{ config, pkgs, lib, ... }: let radarrPort = 7878; dataDir = "/var/lib/radarr"; downloadDir = "/downloads"; mediaDir = "/media"; radarrUserId = config.users.users.nix-apps.uid; radarrGroupId = config.users.groups.jallen-nas.gid; package = pkgs.radarr; in { containers.radarr = { autoStart = true; privateNetwork = true; hostAddress = "10.0.1.18"; localAddress = "10.0.1.51"; hostAddress6 = "fc00::1"; localAddress6 = "fc00::3"; config = { config, pkgs, lib, ... }: { # Enable radarr service services.radarr = { enable = true; user = "radarr"; group = "media"; dataDir = dataDir; package = package; }; # Create required users and groups users.users.radarr = { isSystemUser = true; uid = lib.mkForce radarrUserId; group = "media"; extraGroups = [ "downloads" ]; }; users.groups = { media = { gid = lib.mkForce radarrGroupId; }; downloads = {}; }; # System packages environment.systemPackages = with pkgs; [ sqlite mono mediainfo ]; # Create and set permissions for required directories system.activationScripts.radarr-dirs = '' mkdir -p ${dataDir} mkdir -p ${downloadDir} mkdir -p ${mediaDir} chown -R radarr:media ${dataDir} chown -R radarr:media ${downloadDir} chown -R radarr:media ${mediaDir} chmod -R 775 ${dataDir} chmod -R 775 ${downloadDir} chmod -R 775 ${mediaDir} ''; networking = { firewall = { enable = true; allowedTCPPorts = [ radarrPort ]; }; # Use systemd-resolved inside the container # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686 useHostResolvConf = lib.mkForce false; }; services.resolved.enable = true; system.stateVersion = "23.11"; }; # Bind mount directories from host bindMounts = { "/var/lib/radarr" = { hostPath = "/media/nas/ssd/nix-app-data/radarr"; isReadOnly = false; }; "/downloads" = { hostPath = "/media/nas/ssd/ssd_app_data/downloads"; isReadOnly = false; }; "/media" = { hostPath = "/media/nas/main/movies"; isReadOnly = false; }; }; }; networking.nat = { forwardPorts = [ { destination = "10.0.1.51:7878"; sourcePort = radarrPort; } ]; }; }