From 662424f1d18c6ccf0c2fce728fa2e273c5f67370 Mon Sep 17 00:00:00 2001 From: soraefir Date: Mon, 4 May 2026 23:04:48 +0200 Subject: [PATCH] New server docker --- modules/nixos/system/hw/virt/default.nix | 7 ++--- modules/server/arion/default.nix | 13 --------- modules/server/containers/default.nix | 27 +++++++++++++++++++ .../{docker => containers/defs}/authentik.nix | 0 .../{docker => containers/defs}/cloud.nix | 0 .../{docker => containers/defs}/sample.nix | 0 .../{docker => containers/defs}/traefik.nix | 0 modules/server/default.nix | 2 +- modules/shared/syscfg/default.nix | 12 ++++++--- systems/sandbox/cfg.nix | 5 +++- 10 files changed, 45 insertions(+), 21 deletions(-) delete mode 100644 modules/server/arion/default.nix create mode 100644 modules/server/containers/default.nix rename modules/server/{docker => containers/defs}/authentik.nix (100%) rename modules/server/{docker => containers/defs}/cloud.nix (100%) rename modules/server/{docker => containers/defs}/sample.nix (100%) rename modules/server/{docker => containers/defs}/traefik.nix (100%) diff --git a/modules/nixos/system/hw/virt/default.nix b/modules/nixos/system/hw/virt/default.nix index e62bf6e..2b91eef 100644 --- a/modules/nixos/system/hw/virt/default.nix +++ b/modules/nixos/system/hw/virt/default.nix @@ -11,9 +11,10 @@ dockerSocket.enable = true; dockerCompat = true; defaultNetwork.settings = { - dnsname.enable = true; - internal = true; - name = "internal"; + #dnsname.enable = true; + dns_enabled = true; + #internal = true; + #name = "internal"; }; }; }; diff --git a/modules/server/arion/default.nix b/modules/server/arion/default.nix deleted file mode 100644 index 92356b0..0000000 --- a/modules/server/arion/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, pkgs, lib, ... }:{ - config = lib.mkIf (config.syscfg.server.arion) { - environment.systemPackages = with pkgs; [ arion ]; - virtualisation.arion = { - backend = "podman-socket"; - projects = { - cloud.settings = import ../docker/cloud.nix { inherit config pkgs lib; }; - authentik.settings = - import ../docker/authentik.nix { inherit config pkgs lib; }; - }; - }; - }; -} \ No newline at end of file diff --git a/modules/server/containers/default.nix b/modules/server/containers/default.nix new file mode 100644 index 0000000..5354d9c --- /dev/null +++ b/modules/server/containers/default.nix @@ -0,0 +1,27 @@ +{ config, pkgs, lib, ... }: +let + # enabledContainers = lib.filterAttrs (name: cfg: cfg.enable) config.syscfg.server.containers; + # containerImports = { + # cloud = import ./defs/cloud.nix; + # authentik = import ./defs/authentik.nix; + # }; + containerDir = ./defs; + allFiles = builtins.readDir containerDir; + enabledNames = lib.filterAttrs (name: cfg: cfg.enable) config.syscfg.server.containers; + activeContainers = lib.mapAttrs (name: cfg: + let + fileName = "${name}.nix"; + in + if builtins.hasAttr fileName allFiles + then import (containerDir + "/${fileName}") + else throw "Container config for '${name}' enabled, but ${containerDir}/${fileName} does not exist!" + ) enabledNames; +in +{ + config = lib.mkIf ( enabledNames != {} ) { + virtualisation.oci-containers = { + backend = "podman"; + containers = activeContainers; + }; + }; +} \ No newline at end of file diff --git a/modules/server/docker/authentik.nix b/modules/server/containers/defs/authentik.nix similarity index 100% rename from modules/server/docker/authentik.nix rename to modules/server/containers/defs/authentik.nix diff --git a/modules/server/docker/cloud.nix b/modules/server/containers/defs/cloud.nix similarity index 100% rename from modules/server/docker/cloud.nix rename to modules/server/containers/defs/cloud.nix diff --git a/modules/server/docker/sample.nix b/modules/server/containers/defs/sample.nix similarity index 100% rename from modules/server/docker/sample.nix rename to modules/server/containers/defs/sample.nix diff --git a/modules/server/docker/traefik.nix b/modules/server/containers/defs/traefik.nix similarity index 100% rename from modules/server/docker/traefik.nix rename to modules/server/containers/defs/traefik.nix diff --git a/modules/server/default.nix b/modules/server/default.nix index 5d2c1f2..cce7059 100644 --- a/modules/server/default.nix +++ b/modules/server/default.nix @@ -1,3 +1,3 @@ { config, pkgs, lib, ... }:{ - imports = [ ./sops ./nftables ./openssh ./arion ]; + imports = [ ./sops ./nftables ./openssh ./containers ]; } diff --git a/modules/shared/syscfg/default.nix b/modules/shared/syscfg/default.nix index cf8317f..67f62f2 100644 --- a/modules/shared/syscfg/default.nix +++ b/modules/shared/syscfg/default.nix @@ -102,9 +102,15 @@ let type = types.str; default = "/media/data"; }; - arion = mkOption { - type = types.bool; - default = false; + containers = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule { + options = { + enable = {type = types.bool;default = false;}; + port = lib.mkOption { type = lib.types.port; }; + special_param = lib.mkOption { type = lib.types.str; default = ""; }; + }; + }); + default = {}; }; sops = mkOption { type = types.bool; diff --git a/systems/sandbox/cfg.nix b/systems/sandbox/cfg.nix index 757bbe5..ef5a16b 100644 --- a/systems/sandbox/cfg.nix +++ b/systems/sandbox/cfg.nix @@ -29,7 +29,10 @@ dbHost = "localhost"; - arion = true; + containers = { + cloud.enable = true; + authentik.enable = true; + }; }; }; }