Nebucatnetzer
/
nixos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add docker config for plex

This commit is contained in:
Andreas Zweili 2022-11-02 15:40:09 +01:00
parent a5253f585e
commit fa35a3271c
4 changed files with 81 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
modules/plex/default.nix
View File

@ -1,5 +1,6 @@
{ ... }:
{ inputs, config ? { }, ... }:
{
age.secrets.plexClaim.file = "${inputs.self}/scrts/plex_claim.age";
networking = {
firewall.allowedTCPPorts = [
32400 # Web Interface/ Remote Access
@ -14,4 +15,23 @@
32469 # Plex DLNA Server
];
};
virtualisation.oci-containers = {
backend = "docker";
containers."plex" = {
image = "plexinc/pms-docker";
autoStart = true;
environment = {
TZ = "Europe/Zurich";
};
environmentFiles = [ config.age.secrets.plexClaim.path ];
volumes = [
"/home/andreas/docker_systems/plex/config:/config"
"/home/andreas/docker_systems/plex/tmp:/transcode"
];
extraOptions = [
''--mount=type=volume,source=media,target=/mnt/media,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/media,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
"--network=host"
];
};
};
}

38
scrts/plex_claim.age Normal file
View File

@ -0,0 +1,38 @@
age-encryption.org/v1
-> ssh-rsa 7S8lxw
jRXkLm1DZkSgFHS8gLD0vfoZe+ogfSG8w3dfIDFu3QzaK9/BjEyJgsOBrsqYE9ou
AICs4RkAM2xFhvs9lrDn1fVt1gfReb2yH+Rb6oeuIbkiwQaHvc+dxt8ZM9x+TZYC
BEgfgGC0dZcY4QkYk6RkjJascMO7cdNpytv3StvGJ7kvM4vPqVhYfQVaF42OOIKr
aLmfBaZuCB6JSbAxuDquleR79K7Ko3/pcY5cssjbXpK/ufsBxeG7sr6H4oAt4hA/
rEGzR43kgmb4CbcPDUt+5Q+yaHgIc6GP4DiPH4ta1axVeRXSehRL9Twyy9u0fswq
oFZuAkAOzDo5QtBI8PFKzpi62urmQjgbPpUrLP5Gskx296fjlNlHR1xiq/KIqQjP
W5jObMBp70Rl9lmmM+/oyOIrv16fftYwtxvJXI47pkGI1Ix+2A097fSi2ZPYBD35
mtlVlnQ8Tf1YtK9ZJIek4IPktblwkxD+jLv31TTr/aOYspuTBSKsMxu+8ZnkO8Tg
-> ssh-ed25519 skmU/w p3Bz2QidrFgB2rrYtrlXgtZJnW55L80NfUVKj0hGEi0
qORfbRef8D4pS4IBNRsC94CoNmt6lz4HK7SR6xYPDrM
-> ssh-ed25519 6TvZbg U9O2E5rKjqomb9zUaeNAAC029+REGQNgKUdK56BgJQg
d+Ximh5fIa2StkmxDG8OOKN31qfui/MlW+ZOqdWAHpg
-> ssh-ed25519 zPnP5Q tlDoYNMszq9opQWXKVuFN9lZjyaOjL52hYQEs0I/s1w
UICF3J4WjF2ZtptrOBQnzaHFHJx6K6sP7QAARhU8VCE
-> ssh-ed25519 aGyD+A XwErw3B4dDsp8mNyKFWIBjkQNnZljYYq4n+YuyIOfTo
ZyLIdGSuwW66Kaf6BmDKAhR5OxTrhZ1G/Rvk+dmJEK0
-> ssh-ed25519 pCmz5A xRKgRU1uuTY9xabhFg2KZpygeZwg1cq45kZn0roAdkI
B0vrXaofW24GmVjUFfSegze/5ue3+dQRomCZ1VLI9NE
-> ssh-ed25519 ASE6tQ /BU24YvisGWcx470ubvu9RXJY18nHcSBDO0o5FAM3yU
0ntiIGxXcuqR+nrpdOkaiQvU9CF3GRJOYrfokhF8Eac
-> ssh-ed25519 f6vWeA fKGvEgS1FSb3J+PfxdOVoqK/GU7UBm/eeymBW22iCEQ
ODubmloMOAPmWL0h3yq5BV/Pn4ncRl24GFHf9nJQ7JQ
-> ssh-ed25519 6EZJNg 2RM8ZIrtShjlIqollwrEakmKc3m8Mzz9od736QyrkxI
dpDZLSZ5EO5E3RhBODLcZF+2CVW4qVmNxNDucv7C+Mk
-> ssh-ed25519 BycpnQ E7/mu3dxLqpAGAJV/xh4qUiG9Flp6mqtF+LhHzVhPxo
IGARchyYjI28Xt0xR4GqUGtCit8oII/fjQ+kfVRX+2Y
-> ssh-ed25519 MpFwoA Sdy+XdfzArotESM0tCRj7HFxziwnu2q1T1k4cP20Egg
PCgHazoRE8gLiFH5J5lMuaNiqwKe+9Wf4RDJHZXiX+Y
-> ssh-ed25519 L7IrhA F0zZV8EUJgNB6ZjKDFyq+AnVEdpeyl5xoPL/YQcAvGw
nzc9a33ydhQtmiACtLfY/hMfZ+i3n9+K3sg809DF8Qg
-> 86cT-grease
HC14Obw9QLICZYGOEcqnpZwVLpyXIlLAeN51UCbaG1tX7oHz2ewjlynofViLyOz9
crFQ+tVcaYET7vD8qdw2Tyhgk58
--- BaPaD8s7oeb0kDsXboqSNDdzcmuEzkrGhdCXjTmahs0
Œ›ËÐËÓZë„}< Ò-œÙ<C593>`Ü.Ñ"ö1tÇJÓ) †â×WNpvQ\TbY_íj/hÆ:}®ãÙàñ6nÈv€°

22
scrts/secrets.nix Normal file
View File

@ -0,0 +1,22 @@
let
andreas = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCR+JXNHSAEQamn2QiaKV0vejCPy6OmzOePXoaQF6CEknXyvBO4j7+qpgZ5RAhe7ups8xZrEpBKdtxRMf7OdQQEXg1PLlfWZSJTC8EGu1TbMltbwwHizgsK/15LkDhJ0Gk/GFz9O9GvGqjizik8Kvvqz8XWY0tEtYs5Riq8bB5D5Ctwl10iultqnIQkdaX0bNa/2X57XKeutWdbqhuSC/C7awC1aVDIdfy1BNT3weHhQhFVAeAlH7Fy4rx3gYPclICfzu27lulLeXKJj9F+NdeY84zEy7E8IkE7eqdo1zfdJJpXSIh3FqekWen5njzWJsXqZCa2Ynk1poK/Rv/ti+ySE+4XicyXp0VJM8fDz6iUI0S/pjumHwzpoN9CeNe5PDK3Y7iQzSlO9REvkj/+v7r2s6XKslk9B7hTKunvH5JgHlIeYymzXb4r2LggNrP/1KUgNk1Ztu+s1c5onXYfBNul1iQOFU3+kgTk8Oh/UFK3FA0dYeWrOLA02TdH2S7U6yE= andreas@gwyn";
users = [ andreas ];
gwyn = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGNmtdodpXHcwEsX2x89RyxjX5F6eERanzM4OXlNDx50";
proxy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACtJWes3zBh0Hs0BEC2ZC+9+ddLALlzuAxyNjLgf5Fh";
git = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDYdusJTepCONjESFlQ1OTzCWqiTKwOFrYCyV5J77hS";
nextcloud = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII4k14NXzaM5AqM9OfsFERnCT2ZMYXIaPrt34H2Jq5tx";
ttrss = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILWQKvlLbat4Bp3iu4oFpdHSaiyi6x/efCMmYtCNfgfb";
mail = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1SpBpTmpUymwjkevYttnOAS4xkzu7wtQYRHTK6XRgQ";
pihole = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ18YfLmcINwuPcqlAPJTLkNM4/JvA8MrKutlyzKYJtA";
plex = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDsIpx4uigis0II6BW0s5Huum+sOnuS/R11MaNPh3qFm";
restic-server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsjf063cd2QPTTRRP6s+VvAkDal1pHbVxBIycv5ntz+";
management = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDXLCjTgxnu2WHt6AtEeJ0a0H3x6dc3Cb+GN8GAJPqRO";
loki-test = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqCmY9F2nWasFtmBpk401lacclXeddDm+OTZ4+tNM94";
systems = [ gwyn proxy git nextcloud ttrss mail pihole plex restic-server management loki-test ];
in
{
"test.age".publicKeys = users ++ systems;
"plex_claim.age".publicKeys = users ++ systems;
}

1
systems/plex/default.nix
View File

@ -8,7 +8,6 @@
(import "${inputs.self}/modules/restic-server-client" {
time = "03:30"; inherit custom hostname inputs pkgs;
})
"${inputs.self}/modules/docker"
"${inputs.self}/modules/media-share"
"${inputs.self}/modules/plex"
];