tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

podman: moved container networks to default created podman network

Browse source
This commit is contained in:
Tigor Hutasuhut 2024-06-18 19:38:41 +07:00
parent 1524174930
commit f5fb7b9081
4 changed files with 18 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
system/podman/default.nix
View file

@ -34,12 +34,12 @@ in
# Taken IP-Range Subnets # Taken IP-Range Subnets
# #
# 10.1.1.0-3 -> Pihole # 10.88.1.1 -> Pihole
# 10.1.1.4-7 -> ytptube # 10.88.0.4 -> ytptube
# 10.1.1.8-11 -> Suwayomi # 10.88.0.5 -> Suwayomi
# 10.1.1.12-15 -> Suwayomi # 10.88.0.6 -> Suwayomi Flaresolverr
# 10.1.1.16-19 -> Redmage # 10.88.0.2 -> Redmage
# 10.1.1.20-23 -> Redmage Demo # 10.88.0.3 -> Redmage Demo
imports = [ imports = [
./caddy.nix ./caddy.nix
./pihole.nix ./pihole.nix

22
system/podman/pihole.nix
View file

@ -1,13 +1,10 @@
{ config, lib, pkgs, ... }: { config, lib, ... }:
let let
name = "pihole"; name = "pihole";
podman = config.profile.podman; podman = config.profile.podman;
pihole = podman.pihole; pihole = podman.pihole;
inherit (lib) mkIf strings attrsets; inherit (lib) mkIf attrsets;
gateway = "10.1.1.1"; ip = "10.88.1.1";
subnet = "10.1.1.0/30";
ip = "10.1.1.2";
ip-range = "10.1.1.2/30";
image = "pihole/pihole:latest"; image = "pihole/pihole:latest";
piholeDNSIPBind = "192.168.100.3"; piholeDNSIPBind = "192.168.100.3";
in in
@ -25,16 +22,6 @@ in
networking.nameservers = [ piholeDNSIPBind ]; networking.nameservers = [ piholeDNSIPBind ];
systemd.services."create-${name}-network" = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
wantedBy = [ "podman-${name}.service" ];
script = ''${pkgs.podman}/bin/podman network exists ${name} || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} ${name}'';
};
# We have refresh the custom.list dns list when caddy virtual hosts changes, # We have refresh the custom.list dns list when caddy virtual hosts changes,
# the easiest way to do so is to restart the pihole container. # the easiest way to do so is to restart the pihole container.
# #
@ -63,6 +50,7 @@ in
}; };
virtualisation.oci-containers.containers.${name} = { virtualisation.oci-containers.containers.${name} = {
inherit image; inherit image;
hostname = name;
environment = { environment = {
TZ = "Asia/Jakarta"; TZ = "Asia/Jakarta";
PIHOLE_DNS_ = "192.168.100.5"; PIHOLE_DNS_ = "192.168.100.5";
@ -87,7 +75,7 @@ in
]; ];
extraOptions = [ extraOptions = [
"--ip=${ip}" "--ip=${ip}"
"--network=${name}" "--network=podman"
"--cap-add=NET_ADMIN" "--cap-add=NET_ADMIN"
"--cap-add=NET_BIND_SERVICE" "--cap-add=NET_BIND_SERVICE"
"--cap-add=NET_RAW" "--cap-add=NET_RAW"

22
system/podman/suwayomi.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, ... }:
let let
name = "suwayomi"; name = "suwayomi";
name-flaresolverr = "${name}-flaresolverr"; name-flaresolverr = "${name}-flaresolverr";
@ -6,11 +6,8 @@ let
podman = config.profile.podman; podman = config.profile.podman;
suwayomi = podman.suwayomi; suwayomi = podman.suwayomi;
inherit (lib) mkIf; inherit (lib) mkIf;
subnet = "10.1.1.8/29"; ip = "10.88.0.5";
gateway = "10.1.1.9"; ip-flaresolverr = "10.88.0.6";
ip = "10.1.1.10";
ip-flaresolverr = "10.1.1.11";
ip-range = "10.1.1.10/29";
image = "ghcr.io/suwayomi/tachidesk:latest"; image = "ghcr.io/suwayomi/tachidesk:latest";
image-flaresolverr = "ghcr.io/flaresolverr/flaresolverr:latest"; image-flaresolverr = "ghcr.io/flaresolverr/flaresolverr:latest";
volume = "/nas/podman/suwayomi"; volume = "/nas/podman/suwayomi";
@ -24,15 +21,6 @@ in
reverse_proxy ${ip}:4567 reverse_proxy ${ip}:4567
''; '';
systemd.services."create-${name}-network" = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
wantedBy = [ "podman-${name}.service" ];
script = ''${pkgs.podman}/bin/podman network exists ${name} || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} ${name}'';
};
system.activationScripts."podman-${name}" = '' system.activationScripts."podman-${name}" = ''
mkdir -p ${volume} mkdir -p ${volume}
chown -R ${uid}:${gid} ${volume} chown -R ${uid}:${gid} ${volume}
@ -61,7 +49,7 @@ in
]; ];
extraOptions = [ extraOptions = [
"--ip=${ip}" "--ip=${ip}"
"--network=${name}" "--network=podman"
]; ];
dependsOn = [ "${name}-flaresolverr" ]; dependsOn = [ "${name}-flaresolverr" ];
}; };
@ -74,7 +62,7 @@ in
}; };
extraOptions = [ extraOptions = [
"--ip=${ip-flaresolverr}" "--ip=${ip-flaresolverr}"
"--network=${name}" "--network=podman"
]; ];
}; };
}; };

18
system/podman/ytptube.nix
View file

@ -3,10 +3,7 @@ let
name = "ytptube"; name = "ytptube";
podman = config.profile.podman; podman = config.profile.podman;
inherit (lib) mkIf; inherit (lib) mkIf;
gateway = "10.1.1.5"; ip = "10.88.0.4";
subnet = "10.1.1.4/30";
ip = "10.1.1.6";
ip-range = "10.1.1.6/30";
image = "ghcr.io/arabcoders/${name}:latest"; image = "ghcr.io/arabcoders/${name}:latest";
volume = "/nas/mediaserver/${name}"; volume = "/nas/mediaserver/${name}";
domain = "${name}.tigor.web.id"; domain = "${name}.tigor.web.id";
@ -19,17 +16,6 @@ in
services.caddy.virtualHosts.${domain}.extraConfig = '' services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:8081 reverse_proxy ${ip}:8081
''; '';
systemd.services."create-${name}-network" = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
wantedBy = [ "podman-${name}.service" ];
script = ''${pkgs.podman}/bin/podman network exists ${name} || ${pkgs.podman}/bin/podman network create --gateway=${gateway} --subnet=${subnet} --ip-range=${ip-range} ${name}'';
};
system.activationScripts."podman-${name}" = '' system.activationScripts."podman-${name}" = ''
mkdir -p ${volume} mkdir -p ${volume}
chown -R ${uid}:${gid} ${volume} chown -R ${uid}:${gid} ${volume}
@ -87,7 +73,7 @@ in
]; ];
extraOptions = [ extraOptions = [
"--ip=${ip}" "--ip=${ip}"
"--network=${name}" "--network=podman"
]; ];
}; };
}; };