Services/Nginx: Update to v2.12.6

system/services/authelia.nix

@@ -3,38 +3,42 @@
   lib,
   pkgs,
   ...
-}: {
-  virtualisation.oci-containers.containers.authelia = {
-    image = "authelia/authelia:latest";
-    autoStart = true;
+}: let
+  autheliaVersion = "4.39.4";
+in {
+  virtualisation.oci-containers.containers = {
+    authelia = {
+      image = "authelia/authelia:${autheliaVersion}";
+      autoStart = true;
 
-    login = {
-      # Uses DockerHub by default
-      # registry = "";
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
 
-      # DockerHub Credentials
-      username = "christoph.urlacher@protonmail.com";
-      passwordFile = "${config.sops.secrets.docker-password.path}";
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [
+        # "pihole"
+      ];
+
+      ports = [
+        # "9091:9091"
+      ];
+
+      volumes = [
+        "authelia_config:/config"
+      ];
+
+      environment = {
+        TZ = "Europe/Berlin";
+      };
+
+      extraOptions = [
+        "--net=behind-nginx"
+      ];
     };
-
-    dependsOn = [
-      # "pihole"
-    ];
-
-    ports = [
-      # "9091:9091"
-    ];
-
-    volumes = [
-      "authelia_config:/config"
-    ];
-
-    environment = {
-      TZ = "Europe/Berlin";
-    };
-
-    extraOptions = [
-      "--net=behind-nginx"
-    ];
   };
 }

system/services/formula10.nix

@@ -3,29 +3,33 @@
   lib,
   pkgs,
   ...
-}: {
-  virtualisation.oci-containers.containers.formula10 = {
-    image = "gitea.vps.chriphost.de/christoph/formula10:latest";
-    autoStart = true;
+}: let
+  f10Version = "latest";
+in {
+  virtualisation.oci-containers.containers = {
+    formula10 = {
+      image = "gitea.vps.chriphost.de/christoph/formula10:${f10Version}";
+      autoStart = true;
 
-    dependsOn = [];
+      dependsOn = [];
 
-    ports = [
-      "55555:5000"
-    ];
+      ports = [
+        "55555:5000"
+      ];
 
-    volumes = [
-      "formula10_data:/app/instance"
-      "formula10_cache:/cache"
-    ];
+      volumes = [
+        "formula10_data:/app/instance"
+        "formula10_cache:/cache"
+      ];
 
-    environment = {
-      TZ = "Europe/Berlin";
+      environment = {
+        TZ = "Europe/Berlin";
+      };
+
+      extraOptions = [
+        "--init" # Make an init process take up PID 1, to make python receive the SIGTERM
+        "--net=behind-nginx"
+      ];
     };
-
-    extraOptions = [
-      "--init" # Make an init process take up PID 1, to make python receive the SIGTERM
-      "--net=behind-nginx"
-    ];
   };
 }

system/services/formula11.nix

@@ -3,61 +3,66 @@
   lib,
   pkgs,
   ...
-}: {
-  virtualisation.oci-containers.containers.formula11_pocketbase = {
-    image = "gitea.vps.chriphost.de/christoph/pocketbase:0.25.0";
-    autoStart = true;
+}: let
+  pocketbaseVersion = "0.25.0";
+  f11Version = "latest";
+in {
+  virtualisation.oci-containers.containers = {
+    formula11_pocketbase = {
+      image = "gitea.vps.chriphost.de/christoph/pocketbase:${pocketbaseVersion}";
+      autoStart = true;
 
-    dependsOn = [
-      # "pihole"
-    ];
+      dependsOn = [
+        # "pihole"
+      ];
 
-    ports = [
-      "8090:8080"
-    ];
+      ports = [
+        "8090:8080"
+      ];
 
-    volumes = [
-      "formula11_pb_data:/pb/pb_data"
-    ];
+      volumes = [
+        "formula11_pb_data:/pb/pb_data"
+      ];
 
-    environment = {};
+      environment = {};
 
-    extraOptions = [
-      "--net=behind-nginx"
-    ];
-  };
-
-  virtualisation.oci-containers.containers.formula11 = {
-    image = "gitea.vps.chriphost.de/christoph/formula11:latest";
-    autoStart = true;
-
-    dependsOn = [
-      "formula11_pocketbase"
-    ];
-
-    ports = [
-      # "8080:8090"
-      "5173:3000"
-    ];
-
-    volumes = [];
-
-    environment = {
-      # PB_PROTOCOL="http";
-      # PB_HOST="formula11_pocketbase";
-      # PB_PORT="8000";
-
-      # PB_PROTOCOL="https";
-      # PB_URL="f11pb.vps.chriphost.de";
-
-      PUBLIC_PBURL = "https://f11pb.vps.chriphost.de";
-
-      # Required by SvelteKit to prevent cross-site POST errors
-      ORIGIN = "https://f11.vps.chriphost.de";
+      extraOptions = [
+        "--net=behind-nginx"
+      ];
     };
 
-    extraOptions = [
-      "--net=behind-nginx"
-    ];
+    formula11 = {
+      image = "gitea.vps.chriphost.de/christoph/formula11:${f11Version}";
+      autoStart = true;
+
+      dependsOn = [
+        "formula11_pocketbase"
+      ];
+
+      ports = [
+        # "8080:8090"
+        "5173:3000"
+      ];
+
+      volumes = [];
+
+      environment = {
+        # PB_PROTOCOL="http";
+        # PB_HOST="formula11_pocketbase";
+        # PB_PORT="8000";
+
+        # PB_PROTOCOL="https";
+        # PB_URL="f11pb.vps.chriphost.de";
+
+        PUBLIC_PBURL = "https://f11pb.vps.chriphost.de";
+
+        # Required by SvelteKit to prevent cross-site POST errors
+        ORIGIN = "https://f11.vps.chriphost.de";
+      };
+
+      extraOptions = [
+        "--net=behind-nginx"
+      ];
+    };
   };
 }

system/services/heidi.nix

@@ -3,37 +3,41 @@
   lib,
   pkgs,
   ...
-}: {
+}: let
+  heidiVersion = "latest";
+in {
   # If we need to pass secrets to containers we can't use plain env variables.
   sops.templates."heidi_secrets.env".content = ''
     DISCORD_TOKEN=${config.sops.placeholder.heidi-discord-token}
   '';
 
-  virtualisation.oci-containers.containers.heidi = {
-    image = "gitea.vps.chriphost.de/christoph/discord-heidi:latest";
-    autoStart = true;
+  virtualisation.oci-containers.containers = {
+    heidi = {
+      image = "gitea.vps.chriphost.de/christoph/discord-heidi:${heidiVersion}";
+      autoStart = true;
 
-    dependsOn = [];
+      dependsOn = [];
 
-    ports = [];
+      ports = [];
 
-    volumes = [
-      "heidi_config:/config"
+      volumes = [
+        "heidi_config:/config"
 
-      "/home/christoph/heidi-sounds:/sounds:ro"
-    ];
+        "/home/christoph/heidi-sounds:/sounds:ro"
+      ];
 
-    environment = {
-      DOCKER = "True";
+      environment = {
+        DOCKER = "True";
+      };
+
+      environmentFiles = [
+        config.sops.templates."heidi_secrets.env".path
+      ];
+
+      extraOptions = [
+        "--init" # Make an init process take up PID 1, to make python receive the SIGTERM
+        "--net=behind-nginx"
+      ];
     };
-
-    environmentFiles = [
-      config.sops.templates."heidi_secrets.env".path
-    ];
-
-    extraOptions = [
-      "--init" # Make an init process take up PID 1, to make python receive the SIGTERM
-      "--net=behind-nginx"
-    ];
   };
 }

system/services/nginx-proxy-manager.nix

@@ -3,41 +3,45 @@
   lib,
   pkgs,
   ...
-}: {
-  virtualisation.oci-containers.containers.nginx-proxy-manager = {
-    image = "jc21/nginx-proxy-manager:latest";
-    autoStart = true;
+}: let
+  nginxVersion = "2.12.6";
+in {
+  virtualisation.oci-containers.containers = {
+    nginx-proxy-manager = {
+      image = "jc21/nginx-proxy-manager:${nginxVersion}";
+      autoStart = true;
 
-    login = {
-      # Uses DockerHub by default
-      # registry = "";
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
 
-      # DockerHub Credentials
-      username = "christoph.urlacher@protonmail.com";
-      passwordFile = "${config.sops.secrets.docker-password.path}";
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [];
+
+      ports = [
+        "80:80"
+        # "81:81" # Web interface
+        "443:443"
+      ];
+
+      volumes = [
+        "nginx_config:/data"
+        "nginx_snippets:/snippets"
+        "nginx_letsencrypt:/etc/letsencrypt"
+      ];
+
+      environment = {
+        DISABLE_IPV6 = "true";
+      };
+
+      extraOptions = [
+        # "--net=host"
+        "--net=behind-nginx"
+      ];
     };
-
-    dependsOn = [];
-
-    ports = [
-      "80:80"
-      # "81:81" # Web interface
-      "443:443"
-    ];
-
-    volumes = [
-      "nginx_config:/data"
-      "nginx_snippets:/snippets"
-      "nginx_letsencrypt:/etc/letsencrypt"
-    ];
-
-    environment = {
-      DISABLE_IPV6 = "true";
-    };
-
-    extraOptions = [
-      # "--net=host"
-      "--net=behind-nginx"
-    ];
   };
 }

system/services/whats-up-docker.nix

@@ -3,36 +3,40 @@
   lib,
   pkgs,
   ...
-}: {
-  virtualisation.oci-containers.containers.whats-up-docker = {
-    image = "getwud/wud:latest";
-    autoStart = true;
+}: let
+  wudVersion = "8.1.1";
+in {
+  virtualisation.oci-containers.containers = {
+    whats-up-docker = {
+      image = "getwud/wud:${wudVersion}";
+      autoStart = true;
 
-    login = {
-      # Uses DockerHub by default
-      # registry = "";
+      login = {
+        # Uses DockerHub by default
+        # registry = "";
 
-      # DockerHub Credentials
-      username = "christoph.urlacher@protonmail.com";
-      passwordFile = "${config.sops.secrets.docker-password.path}";
+        # DockerHub Credentials
+        username = "christoph.urlacher@protonmail.com";
+        passwordFile = "${config.sops.secrets.docker-password.path}";
+      };
+
+      dependsOn = [
+        # "pihole"
+      ];
+
+      ports = [
+        # "3001:3000"
+      ];
+
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+      ];
+
+      environment = {};
+
+      extraOptions = [
+        "--net=behind-nginx"
+      ];
     };
-
-    dependsOn = [
-      # "pihole"
-    ];
-
-    ports = [
-      # "3001:3000"
-    ];
-
-    volumes = [
-      "/var/run/docker.sock:/var/run/docker.sock"
-    ];
-
-    environment = {};
-
-    extraOptions = [
-      "--net=behind-nginx"
-    ];
   };
 }