From 25b07c55bbb62d26fe7da3c8e5cbbf8c01cea07b Mon Sep 17 00:00:00 2001 From: Dmitriy Kholkin Date: Sun, 30 Jul 2023 03:30:14 +0300 Subject: [PATCH] update podman images --- machines/NixOS-VPS/services/authentik.nix | 2 +- profiles/servers/media-stack/default.nix | 4 +- profiles/servers/media-stack/jackett.nix | 2 +- profiles/servers/media-stack/jellyfin.nix | 2 +- profiles/servers/media-stack/kavita.nix | 4 +- profiles/servers/media-stack/lidarr.nix | 43 +++----------------- profiles/servers/media-stack/medusa.nix | 5 +-- profiles/servers/media-stack/qbittorrent.nix | 2 +- profiles/servers/media-stack/radarr.nix | 2 +- profiles/servers/media-stack/recyclarr.nix | 2 +- profiles/servers/media-stack/sonarr.nix | 2 +- profiles/servers/seafile.nix | 36 ++++++++++------ 12 files changed, 40 insertions(+), 66 deletions(-) diff --git a/machines/NixOS-VPS/services/authentik.nix b/machines/NixOS-VPS/services/authentik.nix index 2ef7acb..63739ba 100644 --- a/machines/NixOS-VPS/services/authentik.nix +++ b/machines/NixOS-VPS/services/authentik.nix @@ -10,7 +10,7 @@ let "127.0.0.1:389:3389/tcp" "127.0.0.1:636:6636/tcp" ]; owner = "1000"; - authentik-version = "2023.5.4"; + authentik-version = "2023.6.1"; in { services.nginx.virtualHosts."auth.ataraxiadev.com" = { forceSSL = true; diff --git a/profiles/servers/media-stack/default.nix b/profiles/servers/media-stack/default.nix index cbb93e3..8499e62 100644 --- a/profiles/servers/media-stack/default.nix +++ b/profiles/servers/media-stack/default.nix @@ -28,7 +28,7 @@ in { || podman pod create -n ${pod-name} ${portsMapping} --dns ${pod-dns} exit 0 ''; - in rec { + in { path = [ pkgs.coreutils config.virtualisation.podman.package ]; before = [ "${backend}-media-caddy.service" @@ -43,8 +43,6 @@ in { "${backend}-recyclarr.service" "${backend}-sonarr.service" ]; - requiredBy = before; - partOf = before; serviceConfig = { Type = "oneshot"; RemainAfterExit = "yes"; diff --git a/profiles/servers/media-stack/jackett.nix b/profiles/servers/media-stack/jackett.nix index 52b1232..f607ff6 100644 --- a/profiles/servers/media-stack/jackett.nix +++ b/profiles/servers/media-stack/jackett.nix @@ -12,7 +12,7 @@ in { TZ = "Europe/Moscow"; }; extraOptions = [ "--pod=media-stack" ]; - image = "cr.hotio.dev/hotio/jackett:release-0.20.3546"; + image = "cr.hotio.dev/hotio/jackett:release-0.21.541"; volumes = [ "${nas-path}/configs/jackett:/config" ]; diff --git a/profiles/servers/media-stack/jellyfin.nix b/profiles/servers/media-stack/jellyfin.nix index c33abfd..3bc4219 100644 --- a/profiles/servers/media-stack/jellyfin.nix +++ b/profiles/servers/media-stack/jellyfin.nix @@ -8,7 +8,7 @@ let in { virtualisation.oci-containers.containers.jellyfin = { autoStart = true; - image = "lscr.io/linuxserver/jellyfin:10.8.10"; + image = "lscr.io/linuxserver/jellyfin:version-10.8.10-1"; environment = { PUID = "1000"; PGID = "100"; diff --git a/profiles/servers/media-stack/kavita.nix b/profiles/servers/media-stack/kavita.nix index d82679e..86d0427 100644 --- a/profiles/servers/media-stack/kavita.nix +++ b/profiles/servers/media-stack/kavita.nix @@ -8,7 +8,7 @@ in { virtualisation.oci-containers.containers = { kavita = { autoStart = true; - image = "docker.io/ataraxiadev/kavita:latest"; + image = "docker.io/kizaing/kavita:0.7.5"; environment = { PUID = "1000"; PGID = "100"; @@ -24,7 +24,7 @@ in { }; kavitaemail = { autoStart = true; - image = "docker.io/kizaing/kavitaemail:latest"; + image = "docker.io/kizaing/kavitaemail:0.1.20"; environment = { SMTP_HOST = "https://mail.ataraxiadev.com"; SMTP_PORT = "587"; diff --git a/profiles/servers/media-stack/lidarr.nix b/profiles/servers/media-stack/lidarr.nix index 3e55953..66eb095 100644 --- a/profiles/servers/media-stack/lidarr.nix +++ b/profiles/servers/media-stack/lidarr.nix @@ -9,46 +9,15 @@ in { PUID = "1000"; PGID = "100"; TZ = "Europe/Moscow"; - scriptInterval = "15m"; - enableAudioScript = "true"; - enableVideoScript = "false"; - # enableVideoScript = "true"; - # videoDownloadTag = "video"; - configureLidarrWithOptimalSettings = "true"; - searchSort = "date"; - audioFormat = "native"; - audioBitrate = "lossless"; - requireQuality = "true"; - enableReplaygainTags = "true"; - audioLyricType = "both"; - # dlClientSource = "both"; - dlClientSource = "tidal"; - # arlToken = "Token_Goes_Here"; - tidalCountryCode = "AR"; - addDeezerTopArtists = "false"; - addDeezerTopAlbumArtists = "false"; - addDeezerTopTrackArtists = "false"; - topLimit = "10"; - addRelatedArtists = "false"; - numberOfRelatedArtistsToAddPerArtist = "5"; - lidarrSearchForMissing = "true"; - addFeaturedVideoArtists = "false"; - youtubeSubtitleLanguage = "en,ru"; - # webHook = ""; - enableQueueCleaner = "true"; - matchDistance = "5"; - enableBeetsTagging = "true"; - beetsMatchPercentage = "90"; - retryNotFound = "90"; }; extraOptions = [ "--pod=media-stack" ]; - image = "docker.io/randomninjaatk/lidarr-extended:latest"; + image = "docker.io/linuxserver/lidarr:version-1.2.6.3313"; volumes = [ - "${nas-path}/configs/lidarr:/config" - "${nas-path}/torrents/music:/downloads" - "${nas-path}/torrents/lidarr-extended-downloads:/downloads-lidarr-extended" - "${nas-path}/media/music:/music" - "${nas-path}/media/music-videos:/music-videos" + "${nas-path}/configs/lidarr/config:/config" + "${nas-path}/configs/lidarr/custom-services.d:/custom-services.d" + "${nas-path}/configs/lidarr/custom-cont-init.d:/custom-cont-init.d" + "${nas-path}:/data" + # "${extended-config}:/config/extended.conf:ro" ]; }; } diff --git a/profiles/servers/media-stack/medusa.nix b/profiles/servers/media-stack/medusa.nix index 704dce0..06296d5 100644 --- a/profiles/servers/media-stack/medusa.nix +++ b/profiles/servers/media-stack/medusa.nix @@ -5,7 +5,7 @@ let in { virtualisation.oci-containers.containers.medusa = { autoStart = true; - image = "docker.io/pymedusa/medusa"; + image = "docker.io/linuxserver/medusa:version-v1.0.17"; environment = { PUID = "1000"; PGID = "100"; @@ -14,12 +14,9 @@ in { # HTTPS_PROXY = "http://192.168.0.6:8888"; }; extraOptions = [ "--pod=media-stack" ]; - # ports = [ "127.0.0.1:8081:8081/tcp" ]; volumes = [ "${nas-path}/configs/medusa:/config" "${nas-path}:/data" - # "${nas-path}/torrents:/downloads" - # "${nas-path}/media/anime:/tv" ]; }; } \ No newline at end of file diff --git a/profiles/servers/media-stack/qbittorrent.nix b/profiles/servers/media-stack/qbittorrent.nix index 420a4c4..0fd74cd 100644 --- a/profiles/servers/media-stack/qbittorrent.nix +++ b/profiles/servers/media-stack/qbittorrent.nix @@ -5,7 +5,7 @@ let in { virtualisation.oci-containers.containers.qbittorrent = { autoStart = true; - image = "cr.hotio.dev/hotio/qbittorrent:release-4.5.2"; + image = "cr.hotio.dev/hotio/qbittorrent:release-4.5.4"; environment = { PUID = "1000"; PGID = "100"; diff --git a/profiles/servers/media-stack/radarr.nix b/profiles/servers/media-stack/radarr.nix index f775176..0c31c77 100644 --- a/profiles/servers/media-stack/radarr.nix +++ b/profiles/servers/media-stack/radarr.nix @@ -14,7 +14,7 @@ in { HTTPS_PROXY = "http://192.168.0.6:8888"; }; extraOptions = [ "--pod=media-stack" ]; - image = "cr.hotio.dev/hotio/radarr:release-4.3.2.6857"; + image = "cr.hotio.dev/hotio/radarr:testing-4.7.2.7686"; volumes = [ "${nas-path}/configs/radarr:/config" "${nas-path}:/data" diff --git a/profiles/servers/media-stack/recyclarr.nix b/profiles/servers/media-stack/recyclarr.nix index 7fefccc..9663e09 100644 --- a/profiles/servers/media-stack/recyclarr.nix +++ b/profiles/servers/media-stack/recyclarr.nix @@ -10,7 +10,7 @@ in { TZ = "Europe/Moscow"; }; extraOptions = [ "--pod=media-stack" ]; - image = "ghcr.io/recyclarr/recyclarr:4.3.0"; + image = "ghcr.io/recyclarr/recyclarr:5.1.1"; volumes = [ "${nas-path}/configs/recyclarr:/config" ]; diff --git a/profiles/servers/media-stack/sonarr.nix b/profiles/servers/media-stack/sonarr.nix index dd075fc..197ee7a 100644 --- a/profiles/servers/media-stack/sonarr.nix +++ b/profiles/servers/media-stack/sonarr.nix @@ -12,7 +12,7 @@ in { TZ = "Europe/Moscow"; }; extraOptions = [ "--pod=media-stack" ]; - image = "cr.hotio.dev/hotio/sonarr:v4-4.0.0.397"; + image = "cr.hotio.dev/hotio/sonarr:v4-4.0.0.578"; volumes = [ "${nas-path}/configs/sonarr:/config" "${nas-path}:/data" diff --git a/profiles/servers/seafile.nix b/profiles/servers/seafile.nix index a80b442..186ec73 100644 --- a/profiles/servers/seafile.nix +++ b/profiles/servers/seafile.nix @@ -4,6 +4,10 @@ let nas-path = "/media/nas/seafile"; pod-name = "seafile"; open-ports = [ "127.0.0.1:8088:80" ]; + seafile-ver = "10.0.1"; + mariadb-ver = "10.11.4"; + memcached-ver = "1.6.21"; + caddy-ver = "1.1.0"; seahub-media-caddyfile = pkgs.writeText "Caddyfile" '' { admin off @@ -25,20 +29,27 @@ let lb_policy header X-Forwarded-For trusted_proxies private_ranges } - handle_path /seafhttp* { - uri strip_prefix seafhttp - reverse_proxy seafile-server:8082 { - trusted_proxies private_ranges - } - } reverse_proxy /seafdav* seafile-server:8080 { header_up Destination https:// http:// trusted_proxies private_ranges } + handle_path /seafhttp* { + uri strip_prefix seafhttp + reverse_proxy seafile-server:8082 { + trusted_proxies private_ranges + } + } + handle_path /notification* { + uri strip_prefix notification + reverse_proxy seafile-server:8083 { + trusted_proxies private_ranges + } + } reverse_proxy /media/* seahub-media:8098 { lb_policy header X-Forwarded-For trusted_proxies private_ranges } + rewrite /accounts/login* /oauth/login/? } ''; in { @@ -59,7 +70,7 @@ in { config.secrets.seafile-db-pass.decrypted ]; extraOptions = [ "--pod=seafile" ]; - image = "docker.io/ggogel/seafile-server:9.0.10"; + image = "docker.io/ggogel/seafile-server:${seafile-ver}"; volumes = [ "${nas-path}/server-data:/shared" ]; }; @@ -74,9 +85,8 @@ in { ]; extraOptions = [ "--pod=seafile" - # "--add-host=auth.ataraxiadev:192.168.0.10" ]; - image = "docker.io/ggogel/seahub:9.0.10"; + image = "docker.io/ggogel/seahub:${seafile-ver}"; volumes = [ "${nas-path}/server-data:/shared" ]; @@ -86,7 +96,7 @@ in { autoStart = true; dependsOn = [ "seafile-caddy" ]; extraOptions = [ "--pod=seafile" ]; - image = "docker.io/ggogel/seahub-media:9.0.10"; + image = "docker.io/ggogel/seahub-media:${seafile-ver}"; volumes = [ "${seahub-media-caddyfile}:/etc/caddy/Caddyfile" "${nas-path}/server-data/seafile/seahub-data/avatars:/usr/share/caddy/media/avatars" @@ -103,7 +113,7 @@ in { config.secrets.seafile-db-pass.decrypted ]; extraOptions = [ "--pod=seafile" ]; - image = "docker.io/mariadb:10.7.8"; + image = "docker.io/mariadb:${mariadb-ver}"; volumes = [ "${nas-path}/db:/var/lib/mysql" ]; @@ -113,13 +123,13 @@ in { autoStart = true; cmd = [ "memcached" "-m 256" ]; extraOptions = [ "--pod=seafile" ]; - image = "docker.io/memcached:1.6.18"; + image = "docker.io/memcached:${memcached-ver}"; }; virtualisation.oci-containers.containers.seafile-caddy = { autoStart = true; extraOptions = [ "--pod=seafile" ]; - image = "docker.io/ggogel/seafile-caddy:1.0.8"; + image = "docker.io/ggogel/seafile-caddy:${caddy-ver}"; volumes = [ "${seafile-caddy-caddyfile}:/etc/caddy/Caddyfile" ]; };