diff --git a/nixos-configurations/zeus.nix b/nixos-configurations/zeus.nix index d96130d..b41780f 100644 --- a/nixos-configurations/zeus.nix +++ b/nixos-configurations/zeus.nix @@ -23,6 +23,8 @@ in ezModules.networkd-base ezModules.smartd ezModules.plymouth + ezModules.docker-proxy + ezModules.docker-swag ]; boot = { @@ -176,57 +178,11 @@ in }; virtualisation = { - containers.enable = true; podman = { - enable = true; - dockerCompat = true; defaultNetwork.settings.dns_enabled = true; autoPrune.enable = true; }; oci-containers.containers = { - dockerproxy = { - image = "ghcr.io/tecnativa/docker-socket-proxy:latest"; - volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock:ro" ]; - environment = { - CONTAINERS = "1"; - POST = "0"; - }; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - swag = { - image = "lscr.io/linuxserver/swag:2.9.0-ls292"; - volumes = [ "swag-config:/config" ]; - environment = { - TZ = "America/New_York"; - URL = "icanttype.org"; - VALIDATION = "dns"; - SUBDOMAINS = "wildcard"; - DNSPLUGIN = "cloudflare"; - DOCKER_HOST = "dockerproxy"; - DOCKER_MODS = "linuxserver/mods:swag-dashboard|linuxserver/mods:swag-auto-proxy|linuxserver/mods:universal-docker|linuxserver/mods:universal-cloudflared"; - CF_ZONE_ID = "4e68852334290a922718696a0986e75a"; - CF_ACCOUNT_ID = "5c1c252b9d9a9af6ea3a5de8590f36fa"; - CF_API_TOKEN = "mRfY8ubtFUxzVuehI6WFipSQFIcstCNds7RF5FTQ"; - CF_TUNNEL_NAME = "icanttype.org"; - CF_TUNNEL_PASSWORD = "iZh4UYxVSo3S2H3XwwboM2z@mJEqYJkQ5yMTfd5p"; - FILE__CF_TUNNEL_CONFIG = "/config/tunnelconfig.yml"; - EMAIL = "cdombroski@gmail.com"; - }; - ports = [ - "80:80" - "443:443" - ]; - extraOptions = [ - "--pull=newer" - "--network=www" - "--cap-add" - "NET_ADMIN" - "--network-alias=icanttype.org" - ]; - }; jellyfin = { image = "lscr.io/linuxserver/jellyfin:latest"; volumes = [ diff --git a/nixos-modules/docker-proxy.nix b/nixos-modules/docker-proxy.nix new file mode 100644 index 0000000..96935b7 --- /dev/null +++ b/nixos-modules/docker-proxy.nix @@ -0,0 +1,23 @@ +{ + virtualisation = { + containers.enable = true; + podman = { + enable = true; + dockerCompat = true; + }; + oci-containers.containers = { + dockerproxy = { + image = "ghcr.io/tecnativa/docker-socket-proxy:latest"; + volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock:ro" ]; + environment = { + CONTAINERS = "1"; + POST = "0"; + }; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-swag.nix b/nixos-modules/docker-swag.nix new file mode 100644 index 0000000..389494b --- /dev/null +++ b/nixos-modules/docker-swag.nix @@ -0,0 +1,37 @@ +{ + virtualisation = { + oci-containers.containers = { + swag = { + image = "lscr.io/linuxserver/swag:latest"; + volumes = [ "swag-config:/config" ]; + environment = { + TZ = "America/New_York"; + URL = "icanttype.org"; + VALIDATION = "dns"; + SUBDOMAINS = "wildcard"; + DNSPLUGIN = "cloudflare"; + DOCKER_HOST = "dockerproxy"; + DOCKER_MODS = "linuxserver/mods:swag-dashboard|linuxserver/mods:swag-auto-proxy|linuxserver/mods:universal-docker|linuxserver/mods:universal-cloudflared"; + CF_ZONE_ID = "4e68852334290a922718696a0986e75a"; + CF_ACCOUNT_ID = "5c1c252b9d9a9af6ea3a5de8590f36fa"; + CF_API_TOKEN = "mRfY8ubtFUxzVuehI6WFipSQFIcstCNds7RF5FTQ"; + CF_TUNNEL_NAME = "icanttype.org"; + CF_TUNNEL_PASSWORD = "iZh4UYxVSo3S2H3XwwboM2z@mJEqYJkQ5yMTfd5p"; + FILE__CF_TUNNEL_CONFIG = "/config/tunnelconfig.yml"; + EMAIL = "cdombroski@gmail.com"; + }; + ports = [ + "80:80" + "443:443" + ]; + extraOptions = [ + "--pull=newer" + "--network=www" + "--cap-add" + "NET_ADMIN" + "--network-alias=icanttype.org" + ]; + }; + }; + }; +}