ooks/ooknet
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ookflix: refactors FIX COMMIT

Browse source
This commit is contained in:
ooks-io 2024-12-02 18:55:06 +11:00
parent da77c223ff
commit c096dc295a
10 changed files with 154 additions and 138 deletions
Download patch file Download diff file Expand all files Collapse all files

17
modules/nixos/server/services/ookflix/gluetun.nix
View file

@ -6,27 +6,24 @@
...
}: let
ookflixLib = import ./lib.nix {inherit self lib config;};
inherit (ookflixLib) mkServiceUser;
inherit (ookflixLib) mkServiceUser mkServiceSecret;
inherit (lib) mkIf;
inherit (ook.lib.container) mkContainerEnvironment mkContainerPort mkServiceSecret;
inherit (config.ooknet.server.ookflix.services) transmission gluetun;
inherit (ook.lib.container) mkContainerEnvironment mkContainerPort;
inherit (config.ooknet.server.ookflix.services) qbittorrent gluetun;
in {
config = mkIf gluetun.enable {
users = mkServiceUser gluetun.user.name;
age.secrets.vpn_env = mkServiceSecret "vpn_env" "gluetun";
age.secrets = mkServiceSecret "vpn_env" "gluetun";
virtualisation.oci-containers.containers = {
# vpn container
gluetun = mkIf {
gluetun = mkIf gluetun.enable {
image = "qmcgaw/gluetun:latest";
# should make this an option.
environmentFiles = [config.age.secrets.vpn_env.path];
ports = [
(mkContainerPort transmission.port)
(mkContainerPort qbittorrent.port)
];
environment = mkContainerEnvironment gluetun.user.id gluetun.group.id {
VPN_SERVICE_PROVIDER = gluetun.provider;
VPN_TYPE = "wireguard";
};
environment = mkContainerEnvironment gluetun.user.id gluetun.group.id;
extraOptions = [
# give network admin permissions
"--cap-add=NET_ADMIN"