ghoscht/nix-config
ghoscht/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Adapt arion compose to zfs cluster

Browse source
This commit is contained in:
GHOSCHT 2024-03-31 22:05:29 +02:00
parent 9d92ac2d0d
commit 448e3beadf
Signed by: ghoscht
GPG key ID: 2C2C1C62A5388E82
12 changed files with 94 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
hosts/franz/arion/dashboard/arion-compose.nix
View file

@ -8,7 +8,7 @@
services = { services = {
homarr.service = { homarr.service = {
image = "ghcr.io/ajnart/homarr:latest"; image = "ghcr.io/ajnart/homarr:0.15.2";
container_name = "homarr"; container_name = "homarr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -18,8 +18,9 @@
"traefik.http.routers.homarr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.homarr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/dashboard/homarr_data:/app/data/configs" "/storage/dataset/docker/dashboard/homarr_data:/data"
"/drives/hdd/docker/dashboard/homarr_icons:/app/public/imgs" "/storage/dataset/docker/dashboard/homarr_config:/app/data/configs"
"/storage/dataset/docker/dashboard/homarr_icons:/app/public/imgs"
]; ];
restart = "always"; restart = "always";
networks = [ networks = [

10
hosts/franz/arion/dns/arion-compose.nix
View file

@ -20,7 +20,7 @@
services = { services = {
pihole.service = { pihole.service = {
image = "pihole/pihole:latest"; image = "pihole/pihole:2024.03.1";
container_name = "pihole"; container_name = "pihole";
hostname = "pihole"; hostname = "pihole";
environment = { environment = {
@ -30,8 +30,8 @@
VIRTUAL_HOST = "pihole.ghoscht.com"; VIRTUAL_HOST = "pihole.ghoscht.com";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/dns/pihole_data:/etc/pihole" "/storage/dataset/docker/dns/pihole_data:/etc/pihole"
"/drives/hdd/docker/dns/pihole_dnsmasq:/etc/dnsmasq.d" "/storage/dataset/docker/dns/pihole_dnsmasq:/etc/dnsmasq.d"
]; ];
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -62,11 +62,11 @@
]; ];
}; };
unbound.service = { unbound.service = {
image = "mvance/unbound:latest"; image = "mvance/unbound:1.19.3";
container_name = "unbound"; container_name = "unbound";
useHostStore = true; useHostStore = true;
volumes = [ volumes = [
"/drives/hdd/docker/dns/unbound_data:/opt/unbound/etc/unbound" "/storage/dataset/docker/dns/unbound_data:/opt/unbound/etc/unbound"
]; ];
restart = "always"; restart = "always";
networks = { networks = {

4
hosts/franz/arion/feed/arion-compose.nix
View file

@ -10,7 +10,7 @@
services = { services = {
ttrss.service = { ttrss.service = {
image = "wangqiru/ttrss:latest"; image = "wangqiru/ttrss:latest-2024-02-28";
container_name = "ttrss"; container_name = "ttrss";
ports = [ ports = [
"181:80" "181:80"
@ -33,7 +33,7 @@
feed-db.service = { feed-db.service = {
image = "postgres:13-alpine"; image = "postgres:13-alpine";
volumes = [ volumes = [
"/drives/hdd/docker/feed/ttrss_db:/var/lib/postgresql/data" "/storage/dataset/docker/feed/ttrss_db:/var/lib/postgresql/data"
]; ];
env_file = [ env_file = [
"/home/ghoscht/.docker/feed/ttrss.env" "/home/ghoscht/.docker/feed/ttrss.env"

8
hosts/franz/arion/git/arion-compose.nix
View file

@ -10,7 +10,7 @@
services = { services = {
forgejo.service = { forgejo.service = {
image = "codeberg.org/forgejo/forgejo:1.21.6-0"; image = "codeberg.org/forgejo/forgejo:1.21.8-0";
container_name = "forgejo"; container_name = "forgejo";
useHostStore = true; useHostStore = true;
labels = { labels = {
@ -23,7 +23,7 @@
"traefik.http.routers.forgejo.tls.certresolver" = "letsencrypt"; "traefik.http.routers.forgejo.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/git/forgejo_data:/data" "/storage/dataset/docker/git/forgejo_data:/data"
"/etc/localtime:/etc/localtime:ro" "/etc/localtime:/etc/localtime:ro"
]; ];
ports = [ ports = [
@ -50,7 +50,9 @@
env_file = [ env_file = [
"/home/ghoscht/.docker/git/forgejo-db.env" "/home/ghoscht/.docker/git/forgejo-db.env"
]; ];
volumes = ["/drives/hdd/docker/git/forgejo_db:/var/lib/postgresql/data"]; volumes = [
"/storage/dataset/docker/git/forgejo_db:/var/lib/postgresql/data"
];
restart = "unless-stopped"; restart = "unless-stopped";
networks = [ networks = [
"transport" "transport"

14
hosts/franz/arion/infrastructure/arion-compose.nix
View file

@ -14,7 +14,7 @@
services = { services = {
traefik.service = { traefik.service = {
image = "traefik"; image = "traefik:v3.0";
container_name = "traefik"; container_name = "traefik";
useHostStore = true; useHostStore = true;
ports = [ ports = [
@ -45,7 +45,7 @@
]; ];
}; };
cloudflared.service = { cloudflared.service = {
image = "cloudflare/cloudflared:latest"; image = "cloudflare/cloudflared:2024.2.1";
container_name = "cloudflared"; container_name = "cloudflared";
env_file = [ env_file = [
"/home/ghoscht/.docker/infrastructure/cloudflared.env" "/home/ghoscht/.docker/infrastructure/cloudflared.env"
@ -58,7 +58,7 @@
]; ];
}; };
scrutiny.service = { scrutiny.service = {
image = "ghcr.io/analogj/scrutiny:master-omnibus"; image = "ghcr.io/analogj/scrutiny:v0.8.0-omnibus";
container_name = "scrutiny"; container_name = "scrutiny";
restart = "always"; restart = "always";
labels = { labels = {
@ -71,6 +71,7 @@
}; };
capabilities = { capabilities = {
SYS_RAWIO = true; SYS_RAWIO = true;
SYS_ADMIN = true; #enables nvme support
}; };
volumes = [ volumes = [
"/run/udev:/run/udev:ro" "/run/udev:/run/udev:ro"
@ -78,8 +79,13 @@
"scrutiny_db:/opt/scrutiny/influxdb" "scrutiny_db:/opt/scrutiny/influxdb"
]; ];
devices = [ devices = [
"/dev/sda"
"/dev/nvme0n1" "/dev/nvme0n1"
"/dev/sda"
"/dev/sdb"
"/dev/sdc"
"/dev/sdd"
"/dev/sde"
"/dev/sdf"
]; ];
networks = [ networks = [
"dmz" "dmz"

91
hosts/franz/arion/media/arion-compose.nix
View file

@ -12,7 +12,7 @@
services = { services = {
jellyfin.service = { jellyfin.service = {
image = "jellyfin/jellyfin:latest"; image = "jellyfin/jellyfin:2024032802";
container_name = "jellyfin"; container_name = "jellyfin";
ports = [ ports = [
"8096:8096" "8096:8096"
@ -28,10 +28,10 @@
}; };
volumes = [ volumes = [
"jellyfin_cache:/cache" "jellyfin_cache:/cache"
"/drives/hdd/docker/media/jellyfin_data:/config" "/storage/dataset/docker/media/jellyfin_data:/config"
"/drives/hdd/data/media/tv:/tv" "/storage/dataset/data/media/tv:/tv"
"/drives/hdd/data/media/anime:/anime" "/storage/dataset/data/media/anime:/anime"
"/drives/hdd/data/media/movies:/movies" "/storage/dataset/data/media/movies:/movies"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -45,7 +45,7 @@
]; ];
}; };
navidrome.service = { navidrome.service = {
image = "deluan/navidrome:latest"; image = "deluan/navidrome:0.51.1";
container_name = "navidrome"; container_name = "navidrome";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -56,8 +56,8 @@
"traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt"; "traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/navidrome_data:/data" "/storage/dataset/docker/media/navidrome_data:/data"
"/drives/hdd/data/media/music:/music" "/storage/dataset/data/media/music:/music"
]; ];
environment = { environment = {
ND_SESSIONTIMEOUT = "336h"; ND_SESSIONTIMEOUT = "336h";
@ -71,8 +71,29 @@
"dmz" "dmz"
]; ];
}; };
kavita.service = {
image = "jvmilazz0/kavita:0.7.14";
container_name = "kavita";
labels = {
"traefik.enable" = "true";
"traefik.http.routers.kavita.entrypoints" = "websecure";
"traefik.http.routers.kavita.rule" = "Host(`kavita.ghoscht.com`)";
"traefik.http.services.kavita.loadbalancer.server.port" = "5000";
"traefik.http.routers.kavita.tls" = "true";
"traefik.http.routers.kavita.tls.certresolver" = "letsencrypt";
};
volumes = [
"/storage/dataset/docker/media/kavita_data:/kavita/config"
"/storage/dataset/data/media/manga:/manga"
];
dns = ["1.1.1.1"];
restart = "always";
networks = [
"dmz"
];
};
vpn.service = { vpn.service = {
image = "haugene/transmission-openvpn"; image = "haugene/transmission-openvpn:5.3.1";
container_name = "transmission"; container_name = "transmission";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -84,8 +105,8 @@
"traefik.http.routers.transmission.tls.certresolver" = "letsencrypt"; "traefik.http.routers.transmission.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/transmission_data:/config" "/storage/dataset/docker/media/transmission_data:/config"
"/drives/hdd/data/:/data" "/storage/dataset/data/:/data"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -113,7 +134,7 @@
]; ];
}; };
prowlarr.service = { prowlarr.service = {
image = "linuxserver/prowlarr:latest"; image = "linuxserver/prowlarr:1.15.0";
container_name = "prowlarr"; container_name = "prowlarr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -125,7 +146,7 @@
"traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/prowlarr_data:/config" "/storage/dataset/docker/media/prowlarr_data:/config"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -139,7 +160,7 @@
restart = "always"; restart = "always";
}; };
sonarr.service = { sonarr.service = {
image = "linuxserver/sonarr:latest"; image = "linuxserver/sonarr:4.0.2";
container_name = "sonarr"; container_name = "sonarr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -151,8 +172,8 @@
"traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/sonarr_data:/config" "/storage/dataset/docker/media/sonarr_data:/config"
"/drives/hdd/data/:/data" "/storage/dataset/data/:/data"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -167,7 +188,7 @@
restart = "always"; restart = "always";
}; };
radarr.service = { radarr.service = {
image = "linuxserver/radarr:latest"; image = "linuxserver/radarr:5.3.6";
container_name = "radarr"; container_name = "radarr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -179,8 +200,8 @@
"traefik.http.routers.radarr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.radarr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/radarr_data:/config" "/storage/dataset/docker/media/radarr_data:/config"
"/drives/hdd/data/:/data" "/storage/dataset/data/:/data"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -195,7 +216,7 @@
restart = "always"; restart = "always";
}; };
lidarr.service = { lidarr.service = {
image = "linuxserver/lidarr:latest"; image = "linuxserver/lidarr:2.1.7";
container_name = "lidarr"; container_name = "lidarr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -208,10 +229,10 @@
"traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/lidarr_data:/config" "/storage/dataset/docker/media/lidarr_data:/config"
"/drives/hdd/data/:/data" "/storage/dataset/docker/media/lidarr_addons/custom-services.d:/custom-services.d"
"/drives/hdd/docker/media/lidarr_addons/custom-services.d:/custom-services.d" "/storage/dataset/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d"
"/drives/hdd/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d" "/storage/dataset/data/:/data"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -226,7 +247,7 @@
restart = "always"; restart = "always";
}; };
bazarr.service = { bazarr.service = {
image = "hotio/bazarr:latest"; image = "hotio/bazarr:release-1.4.2";
container_name = "bazarr"; container_name = "bazarr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -238,8 +259,8 @@
"traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/bazarr_data:/config" "/storage/dataset/docker/media/bazarr_data:/config"
"/drives/hdd/data/:/data" "/storage/dataset/data/:/data"
]; ];
dns = ["1.1.1.1"]; dns = ["1.1.1.1"];
environment = { environment = {
@ -251,7 +272,7 @@
restart = "always"; restart = "always";
}; };
jellyseerr.service = { jellyseerr.service = {
image = "fallenbagel/jellyseerr:latest"; image = "fallenbagel/jellyseerr:1.7.0";
container_name = "jellyseerr"; container_name = "jellyseerr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -263,7 +284,7 @@
"traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/jellyseerr_data:/app/config" "/storage/dataset/docker/media/jellyseerr_data:/app/config"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -275,7 +296,7 @@
restart = "always"; restart = "always";
}; };
autobrr.service = { autobrr.service = {
image = "ghcr.io/autobrr/autobrr:latest"; image = "ghcr.io/autobrr/autobrr:v1.40.1";
container_name = "autobrr"; container_name = "autobrr";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -287,7 +308,7 @@
"traefik.http.routers.autobrr.tls.certresolver" = "letsencrypt"; "traefik.http.routers.autobrr.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/media/autobrr_data:/config" "/storage/dataset/docker/media/autobrr_data:/config"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -304,7 +325,7 @@
restart = "always"; restart = "always";
}; };
deemix.service = { deemix.service = {
image = "finniedj/deemix"; image = "finniedj/deemix:latest";
container_name = "deemix"; container_name = "deemix";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -316,7 +337,7 @@
"traefik.http.routers.deemix.tls.certresolver" = "letsencrypt"; "traefik.http.routers.deemix.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/data/deemix:/downloads" "/storage/dataset/data/deemix:/downloads"
]; ];
environment = { environment = {
PUID = 1000; PUID = 1000;
@ -331,10 +352,10 @@
restart = "always"; restart = "always";
}; };
unpackerr.service = { unpackerr.service = {
image = "golift/unpackerr"; image = "golift/unpackerr:0.13";
container_name = "unpackerr"; container_name = "unpackerr";
volumes = [ volumes = [
"/drives/hdd/data/:/data" "/storage/dataset/data/:/data"
]; ];
user = "1000:1000"; user = "1000:1000";
env_file = [ env_file = [

2
hosts/franz/arion/nas/arion-compose.nix
View file

@ -23,7 +23,7 @@
}; };
command = "-s 'public;/mount;yes;no;yes' -p"; command = "-s 'public;/mount;yes;no;yes' -p";
volumes = [ volumes = [
"/drives/hdd/nas:/mount" "/storage/dataset/nas:/mount"
]; ];
restart = "always"; restart = "always";
networks = [ networks = [

8
hosts/franz/arion/nextcloud/arion-compose.nix
View file

@ -10,7 +10,7 @@
services = { services = {
nextcloud.service = { nextcloud.service = {
image = "nextcloud:latest"; image = "nextcloud:28.0.4";
container_name = "nextcloud"; container_name = "nextcloud";
useHostStore = true; useHostStore = true;
labels = { labels = {
@ -22,7 +22,7 @@
"traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt"; "traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/nextcloud/nextcloud_data:/var/www/html" "/storage/dataset/docker/nextcloud/nextcloud_data:/var/www/html"
]; ];
hostname = "nextcloud.ghoscht.com"; hostname = "nextcloud.ghoscht.com";
dns = ["1.1.1.1"]; dns = ["1.1.1.1"];
@ -37,7 +37,9 @@
env_file = [ env_file = [
"/home/ghoscht/.docker/nextcloud/nextcloud.env" "/home/ghoscht/.docker/nextcloud/nextcloud.env"
]; ];
volumes = ["/drives/hdd/docker/nextcloud/nextcloud_db:/var/lib/mysql"]; volumes = [
"/storage/dataset/docker/nextcloud/nextcloud_db:/var/lib/mysql"
];
restart = "unless-stopped"; restart = "unless-stopped";
command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW"; command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW";
networks = [ networks = [

4
hosts/franz/arion/passwords/arion-compose.nix
View file

@ -8,7 +8,7 @@
services = { services = {
vaultwarden.service = { vaultwarden.service = {
image = "vaultwarden/server:latest"; image = "vaultwarden/server:1.30.5";
container_name = "vaultwarden"; container_name = "vaultwarden";
labels = { labels = {
"traefik.enable" = "true"; "traefik.enable" = "true";
@ -19,7 +19,7 @@
}; };
dns = ["1.1.1.1"]; dns = ["1.1.1.1"];
volumes = [ volumes = [
"/drives/hdd/docker/passwords/vaultwarden_data/:/data" "/storage/dataset/docker/passwords/vaultwarden_data/:/data"
]; ];
environment = { environment = {
DOMAIN = "http://vaultwarden.ghoscht.com"; DOMAIN = "http://vaultwarden.ghoscht.com";

2
hosts/franz/arion/push/arion-compose.nix
View file

@ -8,7 +8,7 @@
services = { services = {
ntfy.service = { ntfy.service = {
image = "binwiederhier/ntfy"; image = "binwiederhier/ntfy:v2.10.0";
container_name = "ntfy"; container_name = "ntfy";
user = "1000:1000"; user = "1000:1000";
command = "serve"; command = "serve";

2
hosts/franz/arion/signal/arion-compose.nix
View file

@ -8,7 +8,7 @@
services = { services = {
mollysocket.service = { mollysocket.service = {
image = "ghcr.io/mollyim/mollysocket:latest"; image = "ghcr.io/mollyim/mollysocket:1.3.0";
container_name = "mollysocket"; container_name = "mollysocket";
useHostStore = true; useHostStore = true;
ports = [ ports = [

4
hosts/franz/arion/smarthome/arion-compose.nix
View file

@ -8,7 +8,7 @@
services = { services = {
homeassistant.service = { homeassistant.service = {
image = "ghcr.io/home-assistant/home-assistant:stable"; image = "ghcr.io/home-assistant/home-assistant:2024.3.3";
container_name = "homeassistant"; container_name = "homeassistant";
privileged = true; privileged = true;
labels = { labels = {
@ -20,7 +20,7 @@
"traefik.http.services.homeassistant.loadbalancer.server.port" = "8123"; "traefik.http.services.homeassistant.loadbalancer.server.port" = "8123";
}; };
volumes = [ volumes = [
"/drives/hdd/docker/smarthome/homeassistant_data:/config" "/storage/dataset/docker/smarthome/homeassistant_data:/config"
"/etc/localtime:/etc/localtime:ro" "/etc/localtime:/etc/localtime:ro"
"/run/dbus:/run/dbus:ro" "/run/dbus:/run/dbus:ro"
]; ];