Update modules/server/containers/default.nix

2026-05-12 17:43:28 +02:00
parent 3abdb6d637
commit 30df106b94
1 changed files with 67 additions and 70 deletions
--- a/modules/server/containers/default.nix
+++ b/modules/server/containers/default.nix
@@ -2,80 +2,77 @@
 let
  serverCfg = config.syscfg.server;
  builder = import ./builder.nix { inherit config lib pkgs serverCfg; };
-  enabledConfigs = lib.filterAttrs (name: c: c.enable) serverCfg.containers;
-  containerSetsList = lib.mapAttrsToList (name: containerCfg:
-  let apps = import (./apps + "/${name}.nix") {inherit config pkgs lib containerCfg builder name;};
-  in{
-    name = name;
-    containers = lib.mapAttrs' (cName: cValue: 
-      lib.nameValuePair "${name}-${cName}" cValue
-    ) apps.containers;
-    paths = apps.paths or [];
-    setup = apps.setup or null;
-    cron = apps.cron or [];
-  }
-) enabledConfigs;
-  mergedContainers = lib.attrsets.mergeAttrsList  (lib.map(e: e.containers) containerSetsList);
-  allPathConfigs = lib.flatten (lib.map (e: e.paths) containerSetsList);
-  allCronsConfigs = lib.flatten (lib.map (e: e.cron or []) containerSetsList);
-in
-{
-  config = lib.mkIf ( enabledConfigs != {} ) {

-    virtualisation.oci-containers = {
-      backend = "podman";
-      containers = mergedContainers;
-    };
+in{
+  config = lib.mkMerge [{
+    syscfg.server.loadedContainers = lib.mapAttrs (name: containerCfg:
+      (import (./apps + "/${name}.nix")) { inherit config pkgs lib containerCfg builder name; }
+    ) config.syscfg.server.containers;
+  } (lib.mkIf ( serverCfg.containers != {} ) (
+    let
+      appsList = builtins.attrValues config.syscfg.server.loadedContainers;
+      mergedContainers = lib.concatMapAttrs (appName: app:
+        lib.mapAttrs' (cName: cCfg: lib.nameValuePair "${appName}-${cName}" cCfg) app.containers
+      ) config.syscfg.server.loadedContainers;
+      allPathConfigs  = lib.concatMap (app: app.paths) appsList;
+      allCronsConfigs = lib.concatMap (app: app.cron) appsList;
+    in{

-    system.activationScripts.container-setup-dirs = {
-      deps = [ "users" "groups" ];
-      text = lib.concatStringsSep "\n" (map (cfg:
-      let
-        effectiveCfg = {
-          owner = "root:root";
-          mode = "0400";
-        } // cfg;
-      in ''
-        ${pkgs.coreutils}/bin/mkdir -p "${effectiveCfg.path}"
-        ${pkgs.coreutils}/bin/chown ${effectiveCfg.owner} "${effectiveCfg.path}"
-        ${pkgs.coreutils}/bin/chmod ${effectiveCfg.mode} "${effectiveCfg.path}"
-      '') allPathConfigs);
-    };
-
-    systemd.services = {
-      podman-gc = {
-        description = "Podman garbage collection";
-        serviceConfig.Type = "oneshot";
-        script = ''
-          ${pkgs.podman}/bin/podman container prune -f
-          ${pkgs.podman}/bin/podman image prune -f
-        '';
-        startAt = "weekly";
+      virtualisation.oci-containers = {
+        backend = "podman";
+        containers = mergedContainers;
      };
-    } // lib.listToAttrs (lib.concatMap (containerSet: 
-      if containerSet.setup != null then [{
-        name = "${containerSet.name}-setup";
-        value = {
-          description = "Run ${containerSet.name} setup";
-          after = [ "podman-${containerSet.name}-${containerSet.setup.trigger}.service" ];
-          wants = [ "podman-${containerSet.name}-${containerSet.setup.trigger}.service" ];
-          wantedBy = [ "multi-user.target" ];
-          serviceConfig = {
-            Type = "oneshot";
-            TimeoutStartSec = "360s";
-            EnvironmentFile = if (containerSet.setup ? envFile) then containerSet.setup.envFile else [ ];
-            ExecStart = "${containerSet.setup.script}";
-            RemainAfterExit = true;
-            User = "root";
-          };
+      
+      system.activationScripts.container-setup-dirs = {
+        deps = [ "users" "groups" ];
+        text = lib.concatStringsSep "\n" (map (cfg:
+        let
+          effectiveCfg = {
+            owner = "root:root";
+            mode = "0400";
+          } // cfg;
+        in ''
+          ${pkgs.coreutils}/bin/mkdir -p "${effectiveCfg.path}"
+          ${pkgs.coreutils}/bin/chown ${effectiveCfg.owner} "${effectiveCfg.path}"
+          ${pkgs.coreutils}/bin/chmod ${effectiveCfg.mode} "${effectiveCfg.path}"
+        '') allPathConfigs);
+      };
+
+      systemd.services = {
+        podman-gc = {
+          description = "Podman garbage collection";
+          serviceConfig.Type = "oneshot";
+          script = ''
+            ${pkgs.podman}/bin/podman container prune -f
+            ${pkgs.podman}/bin/podman image prune -f
+          '';
+          startAt = "weekly";
        };
-      }] else []
-    ) containerSetsList);
+      } // lib.listToAttrs (lib.concatMap (containerSet: 
+        if containerSet.setup.script != null then [{
+          name = "${containerSet.name}-setup";
+          value = {
+            description = "Run ${containerSet.name} setup";
+            after = [ "podman-${containerSet.name}-${containerSet.setup.trigger}.service" ];
+            wants = [ "podman-${containerSet.name}-${containerSet.setup.trigger}.service" ];
+            wantedBy = [ "multi-user.target" ];
+            serviceConfig = {
+              Type = "oneshot";
+              TimeoutStartSec = "360s";
+              EnvironmentFile = if (containerSet.setup ? envFile) then containerSet.setup.envFile else [ ];
+              ExecStart = "${containerSet.setup.script}";
+              RemainAfterExit = true;
+              User = "root";
+            };
+          };
+        }] else []
+      ) appsList);

-    services.cron = {
-      enable = true;
-      systemCronJobs = allCronsConfigs;
-    };
+      services.cron = {
+        enable = true;
+        systemCronJobs = allCronsConfigs;
+      };
+
+  }))];

-  };
 }