sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity
Files
8d4caac83b9f3e755aaea3a98a07f37eb831b384
nixconfig/modules/server/containers/default.nix
soraefir ad2b492b51 Fix service
2026-05-09 18:42:22 +02:00

68 lines
2.4 KiB
Nix
Raw Blame History

{ config, pkgs, lib, ... }:
let
serverCfg = config.syscfg.server;
builder = import ./builder.nix { inherit config lib serverCfg; };
enabledConfigs = lib.filterAttrs (name: c: c.enable) serverCfg.containers;
containerSetsList = lib.mapAttrsToList (name: containerCfg:
let defs = import (./defs + "/${name}.nix") {inherit config pkgs lib containerCfg builder name;};
in{
name = name;
containers = lib.mapAttrs' (cName: cValue:
lib.nameValuePair "${name}-${cName}" cValue
) defs.containers;
paths = defs.paths or [];
setup = defs.setup or null;
}
) enabledConfigs;
mergedContainers = lib.attrsets.mergeAttrsList (lib.map(e: e.containers) containerSetsList);
allPathConfigs = lib.flatten (lib.map (e: e.paths) containerSetsList);
allScriptConfigs = lib.flatten (lib.map (e: e.init or "") containerSetsList);
in
{
config = lib.mkIf ( enabledConfigs != {} ) {
virtualisation.oci-containers = {
backend = "podman";
containers = mergedContainers;
};
system.activationScripts.container-setup-dirs = {
deps = [ "users" "groups" ];
text = lib.concatStringsSep "\n" (map (cfg: ''
${pkgs.coreutils}/bin/mkdir -p "${cfg.path}"
${pkgs.coreutils}/bin/chown ${cfg.owner} "${cfg.path}"
${pkgs.coreutils}/bin/chmod ${cfg.mode} "${cfg.path}"
'') allPathConfigs);
};
systemd.services = {
podman-gc = {
description = "Podman garbage collection";
serviceConfig.Type = "oneshot";
script = ''
${pkgs.podman}/bin/podman container prune -f
${pkgs.podman}/bin/podman image prune -f
'';
startAt = "weekly";
};
} // lib.listToAttrs (lib.concatMap (containerSet:
if containerSet.setup != null then [{
name = "${containerSet.name}-setup";
value = {
description = "Run ${containerSet.name} setup";
after = [ "podman-${containerSet.name}-${containerSet.setup.trigger}.service" ];
wants = [ "podman-${containerSet.name}-${containerSet.setup.trigger}.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
TimeoutStartSec = "30s";
ExecStart = "${containerSet.setup.script}";
RemainAfterExit = true;
User = "root";
};
};
}] else []
) containerSetsList);
};
}
Reference in New Issue View Git Blame Copy Permalink