isponsorblocktv: deploy docker container

hosts/sodium.pop.ts.hillion.co.uk/default.nix

@@ -16,8 +16,6 @@
     boot.loader.efi.canTouchEfiVariables = true;
 
     custom.defaults = true;
-    custom.www.home.enable = true;
-    custom.www.iot.enable = true;
 
     ## Enable btrfs compression
     fileSystems."/data".options = [ "compress=zstd" ];
@@ -50,6 +48,9 @@
 
     ## Custom Services
     custom.locations.autoServe = true;
+    custom.www.home.enable = true;
+    custom.www.iot.enable = true;
+    custom.services.isponsorblocktv.enable = true;
 
     # Networking
     networking = {

modules/ids.nix

@@ -9,6 +9,7 @@
       gitea = 186;
       node-exporter = 188;
       step-ca = 198;
+      isponsorblocktv = 199;
 
       ## Consistent People
       jake = 1000;
@@ -21,6 +22,7 @@
       gitea = 186;
       node-exporter = 188;
       step-ca = 198;
+      isponsorblocktv = 199;
 
       ## Consistent Groups
       mediaaccess = 1200;

modules/impermanence.nix

@@ -62,6 +62,7 @@ in
           (lib.lists.optional config.services.tang.enable "/var/lib/private/tang") ++
           (lib.lists.optional config.services.caddy.enable "/var/lib/caddy") ++
           (lib.lists.optional config.services.prometheus.enable "/var/lib/${config.services.prometheus.stateDir}") ++
+          (lib.lists.optional config.custom.services.isponsorblocktv.enable "${config.custom.services.isponsorblocktv.dataDir}") ++
           (lib.lists.optional config.services.step-ca.enable "/var/lib/step-ca/db");
         };
       }

modules/services/default.nix

@@ -6,6 +6,7 @@
     ./downloads.nix
     ./gitea/default.nix
     ./homeassistant.nix
+    ./isponsorblocktv.nix
     ./mastodon/default.nix
     ./matrix.nix
     ./tang.nix

modules/services/isponsorblocktv.nix

@@ -0,0 +1,62 @@
+{ config, pkgs, lib, ... }:
+
+let
+  cfg = config.custom.services.isponsorblocktv;
+  ver = "v2.2.1";
+
+  ctl = pkgs.writeScriptBin "isponsorblocktv-config" ''
+    #! ${pkgs.runtimeShell}
+    set -e
+
+    sudo systemctl stop podman-isponsorblocktv
+
+    sudo ${pkgs.podman}/bin/podman run           \
+        --rm -it                                 \
+        --uidmap=0:${toString config.users.users.isponsorblocktv.uid}:1 \
+        --gidmap=0:${toString config.users.groups.isponsorblocktv.gid}:1 \
+        -v ${cfg.dataDir}:/app/data              \
+        ghcr.io/dmunozv04/isponsorblocktv:${ver} \
+        --setup-cli
+
+    sudo systemctl start podman-isponsorblocktv
+  '';
+in
+{
+  options.custom.services.isponsorblocktv = {
+    enable = lib.mkEnableOption "isponsorblocktv";
+
+    dataDir = lib.mkOption {
+      type = lib.types.str;
+      default = "/var/lib/isponsorblocktv";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = [ ctl ];
+
+    users.groups.isponsorblocktv = {
+      gid = config.ids.gids.isponsorblocktv;
+    };
+    users.users.isponsorblocktv = {
+      home = cfg.dataDir;
+      createHome = true;
+      isSystemUser = true;
+      group = "isponsorblocktv";
+      uid = config.ids.uids.isponsorblocktv;
+    };
+
+    virtualisation.oci-containers.containers.isponsorblocktv = {
+      image = "ghcr.io/dmunozv04/isponsorblocktv:${ver}";
+      extraOptions = [
+        "--uidmap=0:${toString config.users.users.isponsorblocktv.uid}:1"
+        "--gidmap=0:${toString config.users.groups.isponsorblocktv.gid}:1"
+      ];
+      volumes = [ "${cfg.dataDir}:/app/data" ];
+    };
+
+    systemd.tmpfiles.rules = [
+      "d ${cfg.dataDir} 0700 isponsorblocktv isponsorblocktv - -"
+    ];
+  };
+}
+