NixOS/system/podman/default.nix

{ config, lib, pkgs, ... }:
let
  cfg = config.profile.podman;
  username = config.profile.user.name;
in
{
  config = lib.mkIf cfg.enable {
    users.users.${username}.extraGroups = [ "podman" ];
    # services.caddy.enable = true;
    environment.systemPackages = with pkgs; [
      dive # look into docker image layers
      podman-tui # status of containers in the terminal
    ];

    systemd.timers."podman-auto-update" = {
      enable = true;
      wantedBy = [ "multi-user.target" ];
    };
    virtualisation.containers.enable = true;
    virtualisation.oci-containers.backend = "podman";
    virtualisation.podman = {
      enable = true;
      dockerSocket.enable = true;
      autoPrune.enable = true; # Default weekly
      dockerCompat = true;
      defaultNetwork.settings.dns_enabled = true;
    };
    # https://madison-technologies.com/take-your-nixos-container-config-and-shove-it/
    networking.firewall.interfaces."podman[0-9]+" = {
      allowedUDPPorts = [ 53 ]; # this needs to be there so that containers can look eachother's names up over DNS
    };
  };


  # Taken IP-Range Subnets
  #
  # 10.88.0.2 -> Redmage
  # 10.88.0.3 -> Redmage Demo
  # 10.88.0.4 -> ytptube
  # 10.88.0.5 -> Suwayomi
  # 10.88.0.6 -> Suwayomi Flaresolverr
  # 10.88.1.1 -> Pihole
  imports = [
    ./memos.nix
    ./minecraft.nix
    ./morphos.nix
    ./openobserve.nix
    ./pihole.nix
    ./qbittorrent.nix
    ./redmage-demo.nix
    ./redmage.nix
    ./servarr
    ./soulseek.nix
    ./suwayomi.nix
    ./ytptube.nix
  ];
}
prepare for homeserver profile 2024-06-12 18:09:56 +07:00			`{ config, lib, pkgs, ... }:`
			`let`
			`cfg = config.profile.podman;`
system: user groups are now only set if the corresponding module is enabled 2024-06-15 16:45:52 +07:00			`username = config.profile.user.name;`
prepare for homeserver profile 2024-06-12 18:09:56 +07:00			`in`
			`{`
			`config = lib.mkIf cfg.enable {`
system: user groups are now only set if the corresponding module is enabled 2024-06-15 16:45:52 +07:00			`users.users.${username}.extraGroups = [ "podman" ];`
caddy: moved reverse proxy config to secrets 2024-06-13 14:04:10 +07:00			`# services.caddy.enable = true;`
prepare for homeserver profile 2024-06-12 18:09:56 +07:00			`environment.systemPackages = with pkgs; [`
			`dive # look into docker image layers`
			`podman-tui # status of containers in the terminal`
			`];`

podman: auto update timer now force started on boot 2024-06-18 00:15:06 +07:00			`systemd.timers."podman-auto-update" = {`
			`enable = true;`
			`wantedBy = [ "multi-user.target" ];`
			`};`
update podman config 2024-06-12 22:56:21 +07:00			`virtualisation.containers.enable = true;`
			`virtualisation.oci-containers.backend = "podman";`
prepare for homeserver profile 2024-06-12 18:09:56 +07:00			`virtualisation.podman = {`
			`enable = true;`
			`dockerSocket.enable = true;`
			`autoPrune.enable = true; # Default weekly`
			`dockerCompat = true;`
update podman config 2024-06-12 22:56:21 +07:00			`defaultNetwork.settings.dns_enabled = true;`
			`};`
			`# https://madison-technologies.com/take-your-nixos-container-config-and-shove-it/`
system: user groups are now only set if the corresponding module is enabled 2024-06-15 16:45:52 +07:00			`networking.firewall.interfaces."podman[0-9]+" = {`
update podman config 2024-06-12 22:56:21 +07:00			`allowedUDPPorts = [ 53 ]; # this needs to be there so that containers can look eachother's names up over DNS`
prepare for homeserver profile 2024-06-12 18:09:56 +07:00			`};`
			`};`
update podman config 2024-06-12 22:56:21 +07:00

podman: removed kavita config 2024-06-17 19:57:53 +07:00			`# Taken IP-Range Subnets`
			`#`
chore: sort assigned podman ip 2024-06-18 19:39:41 +07:00			`# 10.88.0.2 -> Redmage`
			`# 10.88.0.3 -> Redmage Demo`
podman: moved container networks to default created podman network 2024-06-18 19:38:41 +07:00			`# 10.88.0.4 -> ytptube`
			`# 10.88.0.5 -> Suwayomi`
			`# 10.88.0.6 -> Suwayomi Flaresolverr`
chore: sort assigned podman ip 2024-06-18 19:39:41 +07:00			`# 10.88.1.1 -> Pihole`
update podman config 2024-06-12 22:56:21 +07:00			`imports = [`
homeserver: added memos podman service 2024-07-28 22:18:27 +07:00			`./memos.nix`
minecraft: added minecraft server podman service 2024-07-20 18:46:31 +07:00			`./minecraft.nix`
podman: added podman morphos service 2024-08-09 22:10:25 +07:00			`./morphos.nix`
podman: added openobserve podman service 2024-07-15 15:16:53 +07:00			`./openobserve.nix`
pihole: enabled and combined with stubby 2024-06-17 01:06:03 +07:00			`./pihole.nix`
podman: assign hostsnames to containers 2024-06-18 21:00:43 +07:00			`./qbittorrent.nix`
podman: removed caddy entry 2024-06-18 20:09:42 +07:00			`./redmage-demo.nix`
			`./redmage.nix`
podman: added openobserve podman service 2024-07-15 15:16:53 +07:00			`./servarr`
server: added soulseek podman and navidrome services 2024-08-20 21:32:35 +07:00			`./soulseek.nix`
suwayomi: added config 2024-06-17 19:54:36 +07:00			`./suwayomi.nix`
added ytptube podman service. web interface for youtube-dl 2024-06-17 21:49:20 +07:00			`./ytptube.nix`
update podman config 2024-06-12 22:56:21 +07:00			`];`
prepare for homeserver profile 2024-06-12 18:09:56 +07:00			`}`