From f6498b3177e04f14bc5318b0cd71f79b3653fb60 Mon Sep 17 00:00:00 2001 From: soraefir Date: Mon, 18 May 2026 21:50:52 +0200 Subject: [PATCH] fixes --- modules/server/containers/apps/handbrake.nix | 38 ++++--------------- .../server/containers/apps/homeassistant.nix | 3 -- .../server/containers/apps/transmission.nix | 1 - modules/server/containers/builder.nix | 4 +- 4 files changed, 11 insertions(+), 35 deletions(-) diff --git a/modules/server/containers/apps/handbrake.nix b/modules/server/containers/apps/handbrake.nix index 0b811c5..c0fc46d 100644 --- a/modules/server/containers/apps/handbrake.nix +++ b/modules/server/containers/apps/handbrake.nix @@ -1,20 +1,8 @@ { config, containerCfg, pkgs, lib, builder, name,... }: let serverCfg = config.syscfg.server; - image = pkgs.dockerTools.streamLayeredImage { - name = pkgs.handbrake.name; - tag = pkgs.handbrake.version; - #contents = [ pkgs.coreutils ]; - - config = { - Entrypoint = [ "${pkgs.handbrake}/bin/HandBrakeCLI" ]; - WorkingDir = "/storage"; - Env = [ "PATH=${lib.makeBinPath [ pkgs.handbrake ]}"]; - }; - }; + version = "latest"; in { - sops = false; # Enabled to manage potential API keys or secure paths - db = false; paths = [{ path = "${serverCfg.configPath}/handbrake/config"; @@ -27,32 +15,22 @@ in { containers = { server = builder.mkContainer { subdomain = containerCfg.subdomain; - imageStream = image; + image = "ghcr.io/jlesage/handbrake:${version}"; port = 5800; extraEnv = { - TZ = "UTC"; USER_ID = "1000"; GROUP_ID = "1000"; - AUTOMATED_CONVERSION_PRESET = "Very Fast 1080p30"; - AUTOMATED_CONVERSION_FORMAT = "mp4"; - AUTOMATED_CONVERSION_OUTPUT_DIR = "/output"; - AUTOMATED_CONVERSION_WATCH_DIR = "AUTO"; - AUTOMATED_CONVERSION_KEEP_SOURCE = "1"; - AUTOMATED_CONVERSION_OVERWRITE_OUTPUT = "0"; - AUTOMATED_CONVERSION_VIDEO_FILE_EXTENSIONS = ""; - AUTOMATED_CONVERSION_NON_VIDEO_FILE_ACTION = "ignore"; - AUTOMATED_CONVERSION_NON_VIDEO_FILE_EXTENSIONS = "jpg jpeg bmp png gif txt nfo"; - AUTOMATED_CONVERSION_MAX_WATCH_FOLDERS = "5"; - AUTOMATED_CONVERSION_CHECK_INTERVAL = "5"; - AUTOMATED_CONVERSION_HANDBRAKE_CUSTOM_ARGS = ""; - AUTOMATED_CONVERSION_NO_GUI_PROGRESS = "0"; - AUTOMATED_CONVERSION_USE_TRASH = "0"; - HANDBRAKE_GUI = "1"; + AUTOMATED_CONVERSION_PRESET = "Custom/AV1 MKV 1080p30"; + AUTOMATED_CONVERSION_FORMAT = "mkv"; + AUTOMATED_CONVERSION_OUTPUT_SUBDIR = "SAME_AS_SRC"; }; extraLabels = { } // (if serverCfg.containers ? authentik then { "traefik.http.routers.${containerCfg.subdomain}.middlewares" = "authentik"; } else {}); + extraOptions = [ + "--tmpfs=/tmp:rw,noexec,nosuid,size=512m" + ]; overrides = { volumes = [ diff --git a/modules/server/containers/apps/homeassistant.nix b/modules/server/containers/apps/homeassistant.nix index 567d4d9..cb10b36 100644 --- a/modules/server/containers/apps/homeassistant.nix +++ b/modules/server/containers/apps/homeassistant.nix @@ -18,9 +18,6 @@ in { image = "ghcr.io/home-assistant/home-assistant:${version}"; port = 8123; secret = name; - extraEnv = { - TZ = config.time.timeZone or "UTC"; - }; extraOptions = [ "--network=host" # Shares host IP: fixes timeouts & MDNS discovery "--cap-add=NET_ADMIN" # Grants administrative network rights to fix DHCP packets diff --git a/modules/server/containers/apps/transmission.nix b/modules/server/containers/apps/transmission.nix index 214d990..55f3474 100644 --- a/modules/server/containers/apps/transmission.nix +++ b/modules/server/containers/apps/transmission.nix @@ -37,7 +37,6 @@ in { extraEnv = { PUID = "1000"; PGID = "1000"; - TZ = "Europe/Zurich"; WHITELIST = "";# 127.0.0.1,::1,10.*"; # HOST_WHITELIST = "traefik-server,authentik-server,authentik-worker"; }; diff --git a/modules/server/containers/builder.nix b/modules/server/containers/builder.nix index a690b92..9f6858d 100644 --- a/modules/server/containers/builder.nix +++ b/modules/server/containers/builder.nix @@ -18,7 +18,9 @@ let imageFile = imageFile; environmentFiles = if secret!=null then [ config.sops.secrets."${lib.toUpper secret}".path ] else []; - environment = {} // extraEnv; + environment = { + TZ = config.time.timeZone; + } // extraEnv; labels = (if subdomain!=null then ({ "traefik.enable" = "true";