sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

Fix builder

Browse Source
This commit is contained in:
soraefir
2026-05-06 23:39:28 +02:00
parent 3caf507905
commit 1f2cc94a0a
3 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
modules/server/containers/builder.nix
View File

@@ -1,5 +1,6 @@
{ config, lib, serverCfg }:
let builder =
let
builder =
{ image, secret ? ""
, subdomain ? "", ip ? "", port ? 0
, extraEnv ? { }, extraLabels ? { }
@@ -27,4 +28,7 @@ let builder =
] ++ lib.optional (ip != "") "--ip=${ip}";
};
in lib.recursiveUpdate base overrides;
in builder // { host = "host.containers.internal"; }
in {
mkContainer = builder;
host = "host.containers.internal";
}

4
modules/server/containers/default.nix
View File

@@ -1,10 +1,10 @@
{ config, pkgs, lib, ... }:
let
serverCfg = config.syscfg.server.containers;
mkContainer = import ./builder.nix { inherit config lib serverCfg; };
builder = import ./builder.nix { inherit config lib serverCfg; };
enabledConfigs = lib.filterAttrs (name: c: c.enable) serverCfg;
containerSetsList = lib.mapAttrsToList (name: containerCfg:
let defs = import (./defs + "/${name}.nix") {inherit config pkgs lib containerCfg mkContainer;};
let defs = import (./defs + "/${name}.nix") {inherit config pkgs lib containerCfg builder;};
in{
containers = lib.mapAttrs' (cName: cValue:
lib.nameValuePair "${name}-${cName}" cValue

14
modules/server/containers/defs/authentik.nix
View File

@@ -1,4 +1,4 @@
{ config, containerCfg, pkgs, lib, mkContainer, ... }:
{ config, containerCfg, pkgs, lib, builder, ... }:
let
serverCfg = config.syscfg.server;
in {
@@ -14,15 +14,15 @@ in {
containers = {
server = mkContainer {
server = builder.mkContainer {
subdomain = "sso";
image = "ghcr.io/goauthentik/server:latest";
port = containerCfg.port;
ip = containerCfg.ip;
secret = "authentik";
extraEnv = {
"AUTHENTIK_REDIS__HOST" = mkContainer.host;
"AUTHENTIK_POSTGRESQL__HOST" = mkContainer.host;
"AUTHENTIK_REDIS__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__USER" = "authentik_user";
"AUTHENTIK_POSTGRESQL__NAME" = "authentik_db";
"AUTHENTIK_EMAIL__HOST" = serverCfg.mailDomain;
@@ -44,15 +44,15 @@ in {
};
};
worker = mkContainer {
worker = builder.mkContainer {
subdomain = "sso";
image = "ghcr.io/goauthentik/server:latest";
port = containerCfg.port;
ip = containerCfg.ip;
secret = "authentik";
extraEnv = {
"AUTHENTIK_REDIS__HOST" = mkContainer.host;
"AUTHENTIK_POSTGRESQL__HOST" = mkContainer.host;
"AUTHENTIK_REDIS__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__USER" = "authentik_user";
"AUTHENTIK_POSTGRESQL__NAME" = "authentik_db";
};