sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

Fix builder

Browse Source
This commit is contained in:
soraefir
2026-05-06 23:39:28 +02:00
parent 3caf507905
commit 1f2cc94a0a
3 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
modules/server/containers/builder.nix
View File

@@ -1,5 +1,6 @@
{ config, lib, serverCfg }: { config, lib, serverCfg }:
let builder = let
builder =
{ image, secret ? "" { image, secret ? ""
, subdomain ? "", ip ? "", port ? 0 , subdomain ? "", ip ? "", port ? 0
, extraEnv ? { }, extraLabels ? { } , extraEnv ? { }, extraLabels ? { }
@@ -27,4 +28,7 @@ let builder =
] ++ lib.optional (ip != "") "--ip=${ip}"; ] ++ lib.optional (ip != "") "--ip=${ip}";
}; };
in lib.recursiveUpdate base overrides; in lib.recursiveUpdate base overrides;
in builder // { host = "host.containers.internal"; } in {
mkContainer = builder;
host = "host.containers.internal";
}

4
modules/server/containers/default.nix
View File

@@ -1,10 +1,10 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
serverCfg = config.syscfg.server.containers; serverCfg = config.syscfg.server.containers;
mkContainer = import ./builder.nix { inherit config lib serverCfg; }; builder = import ./builder.nix { inherit config lib serverCfg; };
enabledConfigs = lib.filterAttrs (name: c: c.enable) serverCfg; enabledConfigs = lib.filterAttrs (name: c: c.enable) serverCfg;
containerSetsList = lib.mapAttrsToList (name: containerCfg: containerSetsList = lib.mapAttrsToList (name: containerCfg:
let defs = import (./defs + "/${name}.nix") {inherit config pkgs lib containerCfg mkContainer;}; let defs = import (./defs + "/${name}.nix") {inherit config pkgs lib containerCfg builder;};
in{ in{
containers = lib.mapAttrs' (cName: cValue: containers = lib.mapAttrs' (cName: cValue:
lib.nameValuePair "${name}-${cName}" cValue lib.nameValuePair "${name}-${cName}" cValue

14
modules/server/containers/defs/authentik.nix
View File

@@ -1,4 +1,4 @@
{ config, containerCfg, pkgs, lib, mkContainer, ... }: { config, containerCfg, pkgs, lib, builder, ... }:
let let
serverCfg = config.syscfg.server; serverCfg = config.syscfg.server;
in { in {
@@ -14,15 +14,15 @@ in {
containers = { containers = {
server = mkContainer { server = builder.mkContainer {
subdomain = "sso"; subdomain = "sso";
image = "ghcr.io/goauthentik/server:latest"; image = "ghcr.io/goauthentik/server:latest";
port = containerCfg.port; port = containerCfg.port;
ip = containerCfg.ip; ip = containerCfg.ip;
secret = "authentik"; secret = "authentik";
extraEnv = { extraEnv = {
"AUTHENTIK_REDIS__HOST" = mkContainer.host; "AUTHENTIK_REDIS__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__HOST" = mkContainer.host; "AUTHENTIK_POSTGRESQL__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__USER" = "authentik_user"; "AUTHENTIK_POSTGRESQL__USER" = "authentik_user";
"AUTHENTIK_POSTGRESQL__NAME" = "authentik_db"; "AUTHENTIK_POSTGRESQL__NAME" = "authentik_db";
"AUTHENTIK_EMAIL__HOST" = serverCfg.mailDomain; "AUTHENTIK_EMAIL__HOST" = serverCfg.mailDomain;
@@ -44,15 +44,15 @@ in {
}; };
}; };
worker = mkContainer { worker = builder.mkContainer {
subdomain = "sso"; subdomain = "sso";
image = "ghcr.io/goauthentik/server:latest"; image = "ghcr.io/goauthentik/server:latest";
port = containerCfg.port; port = containerCfg.port;
ip = containerCfg.ip; ip = containerCfg.ip;
secret = "authentik"; secret = "authentik";
extraEnv = { extraEnv = {
"AUTHENTIK_REDIS__HOST" = mkContainer.host; "AUTHENTIK_REDIS__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__HOST" = mkContainer.host; "AUTHENTIK_POSTGRESQL__HOST" = builder.host;
"AUTHENTIK_POSTGRESQL__USER" = "authentik_user"; "AUTHENTIK_POSTGRESQL__USER" = "authentik_user";
"AUTHENTIK_POSTGRESQL__NAME" = "authentik_db"; "AUTHENTIK_POSTGRESQL__NAME" = "authentik_db";
}; };