homserver: enabled docker and disabled podman
This commit is contained in:
parent
22399a23b3
commit
2a3c822b56
|
|
@ -1,11 +1,11 @@
|
|||
{ lib, ... }:
|
||||
let
|
||||
inherit (lib) mkEnableOption;
|
||||
in
|
||||
{
|
||||
options.profile.docker = {
|
||||
enable = lib.mkEnableOption "docker";
|
||||
caddy.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
};
|
||||
caddy.enable = mkEnableOption "caddy docker";
|
||||
kavita.enable = lib.mkEnableOption "kavita docker";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,10 @@
|
|||
networking.firewall.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
podman = {
|
||||
enable = false;
|
||||
};
|
||||
|
||||
docker = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,10 @@
|
|||
runner_token: ENC[AES256_GCM,data:OA1qGIY46bNcjHDms3XZhpa40J9WRexNXsnK0Lm1WWIUbvKOCp6GG2v2599ysQ==,iv:ftNbVJYJR+2UozxMLcYZh5HH+O1KRMvUAKQc9/UAunI=,tag:F++kseVO3yD3jt6+vVTJ5Q==,type:str]
|
||||
forgejo:
|
||||
runners:
|
||||
global: ENC[AES256_GCM,data:LuYqYDMgaq+L94JL5tGTlOhm7x98jpb7n6o5jYVKdN/9Z/5LA10lmwdDDsBYuA==,iv:UkLz8qW/C2M2XomRz+Oc+d4LIioxyh2pPgBaiY6x4N8=,tag:k0xRH8+gMoM4DbITXn1SfA==,type:str]
|
||||
user_tokens:
|
||||
tigor:
|
||||
#ENC[AES256_GCM,data:5IEV/X4fpfydhdSw7LYOLMFZYqD/Kp96Zyp/YXnvFzVh8GluX4+9qGgsdWAsFgLlPXDRAi1ViA==,iv:v1OmczINHtT+AtdXMBjstmGejV62nhQ/T9aIoJG8DR8=,tag:b4Xg3ybhrxy70n/UB5D7nQ==,type:comment]
|
||||
push_docker_image_token: ENC[AES256_GCM,data:jMTz+c3IEcpqRkYLZyrUWLWLIw0AOdDk7LsIDvjCW3rKxTiOOmb1wg==,iv:OjZArNhCCKZkngGjYbCQVYJkQww9K5b4ehUXxsdOqdU=,tag:EViefKbS+II+MXWqLE7rKw==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -14,8 +20,8 @@ sops:
|
|||
NGg4aFJsSHNPdTcwQ2ZMdmJscm5iNzgKRLrTAenr9q3r1dGPEyuxNhsQp8+20rCk
|
||||
IKbsjenq/QTMQc+pMz/0oypVFUYNljmOfTWvvnjdJNsYHektNMkmNA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-06-13T12:44:00Z"
|
||||
mac: ENC[AES256_GCM,data:x8MHb/bcXqQHOUfLIOjnk1ivCs+ubLKm6L0gzrI3ZbLaQRieKvY2THSDjmyF2OAe5x9stjCY5ZOb7t3Y7EXG5sgiwvSwqcZKUY3k4SEkJtO6MJmLE39UGphHPZXQD4Jez+PWfrbZXf4lk9hsnW20wHZgePq+w6mW003uN88ZPzw=,iv:gOZJIXcT2GGTcxonKPtjxZewjFDHU0FW0xT8Sfzz10o=,tag:keHB371hNXD90rqgZjfeaw==,type:str]
|
||||
lastmodified: "2024-06-15T09:16:06Z"
|
||||
mac: ENC[AES256_GCM,data:583xIAMkXyVNEkGeM2LM7CLRsypeeJ6Fpt3HxNw7jVmB3PFB/KKwcyhw4UDjNM2xsIjgGMjuAGc3SBI7zubfy9YotrP6m+NOw+8lC9JZbBQIaHIOPTgpeUJLHGveNe2SEBYfbhCjQid+EAWW92oRddZoGyrh2OWq33FgRvTM00A=,iv:/6mZEm2jyJ1cxOQ1mUoGHu6oZjWGknllKYF9/uV80Ao=,tag:oCYlwgXZuin7uBUeRjnOlw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
sops.secrets."runner_token" = {
|
||||
sops.secrets."forgejo/runners/global" = {
|
||||
sopsFile = ../../secrets/forgejo.yaml;
|
||||
};
|
||||
|
||||
|
|
@ -42,8 +42,15 @@ in
|
|||
enable = true;
|
||||
name = config.networking.hostName;
|
||||
url = config.services.forgejo.settings.server.ROOT_URL;
|
||||
tokenFile = config.sops.secrets."runner_token".path;
|
||||
tokenFile = config.sops.secrets."forgejo/runners/global".path;
|
||||
settings = {
|
||||
runner = {
|
||||
capacity = 2;
|
||||
timeout = "1h";
|
||||
};
|
||||
cache = {
|
||||
enabled = true;
|
||||
};
|
||||
container = {
|
||||
privileged = true;
|
||||
# docker_host = "unix:///var/run/docker.sock";
|
||||
|
|
|
|||
Loading…
Reference in a new issue