Faris/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
nixos/home/podman.nix
Faris 4a64599fd6 plus
2025-07-19 00:34:01 +01:00

979 lines
22 KiB
Nix
Raw Blame History

{
lib,
pkgs,
config,
...
}:
{
services.podman.enable = true;
services.podman.autoUpdate.enable = true;
services.podman.autoUpdate.onCalendar = "*-*-* 00:00";
services.podman.containers = {
actual = {
image = "docker.io/actualbudget/actual-server:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/actual:/data"
];
ports = [
"5006:5006"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
archivebox = {
image = "docker.io/archivebox/archivebox:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/archivebox"
];
volumes = [
"/pool/services/podman/archivebox:/data"
];
ports = [
"8002:8000"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
bazarr = {
image = "lscr.io/linuxserver/bazarr:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/bazarr:/config"
"/pool/media/video/movies:/movies"
"/pool/media/video/tv:/tv"
];
ports = [
"6767:6767"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
ddclient = {
image = "lscr.io/linuxserver/ddclient:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/ddclient:/config"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
eclipse-mosquitto = {
image = "docker.io/eclipse-mosquitto:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/eclipse-mosquitto:/mosquitto"
];
ports = [
"1883:1883"
"9001:9001"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
freshrss = {
image = "lscr.io/linuxserver/freshrss:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/freshrss:/config"
];
ports = [
"8555:80"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
frigate = {
image = "ghcr.io/blakeblackshear/frigate:stable";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
devices = [ "nvidia.com/gpu=all" ];
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/frigate"
];
volumes = [
"/etc/localtime:/etc/localtime:ro"
"/pool/services/podman/frigate:/config"
"/pool/services/cctv:/media/frigate"
];
ports = [
"5005:5000"
"5001:8971"
"1935:1935"
"8554:8554"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
gitea = {
image = "docker.gitea.com/gitea:1.23.7";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/gitea"
];
volumes = [
"/pool/services/podman/gitea:/data"
];
ports = [
"3001:3000"
"222:22"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
gitea-anubis = {
image = "ghcr.io/techarohq/anubis:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/anubis-default" #WHY DOES THIS NOT WORK????
"/pool/services/secrets/anubis-nginx"
];
environment = {
DIFFICULTY = "4";
SERVE_ROBOTS_TXT = "true";
POLICY_FNAME = "/data/cfg/botPolicy.json";
OG_PASSTHROUGH = "true";
OG_EXPIRY_TIME = "24h";
BIND = ":3002";
METRICS_BIND = ":9090";
TARGET = "http://192.168.0.30:3001";
};
volumes = [
"/pool/services/podman/anubis/botPolicy.json:/data/cfg/botPolicy.json:ro"
];
ports = [
"3002:3002"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
home-assistant = {
image = "ghcr.io/home-assistant/home-assistant:stable";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/etc/localtime:/etc/localtime:ro"
"/pool/services/podman/homeassistant:/config"
];
ports = [
"8123:8123"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
immich-db = {
image = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/immich"
];
volumes = [
"/pool/services/podman/immich/db:/var/lib/postgresql/data:z"
];
ports = [
"5433:5432"
];
userNS = "keep-id";
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
immich-machine-learning = {
image = "ghcr.io/immich-app/immich-machine-learning:release-cuda";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/immich"
];
volumes = [
"/pool/services/podman/immich/cache:/cache"
];
ports = [
"3003:3003"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
immich-redis = {
image = "registry.hub.docker.com/library/redis:6.2-alpine";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/immich"
];
ports = [
"6379:6379"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
immich-server = {
image = "ghcr.io/immich-app/immich-server:release";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/immich"
];
volumes = [
"/pool/services/immich:/usr/src/app/upload"
"/etc/localtime:/etc/localtime:ro"
];
ports = [
"2283:2283"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
jellyfin = {
image = "docker.io/jellyfin/jellyfin:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
devices = [ "nvidia.com/gpu=all" ];
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/jellyfin:/config"
"/pool/media/video/movies:/movies"
"/pool/media/video/tv:/tv"
"/pool/media/audio/music/flac:/music"
"/pool/media/video/family:/family"
"/pool/media/video/livetv:/livetv"
];
ports = [
"8096:8096"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
jellyseerr = {
image = "ghcr.io/fallenbagel/jellyseerr";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/jellyseerr:/app/config"
];
ports = [
"5055:5055"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
joplin = {
image = "docker.io/joplin/server:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/joplin"
];
ports = [
"22300:22300"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
joplin-db = {
image = "docker.io/postgres:15";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/joplin"
];
volumes = [
"/pool/services/podman/joplin-db:/var/lib/postgresql/data"
];
ports = [
"5432:5432"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
kiwix = {
image = "ghcr.io/kiwix/kiwix-serve:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
exec = "*.zim";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/media/kiwix:/data"
];
ports = [
"8088:8080"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
lidarr = {
image = "lscr.io/linuxserver/lidarr:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/lidarr:/config"
"/pool/media/audio/music/flac:/music"
"/pool/media/torrents:/downloads"
];
ports = [
"8686:8686"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
metube = {
image = "ghcr.io/alexta69/metube:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/media/youtube-dl:/downloads"
"/pool/media/audio/music/flac:/music"
];
ports = [
"8081:8081"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
nginx = {
image = "docker.io/nginx:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/nginx"
];
volumes = [
"/pool/services/podman/nginx/nginx.conf:/etc/nginx/nginx.conf:ro"
"/pool/services/podman/nginx/html:/usr/share/nginx/html"
];
ports = [
"888:80"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
nginx-anubis = {
image = "ghcr.io/techarohq/anubis:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/anubis-default" #WHY DOES THIS NOT WORK????
"/pool/services/secrets/anubis-nginx"
];
environment = {
DIFFICULTY = "4";
SERVE_ROBOTS_TXT = "true";
POLICY_FNAME = "/data/cfg/botPolicy.json";
OG_PASSTHROUGH = "true";
OG_EXPIRY_TIME = "24h";
BIND = ":8881";
METRICS_BIND = ":9090";
TARGET = "http://192.168.0.30:888";
};
volumes = [
"/pool/services/podman/anubis/botPolicy.json:/data/cfg/botPolicy.json:ro"
];
ports = [
"8881:8881"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
nginx-proxy-manager = {
image = "docker.io/jc21/nginx-proxy-manager:2.9.22";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/nginx-proxy-manager:/data"
"/pool/services/podman/letsencrypt:/etc/letsencrypt"
];
ports = [
"80:80"
"443:443"
"81:81"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
ntp = {
image = "docker.io/cturra/ntp";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
ports = [
"123:123/udp"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
ollama = {
image = "docker.io/ollama/ollama:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
devices = [ "nvidia.com/gpu=all" ];
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/ollama"
];
volumes = [
"/pool/services/podman/ollama:/root/.ollama"
];
ports = [
"11434:11434"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
open-webui = {
image = "ghcr.io/open-webui/open-webui:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/open-webui"
];
volumes = [
"/pool/services/podman/open-webui:/app/backend/data"
];
ports = [
"3000:8080"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
paperless-ngx = {
image = "ghcr.io/paperless-ngx/paperless-ngx:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/paperless-ngx"
];
volumes = [
"/pool/services/podman/paperless-ngx/data:/usr/src/paperless/data"
"/pool/services/podman/paperless-ngx/media:/usr/src/paperless/media"
"/pool/services/podman/paperless-ngx/export:/usr/src/paperless/export"
"/pool/data/scans:/usr/src/paperless/consume"
];
ports = [
"8010:8000"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
paperless-ngx-redis = {
image = "registry.hub.docker.com/library/redis:6.2-alpine";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
ports = [
"6380:6379"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
prowlarr = {
image = "lscr.io/linuxserver/prowlarr:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/prowlarr:/config"
];
ports = [
"9696:9696"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
radarr = {
image = "lscr.io/linuxserver/radarr:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/radarr:/config"
"/pool/media/video/movies:/movies"
"/pool/media/torrents:/downloads"
];
ports = [
"7878:7878"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
readarr = {
image = "lscr.io/linuxserver/readarr:develop";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/readarr:/config"
"/pool/media/books:/books"
"/pool/media/torrents:/downloads"
];
ports = [
"8787:8787"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
rutorrent = {
image = "docker.io/crazymax/rtorrent-rutorrent:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/rutorrent/passwd:/passwd"
"/pool/services/podman/rutorrent/data:/data"
"/pool/media/torrents:/downloads"
];
ports = [
"8888:8080"
"5000:8000"
"50000:50000"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
searxng = {
image = "docker.io/searxng/searxng:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/searxng:/etc/searxng"
];
ports = [
"8880:8080"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
sonarr = {
image = "lscr.io/linuxserver/sonarr:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/sonarr:/config"
"/pool/media/video/tv:/tv"
"/pool/media/torrents:/downloads"
];
ports = [
"8989:8989"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
tandoor = {
image = "docker.io/vabene1111/recipes";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/tandoor"
];
volumes = [
"/pool/services/podman/tandoor/staticfiles:/opt/recipes/staticfiles"
"/pool/services/podman/tandoor/mediafiles:/opt/recipes/mediafiles"
];
ports = [
"9092:8080"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
tandoor-db = {
image = "docker.io/postgres:16-alpine";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/tandoor"
];
volumes = [
"/pool/services/podman/tandoor/db:/var/lib/postgresql/data"
];
ports = [
"5434:5432"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
thelounge = {
image = "lscr.io/linuxserver/thelounge:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/thelounge:/config"
];
ports = [
"9000:9000"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
vaultwarden = {
image = "docker.io/vaultwarden/server:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/vaultwarden"
];
volumes = [
"/pool/services/podman/vaultwarden:/data/"
];
ports = [
"8000:80"
"3012:3012"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
webdav = {
image = "docker.io/bytemark/webdav:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/webdav"
];
volumes = [
"/pool/services/webdav:/var/lib/dav"
];
ports = [
"8009:80"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
wireguard = {
image = "lscr.io/linuxserver/wireguard:latest";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
addCapabilities = [
"NET_RAW"
"NET_ADMIN"
"SYS_MODULE"
];
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/wireguard"
];
volumes = [
"/pool/services/podman/wireguard:/config"
#"/lib/modules:/lib/modules"
];
ports = [
"51820:51820/udp"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
zigbee2mqtt = {
image = "docker.io/koenkk/zigbee2mqtt";
autoStart = true;
autoUpdate = "registry";
network = "bridge";
devices = [ "/dev/ttyACM0:/dev/ttyACM0" ];
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/zigbee2mqtt:/app/data"
];
ports = [
"8808:8080"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
};
# Don't touch
home.stateVersion = "24.11";
}
Reference in New Issue View Git Blame Copy Permalink