + "/storage/dataset/docker/dns/pihole_data:/etc/pihole" + "/storage/dataset/docker/dns/pihole_dnsmasq:/etc/dnsmasq.d" ]; labels = { "traefik.enable" = "true"; @@ -62,11 +62,11 @@ ]; }; unbound.service = { - image = "mvance/unbound:latest"; + image = "mvance/unbound:1.19.3"; container_name = "unbound"; useHostStore = true; volumes = [ - "/drives/hdd/docker/dns/unbound_data:/opt/unbound/etc/unbound" + "/storage/dataset/docker/dns/unbound_data:/opt/unbound/etc/unbound" ]; restart = "always"; networks = { diff --git a/hosts/franz/arion/feed/arion-compose.nix b/hosts/franz/arion/feed/arion-compose.nix index 99c69a1..5123e3c 100644 --- a/hosts/franz/arion/feed/arion-compose.nix +++ b/hosts/franz/arion/feed/arion-compose.nix @@ -10,7 +10,7 @@ services = { ttrss.service = { - image = "wangqiru/ttrss:latest"; + image = "wangqiru/ttrss:latest-2024-02-28"; container_name = "ttrss"; ports = [ "181:80" @@ -33,7 +33,7 @@ feed-db.service = { image = "postgres:13-alpine"; volumes = [ - "/drives/hdd/docker/feed/ttrss_db:/var/lib/postgresql/data" + "/storage/dataset/docker/feed/ttrss_db:/var/lib/postgresql/data" ]; env_file = [ "/home/ghoscht/.docker/feed/ttrss.env" diff --git a/hosts/franz/arion/git/arion-compose.nix b/hosts/franz/arion/git/arion-compose.nix index 5f81e5c..d450d92 100644 --- a/hosts/franz/arion/git/arion-compose.nix +++ b/hosts/franz/arion/git/arion-compose.nix @@ -10,7 +10,7 @@ services = { forgejo.service = { - image = "codeberg.org/forgejo/forgejo:1.21.6-0"; + image = "codeberg.org/forgejo/forgejo:1.21.8-0"; container_name = "forgejo"; useHostStore = true; labels = { @@ -23,7 +23,7 @@ "traefik.http.routers.forgejo.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/git/forgejo_data:/data" + "/storage/dataset/docker/git/forgejo_data:/data" "/etc/localtime:/etc/localtime:ro" ]; ports = [ @@ -50,7 +50,9 @@ env_file = [ "/home/ghoscht/.docker/git/forgejo-db.env" ]; - volumes = ["/drives/hdd/docker/git/forgejo_db:/var/lib/postgresql/data"]; + volumes = [ + "/storage/dataset/docker/git/forgejo_db:/var/lib/postgresql/data" + ]; restart = "unless-stopped"; networks = [ "transport" diff --git a/hosts/franz/arion/infrastructure/arion-compose.nix b/hosts/franz/arion/infrastructure/arion-compose.nix index 03ca279..abe29fa 100644 --- a/hosts/franz/arion/infrastructure/arion-compose.nix +++ b/hosts/franz/arion/infrastructure/arion-compose.nix @@ -14,7 +14,7 @@ services = { traefik.service = { - image = "traefik"; + image = "traefik:v3.0"; container_name = "traefik"; useHostStore = true; ports = [ @@ -45,7 +45,7 @@ ]; }; cloudflared.service = { - image = "cloudflare/cloudflared:latest"; + image = "cloudflare/cloudflared:2024.2.1"; container_name = "cloudflared"; env_file = [ "/home/ghoscht/.docker/infrastructure/cloudflared.env" @@ -58,7 +58,7 @@ ]; }; scrutiny.service = { - image = "ghcr.io/analogj/scrutiny:master-omnibus"; + image = "ghcr.io/analogj/scrutiny:v0.8.0-omnibus"; container_name = "scrutiny"; restart = "always"; labels = { @@ -71,6 +71,7 @@ }; capabilities = { SYS_RAWIO = true; + SYS_ADMIN = true; #enables nvme support }; volumes = [ "/run/udev:/run/udev:ro" @@ -78,8 +79,13 @@ "scrutiny_db:/opt/scrutiny/influxdb" ]; devices = [ - "/dev/sda" "/dev/nvme0n1" + "/dev/sda" + "/dev/sdb" + "/dev/sdc" + "/dev/sdd" + "/dev/sde" + "/dev/sdf" ]; networks = [ "dmz" diff --git a/hosts/franz/arion/media/arion-compose.nix b/hosts/franz/arion/media/arion-compose.nix index 99ea0c1..bfb8882 100644 --- a/hosts/franz/arion/media/arion-compose.nix +++ b/hosts/franz/arion/media/arion-compose.nix @@ -12,7 +12,7 @@ services = { jellyfin.service = { - image = "jellyfin/jellyfin:latest"; + image = "jellyfin/jellyfin:2024032802"; container_name = "jellyfin"; ports = [ "8096:8096" @@ -28,10 +28,10 @@ }; volumes = [ "jellyfin_cache:/cache" - "/drives/hdd/docker/media/jellyfin_data:/config" - "/drives/hdd/data/media/tv:/tv" - "/drives/hdd/data/media/anime:/anime" - "/drives/hdd/data/media/movies:/movies" + "/storage/dataset/docker/media/jellyfin_data:/config" + "/storage/dataset/data/media/tv:/tv" + "/storage/dataset/data/media/anime:/anime" + "/storage/dataset/data/media/movies:/movies" ]; environment = { PUID = 1000; @@ -45,7 +45,7 @@ ]; }; navidrome.service = { - image = "deluan/navidrome:latest"; + image = "deluan/navidrome:0.51.1"; container_name = "navidrome"; labels = { "traefik.enable" = "true"; @@ -56,8 +56,8 @@ "traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/navidrome_data:/data" - "/drives/hdd/data/media/music:/music" + "/storage/dataset/docker/media/navidrome_data:/data" + "/storage/dataset/data/media/music:/music" ]; environment = { ND_SESSIONTIMEOUT = "336h"; @@ -71,8 +71,29 @@ "dmz" ]; }; + kavita.service = { + image = "jvmilazz0/kavita:0.7.14"; + container_name = "kavita"; + labels = { + "traefik.enable" = "true"; + "traefik.http.routers.kavita.entrypoints" = "websecure"; + "traefik.http.routers.kavita.rule" = "Host(`kavita.ghoscht.com`)"; + "traefik.http.services.kavita.loadbalancer.server.port" = "5000"; + "traefik.http.routers.kavita.tls" = "true"; + "traefik.http.routers.kavita.tls.certresolver" = "letsencrypt"; + }; + volumes = [ + "/storage/dataset/docker/media/kavita_data:/kavita/config" + "/storage/dataset/data/media/manga:/manga" + ]; + dns = ["1.1.1.1"]; + restart = "always"; + networks = [ + "dmz" + ]; + }; vpn.service = { - image = "haugene/transmission-openvpn"; + image = "haugene/transmission-openvpn:5.3.1"; container_name = "transmission"; labels = { "traefik.enable" = "true"; @@ -84,8 +105,8 @@ "traefik.http.routers.transmission.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/transmission_data:/config" - "/drives/hdd/data/:/data" + "/storage/dataset/docker/media/transmission_data:/config" + "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; @@ -113,7 +134,7 @@ ]; }; prowlarr.service = { - image = "linuxserver/prowlarr:latest"; + image = "linuxserver/prowlarr:1.15.0"; container_name = "prowlarr"; labels = { "traefik.enable" = "true"; @@ -125,7 +146,7 @@ "traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/prowlarr_data:/config" + "/storage/dataset/docker/media/prowlarr_data:/config" ]; environment = { PUID = 1000; @@ -139,7 +160,7 @@ restart = "always"; }; sonarr.service = { - image = "linuxserver/sonarr:latest"; + image = "linuxserver/sonarr:4.0.2"; container_name = "sonarr"; labels = { "traefik.enable" = "true"; @@ -151,8 +172,8 @@ "traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/sonarr_data:/config" - "/drives/hdd/data/:/data" + "/storage/dataset/docker/media/sonarr_data:/config" + "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; @@ -167,7 +188,7 @@ restart = "always"; }; radarr.service = { - image = "linuxserver/radarr:latest"; + image = "linuxserver/radarr:5.3.6"; container_name = "radarr"; labels = { "traefik.enable" = "true"; @@ -179,8 +200,8 @@ "traefik.http.routers.radarr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/radarr_data:/config" - "/drives/hdd/data/:/data" + "/storage/dataset/docker/media/radarr_data:/config" + "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; @@ -195,7 +216,7 @@ restart = "always"; }; lidarr.service = { - image = "linuxserver/lidarr:latest"; + image = "linuxserver/lidarr:2.1.7"; container_name = "lidarr"; labels = { "traefik.enable" = "true"; @@ -208,10 +229,10 @@ "traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/lidarr_data:/config" - "/drives/hdd/data/:/data" - "/drives/hdd/docker/media/lidarr_addons/custom-services.d:/custom-services.d" - "/drives/hdd/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d" + "/storage/dataset/docker/media/lidarr_data:/config" + "/storage/dataset/docker/media/lidarr_addons/custom-services.d:/custom-services.d" + "/storage/dataset/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d" + "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; @@ -226,7 +247,7 @@ restart = "always"; }; bazarr.service = { - image = "hotio/bazarr:latest"; + image = "hotio/bazarr:release-1.4.2"; container_name = "bazarr"; labels = { "traefik.enable" = "true"; @@ -238,8 +259,8 @@ "traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/bazarr_data:/config" - "/drives/hdd/data/:/data" + "/storage/dataset/docker/media/bazarr_data:/config" + "/storage/dataset/data/:/data" ]; dns = ["1.1.1.1"]; environment = { @@ -251,7 +272,7 @@ restart = "always"; }; jellyseerr.service = { - image = "fallenbagel/jellyseerr:latest"; + image = "fallenbagel/jellyseerr:1.7.0"; container_name = "jellyseerr"; labels = { "traefik.enable" = "true"; @@ -263,7 +284,7 @@ "traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/jellyseerr_data:/app/config" + "/storage/dataset/docker/media/jellyseerr_data:/app/config" ]; environment = { PUID = 1000; @@ -275,7 +296,7 @@ restart = "always"; }; autobrr.service = { - image = "ghcr.io/autobrr/autobrr:latest"; + image = "ghcr.io/autobrr/autobrr:v1.40.1"; container_name = "autobrr"; labels = { "traefik.enable" = "true"; @@ -287,7 +308,7 @@ "traefik.http.routers.autobrr.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/media/autobrr_data:/config" + "/storage/dataset/docker/media/autobrr_data:/config" ]; environment = { PUID = 1000; @@ -304,7 +325,7 @@ restart = "always"; }; deemix.service = { - image = "finniedj/deemix"; + image = "finniedj/deemix:latest"; container_name = "deemix"; labels = { "traefik.enable" = "true"; @@ -316,7 +337,7 @@ "traefik.http.routers.deemix.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/data/deemix:/downloads" + "/storage/dataset/data/deemix:/downloads" ]; environment = { PUID = 1000; @@ -331,10 +352,10 @@ restart = "always"; }; unpackerr.service = { - image = "golift/unpackerr"; + image = "golift/unpackerr:0.13"; container_name = "unpackerr"; volumes = [ - "/drives/hdd/data/:/data" + "/storage/dataset/data/:/data" ]; user = "1000:1000"; env_file = [ diff --git a/hosts/franz/arion/nas/arion-compose.nix b/hosts/franz/arion/nas/arion-compose.nix index fbcf64b..523401c 100644 --- a/hosts/franz/arion/nas/arion-compose.nix +++ b/hosts/franz/arion/nas/arion-compose.nix @@ -23,7 +23,7 @@ }; command = "-s 'public;/mount;yes;no;yes' -p"; volumes = [ - "/drives/hdd/nas:/mount" + "/storage/dataset/nas:/mount" ]; restart = "always"; networks = [ diff --git a/hosts/franz/arion/nextcloud/arion-compose.nix b/hosts/franz/arion/nextcloud/arion-compose.nix index e713594..d922a66 100644 --- a/hosts/franz/arion/nextcloud/arion-compose.nix +++ b/hosts/franz/arion/nextcloud/arion-compose.nix @@ -10,7 +10,7 @@ services = { nextcloud.service = { - image = "nextcloud:latest"; + image = "nextcloud:28.0.4"; container_name = "nextcloud"; useHostStore = true; labels = { @@ -22,7 +22,7 @@ "traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt"; }; volumes = [ - "/drives/hdd/docker/nextcloud/nextcloud_data:/var/www/html" + "/storage/dataset/docker/nextcloud/nextcloud_data:/var/www/html" ]; hostname = "nextcloud.ghoscht.com"; dns = ["1.1.1.1"]; @@ -37,7 +37,9 @@ env_file = [ "/home/ghoscht/.docker/nextcloud/nextcloud.env" ]; - volumes = ["/drives/hdd/docker/nextcloud/nextcloud_db:/var/lib/mysql"]; + volumes = [ + "/storage/dataset/docker/nextcloud/nextcloud_db:/var/lib/mysql" + ]; restart = "unless-stopped"; command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW"; networks = [ diff --git a/hosts/franz/arion/passwords/arion-compose.nix b/hosts/franz/arion/passwords/arion-compose.nix index e48a3c8..c5d4eef 100644 --- a/hosts/franz/arion/passwords/arion-compose.nix +++ b/hosts/franz/arion/passwords/arion-compose.nix @@ -8,7 +8,7 @@ services = { vaultwarden.service = { - image = "vaultwarden/server:latest"; + image = "vaultwarden/server:1.30.5"; container_name = "vaultwarden"; labels = { "traefik.enable" = "true"; @@ -19,7 +19,7 @@ }; dns = ["1.1.1.1"]; volumes = [ - "/drives/hdd/docker/passwords/vaultwarden_data/:/data" + "/storage/dataset/docker/passwords/vaultwarden_data/:/data" ]; environment = { DOMAIN = "http://vaultwarden.ghoscht.com"; diff --git a/hosts/franz/arion/push/arion-compose.nix b/hosts/franz/arion/push/arion-compose.nix index c80523b..81062c6 100644 --- a/hosts/franz/arion/push/arion-compose.nix +++ b/hosts/franz/arion/push/arion-compose.nix @@ -8,7 +8,7 @@ services = { ntfy.service = { - image = "binwiederhier/ntfy"; + image = "binwiederhier/ntfy:v2.10.0"; container_name = "ntfy"; user = "1000:1000"; command = "serve"; diff --git a/hosts/franz/arion/signal/arion-compose.nix b/hosts/franz/arion/signal/arion-compose.nix index 8643552..b1b2d39 100644 --- a/hosts/franz/arion/signal/arion-compose.nix +++ b/hosts/franz/arion/signal/arion-compose.nix @@ -8,7 +8,7 @@ services = { mollysocket.service = { - image = "ghcr.io/mollyim/mollysocket:latest"; + image = "ghcr.io/mollyim/mollysocket:1.3.0"; container_name = "mollysocket"; useHostStore = true; ports = [ diff --git a/hosts/franz/arion/smarthome/arion-compose.nix b/hosts/franz/arion/smarthome/arion-compose.nix index 0f87816..4352eaf 100644 --- a/hosts/franz/arion/smarthome/arion-compose.nix +++ b/hosts/franz/arion/smarthome/arion-compose.nix @@ -8,7 +8,7 @@ services = { homeassistant.service = { - image = "ghcr.io/home-assistant/home-assistant:stable"; + image = "ghcr.io/home-assistant/home-assistant:2024.3.3"; container_name = "homeassistant"; privileged = true; labels = { @@ -20,7 +20,7 @@ "traefik.http.services.homeassistant.loadbalancer.server.port" = "8123"; }; volumes = [ - "/drives/hdd/docker/smarthome/homeassistant_data:/config" + "/storage/dataset/docker/smarthome/homeassistant_data:/config" "/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro" ];