ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use localhost DB and enable VPN confinement for youtarr DB

Browse source
This commit is contained in:
Joshua Bell 2026-02-02 11:10:59 -06:00
parent 8b564750ef
commit c4d4ddecbc
1 changed files with 7 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

13
hosts/h001/mods/youtarr.nix
View file

@ -27,7 +27,7 @@ in
environment = { environment = {
PUID = toString uid; PUID = toString uid;
PGID = toString gid; PGID = toString gid;
DB_HOST = "192.168.15.1"; DB_HOST = "127.0.0.1";
DB_PORT = toString dbPort; DB_PORT = toString dbPort;
DB_USER = "root"; DB_USER = "root";
DB_PASSWORD = "123qweasd"; DB_PASSWORD = "123qweasd";
@ -72,21 +72,22 @@ in
"d '${mediaDir}' 0775 ${name} ${name} - -" "d '${mediaDir}' 0775 ${name} ${name} - -"
]; ];
# Use Nixarr vpn # Both containers run in the VPN namespace so they share localhost
systemd.services.podman-youtarr.vpnconfinement = { systemd.services.podman-youtarr.vpnconfinement = {
enable = true; enable = true;
vpnnamespace = "wg"; vpnnamespace = "wg";
}; };
systemd.services.podman-youtarr-db.vpnconfinement = {
enable = true;
vpnnamespace = "wg";
};
vpnNamespaces.wg.portMappings = [ vpnNamespaces.wg.portMappings = [
{ {
from = port; from = port;
to = port; to = port;
} }
{
from = dbPort;
to = dbPort;
}
]; ];
services.nginx = { services.nginx = {