52 lines
1.5 KiB
Nix
52 lines
1.5 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
{
|
|
config = lib.mkIf (config.networking.hostName == "FredOS-Mediaserver") {
|
|
|
|
virtualisation.oci-containers = {
|
|
backend = "docker";
|
|
|
|
# --- Nginx Proxy Manager (existing setup) ---
|
|
containers."nginx-proxy-manager" = {
|
|
image = "jc21/nginx-proxy-manager:latest";
|
|
ports = [ "80:80" "81:81" "443:443" ];
|
|
volumes = [
|
|
"/var/lib/nginx-proxy-manager/data:/data"
|
|
"/var/lib/nginx-proxy-manager/letsencrypt:/etc/letsencrypt"
|
|
];
|
|
};
|
|
|
|
# --- Authelia ---
|
|
containers."authelia" = {
|
|
image = "authelia/authelia:latest";
|
|
volumes = [
|
|
"/home/fred/docker/authelia/config.yml:/config/config.yml:ro"
|
|
"/home/fred/docker/authelia/secrets:/secrets:ro"
|
|
];
|
|
ports = [ "9091:9091" ];
|
|
extraOptions = [ "--restart" "unless-stopped" ];
|
|
};
|
|
|
|
# --- Go2RTC ---
|
|
containers."go2rtc" = {
|
|
image = "blakeblackshear/go2rtc:latest";
|
|
volumes = [
|
|
"/home/fred/docker/go2rtc/config.yml:/config/config.yml:ro"
|
|
];
|
|
ports = [ "1984:1984" ];
|
|
extraOptions = [ "--restart" "unless-stopped" ];
|
|
};
|
|
};
|
|
|
|
# --- Create directories ---
|
|
systemd.tmpfiles.rules = [
|
|
# Nginx Proxy Manager
|
|
"d /var/lib/nginx-proxy-manager/data 0755 root root -"
|
|
"d /var/lib/nginx-proxy-manager/letsencrypt 0755 root root -"
|
|
|
|
# Local secrets & configs
|
|
"d /home/fred/docker/authelia/secrets 0700 fred users -"
|
|
"d /home/fred/docker/go2rtc 0755 fred users -"
|
|
];
|
|
};
|
|
}
|