christoph/flake-nixinator
1
Fork 0
Code Activity

Compare commits

base: christoph:e2a8ee5d77dd9499abca935eedb8612c667ec43d
Branches Tags
christoph:master
..
compare: christoph:a3509d10005c653137cf9474257bcd96a79f10b7
Branches Tags
christoph:master

4 Commits
e2a8ee5d77 ... a3509d1000

Author SHA1 Message Date
Christoph Urlacher
a3509d1000 Services/Nginx: Update to v2.12.6 2025-07-11 19:57:37 +02:00
Christoph Urlacher
7ec91a89ae Services/Authelia: Update to v4.39.4 2025-07-11 19:57:27 +02:00
Christoph Urlacher
4e6012d60e Services/Wud: Update to v8.1.1 2025-07-11 19:57:13 +02:00
Christoph Urlacher
d5a7edaeef Services: Restructure f10, f11, heidi 2025-07-11 19:56:36 +02:00
6 changed files with 205 additions and 180 deletions
Expand all files Collapse all files

64
system/services/authelia.nix
View File

@ -3,38 +3,42 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
virtualisation.oci-containers.containers.authelia = { autheliaVersion = "4.39.4";
image = "authelia/authelia:latest"; in {
autoStart = true; virtualisation.oci-containers.containers = {
authelia = {
image = "authelia/authelia:${autheliaVersion}";
autoStart = true;
login = { login = {
# Uses DockerHub by default # Uses DockerHub by default
# registry = ""; # registry = "";
# DockerHub Credentials # DockerHub Credentials
username = "christoph.urlacher@protonmail.com"; username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}"; passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [
# "pihole"
];
ports = [
# "9091:9091"
];
volumes = [
"authelia_config:/config"
];
environment = {
TZ = "Europe/Berlin";
};
extraOptions = [
"--net=behind-nginx"
];
}; };
dependsOn = [
# "pihole"
];
ports = [
# "9091:9091"
];
volumes = [
"authelia_config:/config"
];
environment = {
TZ = "Europe/Berlin";
};
extraOptions = [
"--net=behind-nginx"
];
}; };
} }

42
system/services/formula10.nix
View File

@ -3,29 +3,33 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
virtualisation.oci-containers.containers.formula10 = { f10Version = "latest";
image = "gitea.vps.chriphost.de/christoph/formula10:latest"; in {
autoStart = true; virtualisation.oci-containers.containers = {
formula10 = {
image = "gitea.vps.chriphost.de/christoph/formula10:${f10Version}";
autoStart = true;
dependsOn = []; dependsOn = [];
ports = [ ports = [
"55555:5000" "55555:5000"
]; ];
volumes = [ volumes = [
"formula10_data:/app/instance" "formula10_data:/app/instance"
"formula10_cache:/cache" "formula10_cache:/cache"
]; ];
environment = { environment = {
TZ = "Europe/Berlin"; TZ = "Europe/Berlin";
};
extraOptions = [
"--init" # Make an init process take up PID 1, to make python receive the SIGTERM
"--net=behind-nginx"
];
}; };
extraOptions = [
"--init" # Make an init process take up PID 1, to make python receive the SIGTERM
"--net=behind-nginx"
];
}; };
} }

103
system/services/formula11.nix
View File

@ -3,61 +3,66 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
virtualisation.oci-containers.containers.formula11_pocketbase = { pocketbaseVersion = "0.25.0";
image = "gitea.vps.chriphost.de/christoph/pocketbase:0.25.0"; f11Version = "latest";
autoStart = true; in {
virtualisation.oci-containers.containers = {
formula11_pocketbase = {
image = "gitea.vps.chriphost.de/christoph/pocketbase:${pocketbaseVersion}";
autoStart = true;
dependsOn = [ dependsOn = [
# "pihole" # "pihole"
]; ];
ports = [ ports = [
"8090:8080" "8090:8080"
]; ];
volumes = [ volumes = [
"formula11_pb_data:/pb/pb_data" "formula11_pb_data:/pb/pb_data"
]; ];
environment = {}; environment = {};
extraOptions = [ extraOptions = [
"--net=behind-nginx" "--net=behind-nginx"
]; ];
};
virtualisation.oci-containers.containers.formula11 = {
image = "gitea.vps.chriphost.de/christoph/formula11:latest";
autoStart = true;
dependsOn = [
"formula11_pocketbase"
];
ports = [
# "8080:8090"
"5173:3000"
];
volumes = [];
environment = {
# PB_PROTOCOL="http";
# PB_HOST="formula11_pocketbase";
# PB_PORT="8000";
# PB_PROTOCOL="https";
# PB_URL="f11pb.vps.chriphost.de";
PUBLIC_PBURL = "https://f11pb.vps.chriphost.de";
# Required by SvelteKit to prevent cross-site POST errors
ORIGIN = "https://f11.vps.chriphost.de";
}; };
extraOptions = [ formula11 = {
"--net=behind-nginx" image = "gitea.vps.chriphost.de/christoph/formula11:${f11Version}";
]; autoStart = true;
dependsOn = [
"formula11_pocketbase"
];
ports = [
# "8080:8090"
"5173:3000"
];
volumes = [];
environment = {
# PB_PROTOCOL="http";
# PB_HOST="formula11_pocketbase";
# PB_PORT="8000";
# PB_PROTOCOL="https";
# PB_URL="f11pb.vps.chriphost.de";
PUBLIC_PBURL = "https://f11pb.vps.chriphost.de";
# Required by SvelteKit to prevent cross-site POST errors
ORIGIN = "https://f11.vps.chriphost.de";
};
extraOptions = [
"--net=behind-nginx"
];
};
}; };
} }

46
system/services/heidi.nix
View File

@ -3,37 +3,41 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
heidiVersion = "latest";
in {
# If we need to pass secrets to containers we can't use plain env variables. # If we need to pass secrets to containers we can't use plain env variables.
sops.templates."heidi_secrets.env".content = '' sops.templates."heidi_secrets.env".content = ''
DISCORD_TOKEN=${config.sops.placeholder.heidi-discord-token} DISCORD_TOKEN=${config.sops.placeholder.heidi-discord-token}
''; '';
virtualisation.oci-containers.containers.heidi = { virtualisation.oci-containers.containers = {
image = "gitea.vps.chriphost.de/christoph/discord-heidi:latest"; heidi = {
autoStart = true; image = "gitea.vps.chriphost.de/christoph/discord-heidi:${heidiVersion}";
autoStart = true;
dependsOn = []; dependsOn = [];
ports = []; ports = [];
volumes = [ volumes = [
"heidi_config:/config" "heidi_config:/config"
"/home/christoph/heidi-sounds:/sounds:ro" "/home/christoph/heidi-sounds:/sounds:ro"
]; ];
environment = { environment = {
DOCKER = "True"; DOCKER = "True";
};
environmentFiles = [
config.sops.templates."heidi_secrets.env".path
];
extraOptions = [
"--init" # Make an init process take up PID 1, to make python receive the SIGTERM
"--net=behind-nginx"
];
}; };
environmentFiles = [
config.sops.templates."heidi_secrets.env".path
];
extraOptions = [
"--init" # Make an init process take up PID 1, to make python receive the SIGTERM
"--net=behind-nginx"
];
}; };
} }

70
system/services/nginx-proxy-manager.nix
View File

@ -3,41 +3,45 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
virtualisation.oci-containers.containers.nginx-proxy-manager = { nginxVersion = "2.12.6";
image = "jc21/nginx-proxy-manager:latest"; in {
autoStart = true; virtualisation.oci-containers.containers = {
nginx-proxy-manager = {
image = "jc21/nginx-proxy-manager:${nginxVersion}";
autoStart = true;
login = { login = {
# Uses DockerHub by default # Uses DockerHub by default
# registry = ""; # registry = "";
# DockerHub Credentials # DockerHub Credentials
username = "christoph.urlacher@protonmail.com"; username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}"; passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [];
ports = [
"80:80"
# "81:81" # Web interface
"443:443"
];
volumes = [
"nginx_config:/data"
"nginx_snippets:/snippets"
"nginx_letsencrypt:/etc/letsencrypt"
];
environment = {
DISABLE_IPV6 = "true";
};
extraOptions = [
# "--net=host"
"--net=behind-nginx"
];
}; };
dependsOn = [];
ports = [
"80:80"
# "81:81" # Web interface
"443:443"
];
volumes = [
"nginx_config:/data"
"nginx_snippets:/snippets"
"nginx_letsencrypt:/etc/letsencrypt"
];
environment = {
DISABLE_IPV6 = "true";
};
extraOptions = [
# "--net=host"
"--net=behind-nginx"
];
}; };
} }

60
system/services/whats-up-docker.nix
View File

@ -3,36 +3,40 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
virtualisation.oci-containers.containers.whats-up-docker = { wudVersion = "8.1.1";
image = "getwud/wud:latest"; in {
autoStart = true; virtualisation.oci-containers.containers = {
whats-up-docker = {
image = "getwud/wud:${wudVersion}";
autoStart = true;
login = { login = {
# Uses DockerHub by default # Uses DockerHub by default
# registry = ""; # registry = "";
# DockerHub Credentials # DockerHub Credentials
username = "christoph.urlacher@protonmail.com"; username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}"; passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [
# "pihole"
];
ports = [
# "3001:3000"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
];
environment = {};
extraOptions = [
"--net=behind-nginx"
];
}; };
dependsOn = [
# "pihole"
];
ports = [
# "3001:3000"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
];
environment = {};
extraOptions = [
"--net=behind-nginx"
];
}; };
} }