finally resovled container options

2024-06-13 00:50:38 +07:00 · 2024-06-13 00:50:38 +07:00 · 46f4a0ee48
parent 544ea1236d
commit 46f4a0ee48
10 changed files with 98 additions and 10 deletions
--- a/options/docker.nix
+++ b/options/docker.nix
@ -6,5 +6,6 @@
      type = lib.types.bool;
      default = true;
    };
    kavita.enable = lib.mkEnableOption "kavita docker";
  };
 }
--- a/options/podman.nix
+++ b/options/podman.nix
@ -6,5 +6,6 @@
      type = lib.types.bool;
      default = true;
    };
    kavita.enable = lib.mkEnableOption "kavita docker";
  };
 }
--- a/profiles/homeserver.nix
+++ b/profiles/homeserver.nix
@ -17,17 +17,20 @@
    audio.enable = false;
    security.sudo.wheelNeedsPassword = false;
    podman = {
      enable = false;
    };
    openssh.enable = true;
    go.enable = true;
    networking.firewall.enable = true;
    networking.firewall.allowedTCPPorts = [ 80 443 ];
-    cockpit.enable = false;
+    cockpit.enable = true;
    docker = {
      enable = false;
      caddy.enable = false;
      kavita.enable = false;
    };
    podman = {
      enable = true;
-      caddy.enable = true;
+      caddy.enable = false;
      kavita.enable = true;
    };
  };
 }
--- a/system/default.nix
+++ b/system/default.nix
@ -4,7 +4,7 @@
    profile-path
    hardware-configuration
    ./modules
-    # ./podman
+    ./podman
    ./docker
    ./programs.nix
    ./user.nix
--- a/system/docker/default.nix
+++ b/system/docker/default.nix
@ -11,5 +11,6 @@ in
  imports = [
    ./caddy.nix
    ./kavita.nix
  ];
 }
--- a/system/docker/kavita.nix
+++ b/system/docker/kavita.nix
@ -0,0 +1,32 @@
 { config, lib, ... }:
 let
  user = config.profile.user;
  docker = config.profile.docker;
  volume = "/nas/kavita";
  image = "lscr.io/linuxserver/kavita:latest";
  gid = toString user.gid;
  uid = toString user.uid;
 in
 {
  config = lib.mkIf (docker.enable && docker.kavita.enable) {
    system.activationScripts.docker-kavita = ''
      mkdir -p ${volume}
      chown -R ${user.name}:${gid} ${volume}
    '';
    virtualisation.oci-containers.containers.kavita = {
      inherit image;
      environment = {
        PUID = uid;
        PGID = gid;
        TZ = "Asia/Jakarta";
      };
      ports = [ "5000:5000" ];
      autoStart = true;
      volumes = [
        "${volume}/config:/config"
        "${volume}/library:/library"
      ];
    };
  };
 }
--- a/system/modules/cockpit.nix
+++ b/system/modules/cockpit.nix
@ -7,6 +7,9 @@ in
    environment.systemPackages = lib.mkIf config.profile.podman.enable [
      (pkgs.callPackage ../packages/cockpit-podman.nix { })
    ];
    services.caddy.virtualHosts."cockpit.tigor.web.id".extraConfig = ''
      reverse_proxy 0.0.0.0:9090
    '';
    services.udisks2.enable = true;
    services.cockpit = {
      enable = true;
--- a/system/podman/caddy.nix
+++ b/system/podman/caddy.nix
@ -31,10 +31,6 @@ in
        extraOptions = [
          "--network=caddy"
        ];
        labels = {
          "caddy" = "cockpit.tigor.web.id";
          "caddy.reverse_proxy" = "hosts.container.internal:9090";
        };
      };
    };
  };
--- a/system/podman/default.nix
+++ b/system/podman/default.nix
@ -4,6 +4,7 @@ let
 in
 {
  config = lib.mkIf cfg.enable {
    services.caddy.enable = true;
    environment.systemPackages = with pkgs; [
      dive # look into docker image layers
      podman-tui # status of containers in the terminal
@ -28,5 +29,6 @@ in
  imports = [
    ./caddy.nix
    ./kavita.nix
  ];
 }
--- a/system/podman/kavita.nix
+++ b/system/podman/kavita.nix
@ -0,0 +1,49 @@
 { config, lib, pkgs, ... }:
 let
  user = config.profile.user;
  podman = config.profile.podman;
  volume = "/nas/kavita";
  image = "lscr.io/linuxserver/kavita:latest";
  gid = toString user.gid;
  uid = toString user.uid;
  gateway = "10.1.1.1";
  subnet = "10.1.1.0/24";
  ip = "10.1.1.3";
  ip-range = "10.1.1.3/25";
 in
 {
  config = lib.mkIf (podman.enable && podman.kavita.enable) {
    services.caddy.virtualHosts."kavita.tigor.web.id".extraConfig = ''
      reverse_proxy ${ip}:5000
    '';
    systemd.services.create-kavita-network = with config.virtualisation.oci-containers; {
      serviceConfig.Type = "oneshot";
      wantedBy = [ "${backend}-kavita.service" ];
      script = ''${pkgs.podman}/bin/podman network exists kavita || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} kavita'';
    };
    system.activationScripts.docker-kavita = ''
      mkdir -p ${volume}
      chown -R ${user.name}:${gid} ${volume}
    '';
    virtualisation.oci-containers.containers.kavita = {
      inherit image;
      environment = {
        PUID = uid;
        PGID = gid;
        TZ = "Asia/Jakarta";
      };
      extraOptions = [
        "--network=kavita"
        "--ip=${ip}"
      ];
      autoStart = true;
      volumes = [
        "${volume}/config:/config"
        "${volume}/library:/library"
      ];
    };
  };
 }