diff --git a/system/services/0_TEMPLATE.nix b/system/services/0_TEMPLATE.nix index 4ee6da75..1644df64 100644 --- a/system/services/0_TEMPLATE.nix +++ b/system/services/0_TEMPLATE.nix @@ -8,6 +8,15 @@ image = "TEMPLATE"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = []; diff --git a/system/services/adguard.nix b/system/services/adguard.nix index 933896a4..7cdbc523 100644 --- a/system/services/adguard.nix +++ b/system/services/adguard.nix @@ -8,6 +8,15 @@ image = "adguard/adguardhome"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = [ diff --git a/system/services/authelia.nix b/system/services/authelia.nix index 11f6e7b1..38bea220 100644 --- a/system/services/authelia.nix +++ b/system/services/authelia.nix @@ -8,6 +8,15 @@ image = "authelia/authelia:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = [ # "pihole" ]; diff --git a/system/services/formula10.nix b/system/services/formula10.nix index e7117090..8411a846 100644 --- a/system/services/formula10.nix +++ b/system/services/formula10.nix @@ -8,6 +8,15 @@ image = "gitea.vps.chriphost.de/christoph/formula10:latest"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = []; ports = [ diff --git a/system/services/formula11.nix b/system/services/formula11.nix index 24a3b0a3..e3c14e0c 100644 --- a/system/services/formula11.nix +++ b/system/services/formula11.nix @@ -8,6 +8,15 @@ image = "gitea.vps.chriphost.de/christoph/pocketbase:0.25.0"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = [ # "pihole" ]; @@ -32,6 +41,15 @@ image = "gitea.vps.chriphost.de/christoph/formula11:latest"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = [ "formula11_pocketbase" ]; @@ -51,10 +69,10 @@ # PB_PROTOCOL="https"; # PB_URL="f11pb.vps.chriphost.de"; - PUBLIC_PBURL="https://f11pb.vps.chriphost.de"; + PUBLIC_PBURL = "https://f11pb.vps.chriphost.de"; # Required by SvelteKit to prevent cross-site POST errors - ORIGIN="https://f11.vps.chriphost.de"; + ORIGIN = "https://f11.vps.chriphost.de"; }; extraOptions = [ diff --git a/system/services/gitea-runner.nix b/system/services/gitea-runner.nix index 0611cff8..8bc9057d 100644 --- a/system/services/gitea-runner.nix +++ b/system/services/gitea-runner.nix @@ -8,6 +8,15 @@ image = "gitea/act_runner:latest"; # NOTE: vegardit has other runner images autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = []; @@ -15,7 +24,7 @@ volumes = [ "gitea-runner_data:/data" "gitea-runner_config:/config" # Managed by env variables for vegardit image - + "/var/run/docker.sock:/var/run/docker.sock" # Disable for dind ]; diff --git a/system/services/gitea.nix b/system/services/gitea.nix index 0309c0e4..ea3489bc 100644 --- a/system/services/gitea.nix +++ b/system/services/gitea.nix @@ -23,6 +23,15 @@ image = "postgres:14"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = []; @@ -46,6 +55,15 @@ image = "gitea/gitea:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = [ "gitea-db" ]; diff --git a/system/services/heidi.nix b/system/services/heidi.nix index b3b6bfa9..0b512de8 100644 --- a/system/services/heidi.nix +++ b/system/services/heidi.nix @@ -8,6 +8,15 @@ image = "gitea.vps.chriphost.de/christoph/discord-heidi:latest"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = []; ports = []; diff --git a/system/services/immich.nix b/system/services/immich.nix index 3c6a92b7..e217eb7a 100644 --- a/system/services/immich.nix +++ b/system/services/immich.nix @@ -8,6 +8,15 @@ image = "ghcr.io/immich-app/postgres:15-vectorchord0.3.0-pgvectors0.2.0"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = []; ports = [ @@ -33,6 +42,15 @@ image = "redis"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = [ @@ -52,6 +70,15 @@ image = "ghcr.io/imagegenius/immich:latest"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = [ "immich-database" "immich-redis" diff --git a/system/services/jellyfin.nix b/system/services/jellyfin.nix index be5458df..e57374e7 100644 --- a/system/services/jellyfin.nix +++ b/system/services/jellyfin.nix @@ -8,6 +8,15 @@ image = "linuxserver/jellyfin:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = [ # "pihole" ]; diff --git a/system/services/kopia.nix b/system/services/kopia.nix index 86d2a1a9..37296dc5 100644 --- a/system/services/kopia.nix +++ b/system/services/kopia.nix @@ -8,6 +8,15 @@ image = "kopia/kopia:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = [ diff --git a/system/services/nextcloud.nix b/system/services/nextcloud.nix index 9f405fe5..ec231bd0 100644 --- a/system/services/nextcloud.nix +++ b/system/services/nextcloud.nix @@ -4,10 +4,41 @@ pkgs, ... }: { + systemd.services.nextcloud-cron = { + enable = true; + description = "Nextcloud Cron Job"; + + serviceConfig = { + ExecStart = "${pkgs.docker}/bin/docker exec -u www-data nextcloud /usr/local/bin/php -f /var/www/html/cron.php"; + }; + }; + + systemd.timers.nextcloud-cron = { + enable = true; + description = "Nextcloud Cron Job"; + + timerConfig = { + OnBootSec = "5min"; + OnUnitActiveSec = "5min"; + Unit = "nextcloud-cron.service"; + }; + + wantedBy = ["timers.target"]; + }; + virtualisation.oci-containers.containers.nextcloud-db = { image = "postgres:alpine"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = [ @@ -33,6 +64,15 @@ image = "redis:alpine"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = [ @@ -54,6 +94,15 @@ image = "nextcloud:apache"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = [ "nextcloud-db" "nextcloud-memcache" @@ -86,7 +135,7 @@ APACHE_DISABLE_REWRITE_IP = "1"; TRUSTED_PROXIES = "192.168.86.25 212.227.233.241 172.19.0.1"; OVERWRITEPROTOCOL = "https"; - + # DB POSTGRES_HOST = "nextcloud-db"; POSTGRES_PASSWORD = "nextcloud"; @@ -101,26 +150,4 @@ "--net=behind-nginx" ]; }; - - systemd.services.nextcloud-cron = { - enable = true; - description = "Nextcloud Cron Job"; - - serviceConfig = { - ExecStart = "${pkgs.docker}/bin/docker exec -u www-data nextcloud /usr/local/bin/php -f /var/www/html/cron.php"; - }; - }; - - systemd.timers.nextcloud-cron = { - enable = true; - description = "Nextcloud Cron Job"; - - timerConfig = { - OnBootSec = "5min"; - OnUnitActiveSec = "5min"; - Unit = "nextcloud-cron.service"; - }; - - wantedBy = ["timers.target"]; - }; } diff --git a/system/services/nginx-proxy-manager.nix b/system/services/nginx-proxy-manager.nix index a088b6c3..49706e75 100644 --- a/system/services/nginx-proxy-manager.nix +++ b/system/services/nginx-proxy-manager.nix @@ -8,6 +8,15 @@ image = "jc21/nginx-proxy-manager:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = [ # "pihole" ]; diff --git a/system/services/paperless.nix b/system/services/paperless.nix index 951fc9ba..6f1070e7 100644 --- a/system/services/paperless.nix +++ b/system/services/paperless.nix @@ -5,9 +5,18 @@ ... }: { virtualisation.oci-containers.containers.paperless-redis = { - image = "docker.io/library/redis:7"; + image = "redis:7"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = []; @@ -24,9 +33,18 @@ }; virtualisation.oci-containers.containers.paperless-postgres = { - image = "docker.io/library/postgres:15"; + image = "postgres:15"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = []; @@ -50,6 +68,15 @@ image = "ghcr.io/paperless-ngx/paperless-ngx:latest"; autoStart = true; + # login = { + # # Uses DockerHub by default + # # registry = ""; + # + # # DockerHub Credentials + # username = "christoph.urlacher@protonmail.com"; + # passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + # }; + dependsOn = [ "paperless-redis" "paperless-postgres" diff --git a/system/services/portainer.nix b/system/services/portainer.nix index 7094ea94..7b6bc923 100644 --- a/system/services/portainer.nix +++ b/system/services/portainer.nix @@ -32,6 +32,15 @@ image = "portainer/agent:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = []; ports = [ diff --git a/system/services/whats-up-docker.nix b/system/services/whats-up-docker.nix index ec40357e..d7dcee6e 100644 --- a/system/services/whats-up-docker.nix +++ b/system/services/whats-up-docker.nix @@ -8,6 +8,15 @@ image = "getwud/wud:latest"; autoStart = true; + login = { + # Uses DockerHub by default + # registry = ""; + + # DockerHub Credentials + username = "christoph.urlacher@protonmail.com"; + passwordFile = "${config.age.secrets.dockerhub-pasword.path}"; + }; + dependsOn = [ # "pihole" ];