{pkgs, ...}: { project.name = "media"; networks.dmz = { name = "dmz"; external = true; }; services = { jellyfin.service = { image = "linuxserver/jellyfin:10.8.13"; container_name = "jellyfin"; ports = [ "8096:8096" ]; labels = { "traefik.enable" = "true"; "traefik.http.routers.jellyfin.entrypoints" = "websecure"; "traefik.http.routers.jellyfin.rule" = "Host(`jellyfin.ghoscht.com`)"; "traefik.http.services.jellyfin.loadbalancer.server.port" = "8096"; "traefik.http.services.jellyfin.loadbalancer.passHostHeader" = "true"; "traefik.http.routers.jellyfin.tls" = "true"; "traefik.http.routers.jellyfin.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/jellyfin_data:/config" "/storage/dataset/data/media/tv:/tv" "/storage/dataset/data/media/anime:/anime" "/storage/dataset/data/media/movies:/movies" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; dns = ["1.1.1.1"]; restart = "always"; networks = [ "dmz" ]; }; navidrome.service = { image = "deluan/navidrome:0.52.0"; container_name = "navidrome"; labels = { "traefik.enable" = "true"; "traefik.http.routers.navidrome.entrypoints" = "websecure"; "traefik.http.routers.navidrome.rule" = "Host(`navidrome.ghoscht.com`)"; "traefik.http.services.navidrome.loadbalancer.server.port" = "4533"; "traefik.http.routers.navidrome.tls" = "true"; "traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/navidrome_data:/data" "/storage/dataset/data/media/music:/music" ]; environment = { ND_SESSIONTIMEOUT = "336h"; }; env_file = [ "/home/ghoscht/.docker/media/navidrome.env" ]; dns = ["1.1.1.1"]; restart = "always"; networks = [ "dmz" ]; }; kavita.service = { image = "jvmilazz0/kavita:0.7.14"; container_name = "kavita"; labels = { "traefik.enable" = "true"; "traefik.http.routers.kavita.entrypoints" = "websecure"; "traefik.http.routers.kavita.rule" = "Host(`kavita.ghoscht.com`)"; "traefik.http.services.kavita.loadbalancer.server.port" = "5000"; "traefik.http.routers.kavita.tls" = "true"; "traefik.http.routers.kavita.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/kavita_data:/kavita/config" "/storage/dataset/data/media/manga:/manga" ]; dns = ["1.1.1.1"]; restart = "always"; networks = [ "dmz" ]; }; vpn.service = { image = "haugene/transmission-openvpn:5.3.1"; container_name = "transmission"; labels = { "traefik.enable" = "true"; "traefik.http.routers.transmission.entrypoints" = "websecure"; "traefik.http.routers.transmission.rule" = "Host(`transmission.ghoscht.com`)"; "traefik.http.services.transmission.loadbalancer.server.port" = "9091"; "traefik.docker.network" = "dmz"; "traefik.http.routers.transmission.tls" = "true"; "traefik.http.routers.transmission.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/transmission_data:/config" "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; OPENVPN_PROVIDER = "WINDSCRIBE"; OPENVPN_CONFIG = "Vienna-Hofburg-udp"; OVPN_PROTOCOL = "udp"; OPENVPN_OPTS = "--pull-filter ignore ping --ping 10 --ping-restart 120"; LOCAL_NETWORK = "192.168.0.0/16"; TRANSMISSION_DOWNLOAD_DIR = "/data/torrents"; TRANSMISSION_INCOMPLETE_DIR = "/data/torrents/incomplete"; TRANSMISSION_WEB_UI = "flood-for-transmission"; WEBPROXY_ENABLED = "true"; }; ports = ["8118:8118"]; env_file = [ "/home/ghoscht/.docker/media/windscribe.env" ]; capabilities = { NET_ADMIN = true; }; dns = ["1.1.1.1"]; restart = "always"; networks = [ "dmz" ]; }; prowlarr.service = { image = "linuxserver/prowlarr:1.16.2"; container_name = "prowlarr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.prowlarr.entrypoints" = "websecure"; "traefik.http.routers.prowlarr.rule" = "Host(`prowlarr.ghoscht.com`)"; "traefik.http.services.prowlarr.loadbalancer.server.port" = "9696"; "traefik.docker.network" = "dmz"; "traefik.http.routers.prowlarr.tls" = "true"; "traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/prowlarr_data:/config" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; network_mode = "service:vpn"; depends_on = { vpn = {condition = "service_healthy";}; }; restart = "always"; }; sonarr.service = { image = "linuxserver/sonarr:4.0.4"; container_name = "sonarr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.sonarr.entrypoints" = "websecure"; "traefik.http.routers.sonarr.rule" = "Host(`sonarr.ghoscht.com`)"; "traefik.http.services.sonarr.loadbalancer.server.port" = "8989"; "traefik.docker.network" = "dmz"; "traefik.http.routers.sonarr.tls" = "true"; "traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/sonarr_data:/config" "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; network_mode = "service:vpn"; depends_on = { vpn = {condition = "service_healthy";}; prowlarr = {condition = "service_started";}; }; restart = "always"; }; radarr.service = { image = "linuxserver/radarr:5.4.6"; container_name = "radarr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.radarr.entrypoints" = "websecure"; "traefik.http.routers.radarr.rule" = "Host(`radarr.ghoscht.com`)"; "traefik.http.services.radarr.loadbalancer.server.port" = "7878"; "traefik.docker.network" = "dmz"; "traefik.http.routers.radarr.tls" = "true"; "traefik.http.routers.radarr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/radarr_data:/config" "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; network_mode = "service:vpn"; depends_on = { vpn = {condition = "service_healthy";}; prowlarr = {condition = "service_started";}; }; restart = "always"; }; lidarr.service = { image = "linuxserver/lidarr:2.2.5"; container_name = "lidarr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.lidarr.entrypoints" = "websecure"; "traefik.http.routers.lidarr.rule" = "Host(`lidarr.ghoscht.com`)"; "traefik.http.services.lidarr.loadbalancer.server.port" = "8686"; "traefik.http.routers.lidarr.service" = "lidarr"; "traefik.docker.network" = "dmz"; "traefik.http.routers.lidarr.tls" = "true"; "traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/lidarr_data:/config" "/storage/dataset/docker/media/lidarr_addons/custom-services.d:/custom-services.d" "/storage/dataset/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d" "/storage/dataset/data/:/data" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; network_mode = "service:vpn"; depends_on = { vpn = {condition = "service_healthy";}; prowlarr = {condition = "service_started";}; }; restart = "always"; }; bazarr.service = { image = "hotio/bazarr:release-1.4.2"; container_name = "bazarr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.bazarr.entrypoints" = "websecure"; "traefik.http.routers.bazarr.rule" = "Host(`bazarr.ghoscht.com`)"; "traefik.http.services.bazarr.loadbalancer.server.port" = "6767"; "traefik.docker.network" = "dmz"; "traefik.http.routers.bazarr.tls" = "true"; "traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/bazarr_data:/config" "/storage/dataset/data/:/data" ]; dns = ["1.1.1.1"]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; networks = ["dmz"]; restart = "always"; }; jellyseerr.service = { image = "fallenbagel/jellyseerr:1.7.0"; container_name = "jellyseerr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.jellyseerr.entrypoints" = "websecure"; "traefik.http.routers.jellyseerr.rule" = "Host(`jellyseerr.ghoscht.com`)"; "traefik.http.services.jellyseerr.loadbalancer.server.port" = "5055"; "traefik.docker.network" = "dmz"; "traefik.http.routers.jellyseerr.tls" = "true"; "traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/jellyseerr_data:/app/config" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; dns = ["1.1.1.1"]; networks = ["dmz"]; restart = "always"; }; autobrr.service = { image = "ghcr.io/autobrr/autobrr:v1.41.0"; container_name = "autobrr"; labels = { "traefik.enable" = "true"; "traefik.http.routers.autobrr.entrypoints" = "websecure"; "traefik.http.routers.autobrr.rule" = "Host(`autobrr.ghoscht.com`)"; "traefik.http.services.autobrr.loadbalancer.server.port" = "7474"; "traefik.docker.network" = "dmz"; "traefik.http.routers.autobrr.tls" = "true"; "traefik.http.routers.autobrr.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/docker/media/autobrr_data:/config" ]; environment = { PUID = 1000; PGID = 1000; TZ = "Europe/Berlin"; }; network_mode = "service:vpn"; depends_on = { vpn = {condition = "service_healthy";}; prowlarr = {condition = "service_started";}; sonarr = {condition = "service_started";}; radarr = {condition = "service_started";}; }; restart = "always"; }; deemix.service = { image = "finniedj/deemix:latest"; container_name = "deemix"; labels = { "traefik.enable" = "true"; "traefik.http.routers.deemix.entrypoints" = "websecure"; "traefik.http.routers.deemix.rule" = "Host(`deemix.ghoscht.com`)"; "traefik.http.services.deemix.loadbalancer.server.port" = "6595"; "traefik.docker.network" = "dmz"; "traefik.http.routers.deemix.tls" = "true"; "traefik.http.routers.deemix.tls.certresolver" = "letsencrypt"; }; volumes = [ "/storage/dataset/data/deemix:/downloads" ]; environment = { PUID = 1000; PGID = 1000; UMASK_SET = 022; TZ = "Europe/Berlin"; }; network_mode = "service:vpn"; depends_on = { vpn = {condition = "service_healthy";}; }; restart = "always"; }; unpackerr.service = { image = "golift/unpackerr:0.13"; container_name = "unpackerr"; volumes = [ "/storage/dataset/data/:/data" ]; user = "1000:1000"; env_file = [ "/home/ghoscht/.docker/media/unpackerr.env" ]; environment = { TZ = "Europe/Berlin"; # General config UN_DEBUG = "false"; UN_INTERVAL = "2m"; UN_START_DELAY = "1m"; UN_RETRY_DELAY = "5m"; UN_MAX_RETRIES = 3; UN_PARALLEL = 1; UN_FILE_MODE = 0644; UN_DIR_MODE = 0755; # Sonarr Config UN_SONARR_0_URL = "http://transmission:8989"; UN_SONARR_0_PATHS_0 = "/data/torrents/tv"; UN_SONARR_0_PROTOCOLS = "torrent"; UN_SONARR_0_TIMEOUT = "10s"; UN_SONARR_0_DELETE_ORIG = "false"; UN_SONARR_0_DELETE_DELAY = "5m"; # Radarr Config UN_RADARR_0_URL = "http://transmission:7878"; UN_RADARR_0_PATHS_0 = "/data/torrents/movies"; UN_RADARR_0_PROTOCOLS = "torrent"; UN_RADARR_0_TIMEOUT = "10s"; UN_RADARR_0_DELETE_ORIG = "false"; UN_RADARR_0_DELETE_DELAY = "5m"; # Lidarr Config UN_LIDARR_0_URL = "http://transmission:8686"; UN_LIDARR_0_PATHS_0 = "/data/torrents/music"; UN_LIDARR_0_PROTOCOLS = "torrent"; UN_LIDARR_0_TIMEOUT = "10s"; UN_LIDARR_0_DELETE_ORIG = "false"; UN_LIDARR_0_DELETE_DELAY = "5m"; }; networks = ["dmz"]; depends_on = { vpn = {condition = "service_healthy";}; prowlarr = {condition = "service_started";}; sonarr = {condition = "service_started";}; radarr = {condition = "service_started";}; }; restart = "always"; }; }; }