From 08344a4843d78aaf4267bd8c93cc4fa593789caf Mon Sep 17 00:00:00 2001 From: muon Date: Fri, 2 Jan 2026 19:24:15 +0000 Subject: [PATCH] Add seedbox --- hosts/muho/configuration.nix | 13 +- hosts/ports.nix | 11 +- modules/nixos/server/containers/default.nix | 18 +- modules/nixos/server/containers/seedbox.nix | 186 ++++++++++++++++++++ 4 files changed, 218 insertions(+), 10 deletions(-) create mode 100644 modules/nixos/server/containers/seedbox.nix diff --git a/hosts/muho/configuration.nix b/hosts/muho/configuration.nix index e4717a5..8e3315d 100644 --- a/hosts/muho/configuration.nix +++ b/hosts/muho/configuration.nix @@ -1,5 +1,11 @@ -{ config, lib, pkgs, inputs, system, ... }: -let +{ + config, + lib, + pkgs, + inputs, + system, + ... +}: let cfg = config.mods; keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKEio+Y5wBVD1wILaH2R3wV10FvVjiqy/4gGBWHOITTB muon@muon" @@ -8,7 +14,7 @@ let ]; in { # Hardware - imports = [ ./hardware-configuration.nix ../ports.nix ]; + imports = [./hardware-configuration.nix ../ports.nix]; # System mods.user.name = "muon"; @@ -45,6 +51,7 @@ in { mods.server.lemmy.enable = true; mods.server.audio.enable = true; mods.server.atuin.enable = true; + mods.server.seedbox.enable = true; mods.server.dash.enable = false; mods.server.nginx.ports.dash = 3009; diff --git a/hosts/ports.nix b/hosts/ports.nix index 9aa8b9e..04f26c8 100644 --- a/hosts/ports.nix +++ b/hosts/ports.nix @@ -1,8 +1,13 @@ -{ pkgs, lib, config, ... }: { +{ + pkgs, + lib, + config, + ... +}: { options.mods.server = with lib; { local.ports = mkOption { type = types.attrsOf (types.ints.u16); - default = { }; + default = {}; }; }; config = { @@ -19,6 +24,7 @@ ntfy = 3010; audio = 3011; atuin = 3012; + stream = 3013; search = 8081; videos = 8082; @@ -33,6 +39,7 @@ prowlarr = 5006; flaresolverr = 5007; torrent = 5008; + seedbox = 5009; }; }; } diff --git a/modules/nixos/server/containers/default.nix b/modules/nixos/server/containers/default.nix index 416150e..b211cba 100644 --- a/modules/nixos/server/containers/default.nix +++ b/modules/nixos/server/containers/default.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: { +{ + pkgs, + lib, + config, + ... +}: { options.mods.containers = { enable = lib.mkEnableOption { default = false; @@ -6,7 +11,10 @@ }; }; - imports = [ ./steam.nix ]; + imports = [ + ./steam.nix + ./seedbox.nix + ]; config = lib.mkIf config.mods.containers.enable { virtualisation.docker.enable = true; @@ -16,10 +24,10 @@ }; networking.nat = { enable = true; - internalInterfaces = [ "ve-+" ]; + internalInterfaces = ["ve-+"]; externalInterface = "enp0s31f6"; }; - networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; + networking.networkmanager.unmanaged = ["interface-name:ve-*"]; # networking = { # bridges.br0.interfaces = [ "enp0s31f6" ]; # Adjust interface accordingly @@ -45,6 +53,6 @@ # tcp = { enable = true; anonymousClients = { allowedIpRanges = ["127.0.0.1" "192.168.100.0/24"]; }; }; # }; - environment.systemPackages = with pkgs; [ xorg.xhost ]; + environment.systemPackages = with pkgs; [xorg.xhost]; }; } diff --git a/modules/nixos/server/containers/seedbox.nix b/modules/nixos/server/containers/seedbox.nix new file mode 100644 index 0000000..0bd0ed7 --- /dev/null +++ b/modules/nixos/server/containers/seedbox.nix @@ -0,0 +1,186 @@ +# Auto-generated by compose2nix. +{ + pkgs, + lib, + config, + ... +}: let + cfg = config.mods.server.seedbox; + port = config.mods.server.nginx.ports.stream; + backend-port = config.mods.server.local.ports.seedbox; +in + with lib; { + options.mods.server.seedbox = { + enable = mkEnableOption { + default = false; + description = "enables seedbox-lite containers"; + }; + }; + + config = mkIf cfg.enable { + # Runtime + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + dockerCompat = true; + }; + + # Enable container name DNS for all Podman networks. + networking.firewall.interfaces = let + matchAll = + if !config.networking.nftables.enable + then "podman+" + else "podman*"; + in { + "${matchAll}".allowedUDPPorts = [53]; + }; + + virtualisation.oci-containers.backend = "podman"; + + # Containers + virtualisation.oci-containers.containers."seedbox-backend" = { + image = "localhost/compose2nix/seedbox-backend"; + volumes = [ + "seedbox-lite_seedbox_cache:/app/cache:rw" + "seedbox-lite_seedbox_data:/app/data:rw" + ]; + ports = [ + "${backend-port}:3001/tcp" + ]; + log-driver = "journald"; + extraOptions = [ + "--network-alias=seedbox-backend" + "--network=seedbox-lite_seedbox-network" + ]; + }; + systemd.services."podman-seedbox-backend" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + }; + after = [ + "podman-network-seedbox-lite_seedbox-network.service" + "podman-volume-seedbox-lite_seedbox_cache.service" + "podman-volume-seedbox-lite_seedbox_data.service" + ]; + requires = [ + "podman-network-seedbox-lite_seedbox-network.service" + "podman-volume-seedbox-lite_seedbox_cache.service" + "podman-volume-seedbox-lite_seedbox_data.service" + ]; + partOf = [ + "podman-compose-seedbox-lite-root.target" + ]; + wantedBy = [ + "podman-compose-seedbox-lite-root.target" + ]; + }; + virtualisation.oci-containers.containers."seedbox-frontend" = { + image = "localhost/compose2nix/seedbox-frontend"; + ports = [ + "${port}:80/tcp" + ]; + dependsOn = [ + "seedbox-backend" + ]; + log-driver = "journald"; + extraOptions = [ + "--network-alias=seedbox-frontend" + "--network=seedbox-lite_seedbox-network" + ]; + }; + systemd.services."podman-seedbox-frontend" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + }; + after = [ + "podman-network-seedbox-lite_seedbox-network.service" + ]; + requires = [ + "podman-network-seedbox-lite_seedbox-network.service" + ]; + partOf = [ + "podman-compose-seedbox-lite-root.target" + ]; + wantedBy = [ + "podman-compose-seedbox-lite-root.target" + ]; + }; + + # Networks + systemd.services."podman-network-seedbox-lite_seedbox-network" = { + path = [pkgs.podman]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStop = "podman network rm -f seedbox-lite_seedbox-network"; + }; + script = '' + podman network inspect seedbox-lite_seedbox-network || podman network create seedbox-lite_seedbox-network --driver=bridge + ''; + partOf = ["podman-compose-seedbox-lite-root.target"]; + wantedBy = ["podman-compose-seedbox-lite-root.target"]; + }; + + # Volumes + systemd.services."podman-volume-seedbox-lite_seedbox_cache" = { + path = [pkgs.podman]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect seedbox-lite_seedbox_cache || podman volume create seedbox-lite_seedbox_cache --driver=local + ''; + partOf = ["podman-compose-seedbox-lite-root.target"]; + wantedBy = ["podman-compose-seedbox-lite-root.target"]; + }; + systemd.services."podman-volume-seedbox-lite_seedbox_data" = { + path = [pkgs.podman]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect seedbox-lite_seedbox_data || podman volume create seedbox-lite_seedbox_data --driver=local + ''; + partOf = ["podman-compose-seedbox-lite-root.target"]; + wantedBy = ["podman-compose-seedbox-lite-root.target"]; + }; + + # Builds + systemd.services."podman-build-seedbox-backend" = { + path = [pkgs.podman pkgs.git]; + serviceConfig = { + Type = "oneshot"; + TimeoutSec = 300; + }; + script = '' + cd /home/muon/projects/seedbox-lite/server + podman build -t compose2nix/seedbox-backend . + ''; + }; + systemd.services."podman-build-seedbox-frontend" = { + path = [pkgs.podman pkgs.git]; + serviceConfig = { + Type = "oneshot"; + TimeoutSec = 300; + }; + script = '' + cd /tmp + git clone https://github.com/hotheadhacker/seedbox-lite.git + cd seedbox-lite/client + podman build -t compose2nix/seedbox-frontend --build-arg VITE_API_BASE_URL=http://localhost:${backend-port} . + ''; + }; + + # Root service + # When started, this will automatically create all resources and start + # the containers. When stopped, this will teardown all resources. + systemd.targets."podman-compose-seedbox-lite-root" = { + unitConfig = { + Description = "Root target generated by compose2nix."; + }; + wantedBy = ["multi-user.target"]; + }; + }; + }