sora/nixconfig
1
0
Fork 0
Code Issues 2 Pull Requests Actions Releases Activity

New server docker

Browse Source
This commit is contained in:
soraefir
2026-05-04 23:04:48 +02:00
parent 1566aca2b8
commit 662424f1d1
10 changed files with 45 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/nixos/system/hw/virt/default.nix
View File

@@ -11,9 +11,10 @@
dockerSocket.enable = true; dockerSocket.enable = true;
dockerCompat = true; dockerCompat = true;
defaultNetwork.settings = { defaultNetwork.settings = {
dnsname.enable = true; #dnsname.enable = true;
internal = true; dns_enabled = true;
name = "internal"; #internal = true;
#name = "internal";
}; };
}; };
}; };

13
modules/server/arion/default.nix
View File

@@ -1,13 +0,0 @@
{ config, pkgs, lib, ... }:{
config = lib.mkIf (config.syscfg.server.arion) {
environment.systemPackages = with pkgs; [ arion ];
virtualisation.arion = {
backend = "podman-socket";
projects = {
cloud.settings = import ../docker/cloud.nix { inherit config pkgs lib; };
authentik.settings =
import ../docker/authentik.nix { inherit config pkgs lib; };
};
};
};
}

27
modules/server/containers/default.nix Normal file
View File

@@ -0,0 +1,27 @@
{ config, pkgs, lib, ... }:
let
# enabledContainers = lib.filterAttrs (name: cfg: cfg.enable) config.syscfg.server.containers;
# containerImports = {
# cloud = import ./defs/cloud.nix;
# authentik = import ./defs/authentik.nix;
# };
containerDir = ./defs;
allFiles = builtins.readDir containerDir;
enabledNames = lib.filterAttrs (name: cfg: cfg.enable) config.syscfg.server.containers;
activeContainers = lib.mapAttrs (name: cfg:
let
fileName = "${name}.nix";
in
if builtins.hasAttr fileName allFiles
then import (containerDir + "/${fileName}")
else throw "Container config for '${name}' enabled, but ${containerDir}/${fileName} does not exist!"
) enabledNames;
in
{
config = lib.mkIf ( enabledNames != {} ) {
virtualisation.oci-containers = {
backend = "podman";
containers = activeContainers;
};
};
}

0
modules/server/docker/authentik.nix → modules/server/containers/defs/authentik.nix
View File

0
modules/server/docker/cloud.nix → modules/server/containers/defs/cloud.nix
View File

0
modules/server/docker/sample.nix → modules/server/containers/defs/sample.nix
View File

0
modules/server/docker/traefik.nix → modules/server/containers/defs/traefik.nix
View File

2
modules/server/default.nix
View File

@@ -1,3 +1,3 @@
{ config, pkgs, lib, ... }:{ { config, pkgs, lib, ... }:{
imports = [ ./sops ./nftables ./openssh ./arion ]; imports = [ ./sops ./nftables ./openssh ./containers ];
} }

12
modules/shared/syscfg/default.nix
View File

@@ -102,9 +102,15 @@ let
type = types.str; type = types.str;
default = "/media/data"; default = "/media/data";
}; };
arion = mkOption { containers = lib.mkOption {
type = types.bool; type = lib.types.attrsOf (lib.types.submodule {
default = false; options = {
enable = {type = types.bool;default = false;};
port = lib.mkOption { type = lib.types.port; };
special_param = lib.mkOption { type = lib.types.str; default = ""; };
};
});
default = {};
}; };
sops = mkOption { sops = mkOption {
type = types.bool; type = types.bool;

5
systems/sandbox/cfg.nix
View File

@@ -29,7 +29,10 @@
dbHost = "localhost"; dbHost = "localhost";
arion = true; containers = {
cloud.enable = true;
authentik.enable = true;
};
}; };
}; };
} }