From 46f4a0ee483ddea9d2cc03b115ef39d547371583 Mon Sep 17 00:00:00 2001 From: Tigor Hutasuhut Date: Thu, 13 Jun 2024 00:50:38 +0700 Subject: [PATCH] finally resovled container options --- options/docker.nix | 1 + options/podman.nix | 1 + profiles/homeserver.nix | 13 ++++++---- system/default.nix | 2 +- system/docker/default.nix | 1 + system/docker/kavita.nix | 32 +++++++++++++++++++++++++ system/modules/cockpit.nix | 3 +++ system/podman/caddy.nix | 4 ---- system/podman/default.nix | 2 ++ system/podman/kavita.nix | 49 ++++++++++++++++++++++++++++++++++++++ 10 files changed, 98 insertions(+), 10 deletions(-) create mode 100644 system/docker/kavita.nix create mode 100644 system/podman/kavita.nix diff --git a/options/docker.nix b/options/docker.nix index 4af3501..f622f35 100644 --- a/options/docker.nix +++ b/options/docker.nix @@ -6,5 +6,6 @@ type = lib.types.bool; default = true; }; + kavita.enable = lib.mkEnableOption "kavita docker"; }; } diff --git a/options/podman.nix b/options/podman.nix index 2a7b63c..4357c32 100644 --- a/options/podman.nix +++ b/options/podman.nix @@ -6,5 +6,6 @@ type = lib.types.bool; default = true; }; + kavita.enable = lib.mkEnableOption "kavita docker"; }; } diff --git a/profiles/homeserver.nix b/profiles/homeserver.nix index c7977ca..0f0c529 100644 --- a/profiles/homeserver.nix +++ b/profiles/homeserver.nix @@ -17,17 +17,20 @@ audio.enable = false; security.sudo.wheelNeedsPassword = false; - podman = { - enable = false; - }; openssh.enable = true; go.enable = true; networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ 80 443 ]; - cockpit.enable = false; + cockpit.enable = true; docker = { + enable = false; + caddy.enable = false; + kavita.enable = false; + }; + podman = { enable = true; - caddy.enable = true; + caddy.enable = false; + kavita.enable = true; }; }; } diff --git a/system/default.nix b/system/default.nix index 7820218..0b17684 100644 --- a/system/default.nix +++ b/system/default.nix @@ -4,7 +4,7 @@ profile-path hardware-configuration ./modules - # ./podman + ./podman ./docker ./programs.nix ./user.nix diff --git a/system/docker/default.nix b/system/docker/default.nix index 1686952..e695c3d 100644 --- a/system/docker/default.nix +++ b/system/docker/default.nix @@ -11,5 +11,6 @@ in imports = [ ./caddy.nix + ./kavita.nix ]; } diff --git a/system/docker/kavita.nix b/system/docker/kavita.nix new file mode 100644 index 0000000..3f6eb9a --- /dev/null +++ b/system/docker/kavita.nix @@ -0,0 +1,32 @@ +{ config, lib, ... }: +let + user = config.profile.user; + docker = config.profile.docker; + volume = "/nas/kavita"; + image = "lscr.io/linuxserver/kavita:latest"; + gid = toString user.gid; + uid = toString user.uid; +in +{ + config = lib.mkIf (docker.enable && docker.kavita.enable) { + system.activationScripts.docker-kavita = '' + mkdir -p ${volume} + chown -R ${user.name}:${gid} ${volume} + ''; + + virtualisation.oci-containers.containers.kavita = { + inherit image; + environment = { + PUID = uid; + PGID = gid; + TZ = "Asia/Jakarta"; + }; + ports = [ "5000:5000" ]; + autoStart = true; + volumes = [ + "${volume}/config:/config" + "${volume}/library:/library" + ]; + }; + }; +} diff --git a/system/modules/cockpit.nix b/system/modules/cockpit.nix index 07c06bd..c3e8e93 100644 --- a/system/modules/cockpit.nix +++ b/system/modules/cockpit.nix @@ -7,6 +7,9 @@ in environment.systemPackages = lib.mkIf config.profile.podman.enable [ (pkgs.callPackage ../packages/cockpit-podman.nix { }) ]; + services.caddy.virtualHosts."cockpit.tigor.web.id".extraConfig = '' + reverse_proxy 0.0.0.0:9090 + ''; services.udisks2.enable = true; services.cockpit = { enable = true; diff --git a/system/podman/caddy.nix b/system/podman/caddy.nix index 6423583..14214b3 100644 --- a/system/podman/caddy.nix +++ b/system/podman/caddy.nix @@ -31,10 +31,6 @@ in extraOptions = [ "--network=caddy" ]; - labels = { - "caddy" = "cockpit.tigor.web.id"; - "caddy.reverse_proxy" = "hosts.container.internal:9090"; - }; }; }; }; diff --git a/system/podman/default.nix b/system/podman/default.nix index 8e9b51e..4a13c1d 100644 --- a/system/podman/default.nix +++ b/system/podman/default.nix @@ -4,6 +4,7 @@ let in { config = lib.mkIf cfg.enable { + services.caddy.enable = true; environment.systemPackages = with pkgs; [ dive # look into docker image layers podman-tui # status of containers in the terminal @@ -28,5 +29,6 @@ in imports = [ ./caddy.nix + ./kavita.nix ]; } diff --git a/system/podman/kavita.nix b/system/podman/kavita.nix new file mode 100644 index 0000000..7d604dd --- /dev/null +++ b/system/podman/kavita.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, ... }: +let + user = config.profile.user; + podman = config.profile.podman; + volume = "/nas/kavita"; + image = "lscr.io/linuxserver/kavita:latest"; + gid = toString user.gid; + uid = toString user.uid; + gateway = "10.1.1.1"; + subnet = "10.1.1.0/24"; + ip = "10.1.1.3"; + ip-range = "10.1.1.3/25"; +in +{ + config = lib.mkIf (podman.enable && podman.kavita.enable) { + services.caddy.virtualHosts."kavita.tigor.web.id".extraConfig = '' + reverse_proxy ${ip}:5000 + ''; + + systemd.services.create-kavita-network = with config.virtualisation.oci-containers; { + serviceConfig.Type = "oneshot"; + wantedBy = [ "${backend}-kavita.service" ]; + script = ''${pkgs.podman}/bin/podman network exists kavita || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} kavita''; + }; + + system.activationScripts.docker-kavita = '' + mkdir -p ${volume} + chown -R ${user.name}:${gid} ${volume} + ''; + + virtualisation.oci-containers.containers.kavita = { + inherit image; + environment = { + PUID = uid; + PGID = gid; + TZ = "Asia/Jakarta"; + }; + extraOptions = [ + "--network=kavita" + "--ip=${ip}" + ]; + autoStart = true; + volumes = [ + "${volume}/config:/config" + "${volume}/library:/library" + ]; + }; + }; +}