nixos-config/modules/nixos/containers/filestash.nix

{ config, lib, ... }:
let
  inherit (lib)
    mkEnableOption
    mkIf
    mkOption
    recursiveUpdate
    ;
  inherit (lib.types) bool;
  inherit (config.virtualisation.quadlet) networks;

  cfg = config.ataraxia.containers.filestash;
  nginx = config.ataraxia.services.nginx;
  nas-path = "/media/nas/media-stack";
  domain = "files.ataraxiadev.com";
  port = "8334";
in
{
  options.ataraxia.containers.filestash = {
    enable = mkEnableOption "Enable filestash container";
    nginxHost = mkOption {
      type = bool;
      default = config.ataraxia.services.nginx.enable;
      description = "Enable nginx vHost integration";
    };
  };

  config = mkIf cfg.enable {
    virtualisation.quadlet.containers.filestash = {
      autoStart = true;
      containerConfig = {
        environments = {
          PUID = "1000";
          PGID = "100";
          UMASK = "002";
          TZ = "Europe/Moscow";
          APPLICATION_URL = domain;
          CANARY = "true";
        };
        # Tags: latest
        image = "docker.io/machines/filestash@sha256:923c3399768fada3424bb6f3bc01521dad30e9a7a840cfb2eba3610b6acafffe";
        networks = [ networks.br-services.ref ];
        publishPorts = [ "127.0.0.1:${port}:${port}/tcp" ];
        volumes = [
          "${nas-path}/configs/filestash:/app/data/state"
          "${nas-path}:/mnt"
        ];
      };
    };

    services.nginx.virtualHosts = mkIf cfg.nginxHost {
      ${domain} = recursiveUpdate nginx.defaultSettings {
        locations."/" = {
          proxyPass = "http://127.0.0.1:${port}";
          proxyWebsockets = true;
          extraConfig = ''
            allow 127.0.0.1/32;
            allow 100.64.0.0/16;
            allow 10.10.10.0/24;
            allow fd7a:115c:a1e0::/64;
            deny all;
            proxy_busy_buffers_size 1024k;
            proxy_buffers 32 1024k;
            proxy_buffer_size 1024k;
            proxy_read_timeout 86400;
          '';
        };
      };
    };
  };
}
feat: add filestash container 2025-07-08 20:14:14 +03:00			`{ config, lib, ... }:`
			`let`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00			`inherit (lib)`
			`mkEnableOption`
			`mkIf`
			`mkOption`
			`recursiveUpdate`
			`;`
			`inherit (lib.types) bool;`
fix: nixos-vm and test quadlet container 2025-07-08 22:25:13 +03:00			`inherit (config.virtualisation.quadlet) networks;`
feat: add filestash container 2025-07-08 20:14:14 +03:00
			`cfg = config.ataraxia.containers.filestash;`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00			`nginx = config.ataraxia.services.nginx;`
feat: add filestash container 2025-07-08 20:14:14 +03:00			`nas-path = "/media/nas/media-stack";`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00			`domain = "files.ataraxiadev.com";`
			`port = "8334";`
feat: add filestash container 2025-07-08 20:14:14 +03:00			`in`
			`{`
			`options.ataraxia.containers.filestash = {`
			`enable = mkEnableOption "Enable filestash container";`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00			`nginxHost = mkOption {`
			`type = bool;`
			`default = config.ataraxia.services.nginx.enable;`
			`description = "Enable nginx vHost integration";`
			`};`
feat: add filestash container 2025-07-08 20:14:14 +03:00			`};`

			`config = mkIf cfg.enable {`
fix: nixos-vm and test quadlet container 2025-07-08 22:25:13 +03:00			`virtualisation.quadlet.containers.filestash = {`
feat: add filestash container 2025-07-08 20:14:14 +03:00			`autoStart = true;`
fix: nixos-vm and test quadlet container 2025-07-08 22:25:13 +03:00			`containerConfig = {`
			`environments = {`
			`PUID = "1000";`
			`PGID = "100";`
			`UMASK = "002";`
			`TZ = "Europe/Moscow";`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00			`APPLICATION_URL = domain;`
fix: nixos-vm and test quadlet container 2025-07-08 22:25:13 +03:00			`CANARY = "true";`
			`};`
			`# Tags: latest`
			`image = "docker.io/machines/filestash@sha256:923c3399768fada3424bb6f3bc01521dad30e9a7a840cfb2eba3610b6acafffe";`
			`networks = [ networks.br-services.ref ];`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00			`publishPorts = [ "127.0.0.1:${port}:${port}/tcp" ];`
fix: nixos-vm and test quadlet container 2025-07-08 22:25:13 +03:00			`volumes = [`
			`"${nas-path}/configs/filestash:/app/data/state"`
			`"${nas-path}:/mnt"`
			`];`
feat: add filestash container 2025-07-08 20:14:14 +03:00			`};`
			`};`
feat: add nginx integration to some services 2025-07-10 18:36:59 +03:00
			`services.nginx.virtualHosts = mkIf cfg.nginxHost {`
			`${domain} = recursiveUpdate nginx.defaultSettings {`
			`locations."/" = {`
			`proxyPass = "http://127.0.0.1:${port}";`
			`proxyWebsockets = true;`
			`extraConfig = ''`
			`allow 127.0.0.1/32;`
			`allow 100.64.0.0/16;`
			`allow 10.10.10.0/24;`
			`allow fd7a:115c:a1e0::/64;`
			`deny all;`
			`proxy_busy_buffers_size 1024k;`
			`proxy_buffers 32 1024k;`
			`proxy_buffer_size 1024k;`
			`proxy_read_timeout 86400;`
			`'';`
			`};`
			`};`
			`};`
feat: add filestash container 2025-07-08 20:14:14 +03:00			`};`
			`}`