diff --git a/server/docker.nix b/server/docker.nix index 42a4067..99d275b 100644 --- a/server/docker.nix +++ b/server/docker.nix @@ -1,25 +1,41 @@ { config, lib, pkgs, ... }: { - environment.systemPackages = with pkgs; [ arion docker-compose ]; + environment.systemPackages = with pkgs; [ podman-compose ]; virtualisation = { - docker = { + podman = { enable = true; enableNvidia = true; - storageDriver = "btrfs"; + dockerCompat = true; + defaultNetwork.settings.dns_enabled = true; + autoPrune = { + enable = true; + flags = [ "--all" ]; + dates = "weekly"; + }; }; oci-containers = { - backend = "docker"; containers = { collabora = { image = "collabora/code"; + imageFile = pkgs.dockerTools.pullImage { + imageName = "collabora/code"; + imageDigest = + "sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f"; + sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs="; + }; ports = [ "9980:9980" ]; environment = { domain = "cloud.servidos.lat"; username = "jawz"; password = "chichis"; dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru"; - extra_params = "--o:ssl.enable=false --o:ssl.termination=true"; + extra_params = '' + --o:ssl.enable=false + --o:ssl.termination=true + ''; + # --o:net.post_allow.host=\:\:ffff\:172\.16\.[0-9]{1,3}\.[0-9]{1,3} + # --o:storage.wopi.host=\:\:ffff\:172\.16\.[0-9]{1,3}\.[0-9]{1,3} }; extraOptions = [ "--cap-add" "MKNOD" ]; }; @@ -46,7 +62,7 @@ ports = [ "5007:5005" ]; volumes = [ "/var/lib/docker-configs/flame-nsfw:/app/data" - "/var/run/docker.sock:/var/run/docker.sock" + # "/var/run/docker.sock:/var/run/docker.sock" ]; environment = { PUID = "1000"; diff --git a/server/nginx.nix b/server/nginx.nix index 2a80fd5..4248480 100644 --- a/server/nginx.nix +++ b/server/nginx.nix @@ -171,8 +171,8 @@ in { ${config.services.nextcloud.hostName} = { forceSSL = true; enableACME = true; - serverAliases = [ "cloud.rotehaare.art" ]; http2 = true; + serverAliases = [ "cloud.rotehaare.art" ]; locations = { "/".proxyWebsockets = true; # uh, equals what?