From f5fb7b90810ee3d46423ce993192ce278ae4099f Mon Sep 17 00:00:00 2001 From: Tigor Hutasuhut Date: Tue, 18 Jun 2024 19:38:41 +0700 Subject: [PATCH] podman: moved container networks to default created podman network --- system/podman/default.nix | 12 ++++++------ system/podman/pihole.nix | 22 +++++----------------- system/podman/suwayomi.nix | 22 +++++----------------- system/podman/ytptube.nix | 18 ++---------------- 4 files changed, 18 insertions(+), 56 deletions(-) diff --git a/system/podman/default.nix b/system/podman/default.nix index 15f9cb3..1dc6fd1 100644 --- a/system/podman/default.nix +++ b/system/podman/default.nix @@ -34,12 +34,12 @@ in # Taken IP-Range Subnets # - # 10.1.1.0-3 -> Pihole - # 10.1.1.4-7 -> ytptube - # 10.1.1.8-11 -> Suwayomi - # 10.1.1.12-15 -> Suwayomi - # 10.1.1.16-19 -> Redmage - # 10.1.1.20-23 -> Redmage Demo + # 10.88.1.1 -> Pihole + # 10.88.0.4 -> ytptube + # 10.88.0.5 -> Suwayomi + # 10.88.0.6 -> Suwayomi Flaresolverr + # 10.88.0.2 -> Redmage + # 10.88.0.3 -> Redmage Demo imports = [ ./caddy.nix ./pihole.nix diff --git a/system/podman/pihole.nix b/system/podman/pihole.nix index ac29181..55ffbb3 100644 --- a/system/podman/pihole.nix +++ b/system/podman/pihole.nix @@ -1,13 +1,10 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let name = "pihole"; podman = config.profile.podman; pihole = podman.pihole; - inherit (lib) mkIf strings attrsets; - gateway = "10.1.1.1"; - subnet = "10.1.1.0/30"; - ip = "10.1.1.2"; - ip-range = "10.1.1.2/30"; + inherit (lib) mkIf attrsets; + ip = "10.88.1.1"; image = "pihole/pihole:latest"; piholeDNSIPBind = "192.168.100.3"; in @@ -25,16 +22,6 @@ in networking.nameservers = [ piholeDNSIPBind ]; - - systemd.services."create-${name}-network" = { - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - wantedBy = [ "podman-${name}.service" ]; - script = ''${pkgs.podman}/bin/podman network exists ${name} || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} ${name}''; - }; - # We have refresh the custom.list dns list when caddy virtual hosts changes, # the easiest way to do so is to restart the pihole container. # @@ -63,6 +50,7 @@ in }; virtualisation.oci-containers.containers.${name} = { inherit image; + hostname = name; environment = { TZ = "Asia/Jakarta"; PIHOLE_DNS_ = "192.168.100.5"; @@ -87,7 +75,7 @@ in ]; extraOptions = [ "--ip=${ip}" - "--network=${name}" + "--network=podman" "--cap-add=NET_ADMIN" "--cap-add=NET_BIND_SERVICE" "--cap-add=NET_RAW" diff --git a/system/podman/suwayomi.nix b/system/podman/suwayomi.nix index 6d8a8ed..d1bd7bf 100644 --- a/system/podman/suwayomi.nix +++ b/system/podman/suwayomi.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: let name = "suwayomi"; name-flaresolverr = "${name}-flaresolverr"; @@ -6,11 +6,8 @@ let podman = config.profile.podman; suwayomi = podman.suwayomi; inherit (lib) mkIf; - subnet = "10.1.1.8/29"; - gateway = "10.1.1.9"; - ip = "10.1.1.10"; - ip-flaresolverr = "10.1.1.11"; - ip-range = "10.1.1.10/29"; + ip = "10.88.0.5"; + ip-flaresolverr = "10.88.0.6"; image = "ghcr.io/suwayomi/tachidesk:latest"; image-flaresolverr = "ghcr.io/flaresolverr/flaresolverr:latest"; volume = "/nas/podman/suwayomi"; @@ -24,15 +21,6 @@ in reverse_proxy ${ip}:4567 ''; - systemd.services."create-${name}-network" = { - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - wantedBy = [ "podman-${name}.service" ]; - script = ''${pkgs.podman}/bin/podman network exists ${name} || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} ${name}''; - }; - system.activationScripts."podman-${name}" = '' mkdir -p ${volume} chown -R ${uid}:${gid} ${volume} @@ -61,7 +49,7 @@ in ]; extraOptions = [ "--ip=${ip}" - "--network=${name}" + "--network=podman" ]; dependsOn = [ "${name}-flaresolverr" ]; }; @@ -74,7 +62,7 @@ in }; extraOptions = [ "--ip=${ip-flaresolverr}" - "--network=${name}" + "--network=podman" ]; }; }; diff --git a/system/podman/ytptube.nix b/system/podman/ytptube.nix index 3da75b5..b2b02a0 100644 --- a/system/podman/ytptube.nix +++ b/system/podman/ytptube.nix @@ -3,10 +3,7 @@ let name = "ytptube"; podman = config.profile.podman; inherit (lib) mkIf; - gateway = "10.1.1.5"; - subnet = "10.1.1.4/30"; - ip = "10.1.1.6"; - ip-range = "10.1.1.6/30"; + ip = "10.88.0.4"; image = "ghcr.io/arabcoders/${name}:latest"; volume = "/nas/mediaserver/${name}"; domain = "${name}.tigor.web.id"; @@ -19,17 +16,6 @@ in services.caddy.virtualHosts.${domain}.extraConfig = '' reverse_proxy ${ip}:8081 ''; - - systemd.services."create-${name}-network" = { - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - wantedBy = [ "podman-${name}.service" ]; - script = ''${pkgs.podman}/bin/podman network exists ${name} || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} ${name}''; - }; - - system.activationScripts."podman-${name}" = '' mkdir -p ${volume} chown -R ${uid}:${gid} ${volume} @@ -87,7 +73,7 @@ in ]; extraOptions = [ "--ip=${ip}" - "--network=${name}" + "--network=podman" ]; }; };