From 67a5e799526ae5531ccbf6417245dcf771d6198a Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Wed, 20 Dec 2023 20:33:39 -0600 Subject: [PATCH] docker migration + giving up on collabora --- server/configuration.org | 1 + server/docker.nix | 48 +++++++++++++++++++++++++++++++++++++ server/nginx.nix | 9 +++++-- server/servers.nix | 52 ++++++++++++++++++---------------------- 4 files changed, 79 insertions(+), 31 deletions(-) create mode 100644 server/docker.nix diff --git a/server/configuration.org b/server/configuration.org index ea757e7..4b19c26 100644 --- a/server/configuration.org +++ b/server/configuration.org @@ -62,6 +62,7 @@ passwords and other secrets. imports = [ ./fstab.nix ./servers.nix + ./docker.nix # ./mail.nix # ./openldap.nix # diff --git a/server/docker.nix b/server/docker.nix new file mode 100644 index 0000000..f35ff26 --- /dev/null +++ b/server/docker.nix @@ -0,0 +1,48 @@ +{ config, lib, pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ arion docker-compose ]; + virtualisation = { + docker = { + enable = true; + enableNvidia = true; + storageDriver = "btrfs"; + }; + + oci-containers = { + backend = "docker"; + containers.collabora = { + image = "collabora/code"; + imageFile = pkgs.dockerTools.pullImage { + imageName = "collabora/code"; + imageDigest = + "sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f"; + sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs="; + }; + ports = [ "9980:9980" ]; + environment = { + domain = "cloud.servidos.lat"; + dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru"; + extra_params = "--o:ssl.enable=false --o:ssl.termination=true"; + }; + extraOptions = [ "--cap-add" "MKNOD" ]; + }; + }; + # arion = { + # backend = "docker"; + # "collabora".settings.services."collabora".service = { + # image = "collabora/code"; + # ports = [ "9980:9980/tcp" ]; + # environment = { + # server_name = "collabora.servidos.lat"; + # aliasgroup1 = "https://cloud.servidos.lat:443"; + # dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru"; + # username = "jawz"; + # password = "password"; + # extra_params = "--o:ssl.enable=false --o:ssl.termination=true"; + # }; + # extraOptions = [ "--pull=newer" ]; + # }; + # }; + }; +} diff --git a/server/nginx.nix b/server/nginx.nix index b9e1748..f39a135 100644 --- a/server/nginx.nix +++ b/server/nginx.nix @@ -6,7 +6,7 @@ let localhost = "127.0.0.1"; workstation = "192.168.1.64"; - collabora = "https://127.0.0.1:9980"; + collabora = "http://127.0.0.1:9980"; jellyfinPort = "8096"; nextcloudPort = 80; flamePort = 5005; @@ -75,7 +75,6 @@ in { map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; } map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; } - ## upload configs proxy_read_timeout 600; proxy_connect_timeout 600; @@ -251,6 +250,12 @@ in { enableACME = true; http2 = true; serverAliases = [ "cloud.rotehaare.art" ]; + locations = { + "/".proxyWebsockets = true; + # uh, equals what? + "~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" = + { }; + }; }; }; }; diff --git a/server/servers.nix b/server/servers.nix index 00c5214..c115375 100644 --- a/server/servers.nix +++ b/server/servers.nix @@ -28,10 +28,10 @@ in { perl (perlPackages.buildPerlPackage rec { pname = "Image-ExifTool"; - version = "12.60"; + version = "12.70"; src = fetchurl { url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz"; - hash = "sha256-c9vgbQBMMQgqVueNfyRvK7AAL7sYNUR7wyorB289Mq0="; + hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4="; }; }) ]); @@ -45,7 +45,7 @@ in { in { sonarr = base // { package = pkgs.sonarr; }; radarr = base // { package = pkgs.radarr; }; - bazarr = base // { }; + # bazarr = base // { }; jellyfin = base // { }; prowlarr.enable = true; microbin = { @@ -196,34 +196,28 @@ in { ''; }; }; - environment.systemPackages = with pkgs; [ docker-compose ]; - virtualisation.docker = { - enable = true; - enableNvidia = true; - storageDriver = "btrfs"; - }; systemd = { services = { - docker-compose = { - enable = true; - restartIfChanged = true; - description = "Start docker-compose servers"; - after = [ "docker.service" "docker.socket" ]; - requires = [ "docker.service" "docker.socket" ]; - wantedBy = [ "default.target" ]; - environment = { - FILE = "/home/jawz/Development/Docker/docker-compose.yml"; - }; - path = [ pkgs.docker-compose ]; - serviceConfig = { - Restart = "on-failure"; - RestartSec = 30; - ExecStart = - "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans"; - ExecStop = - "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down"; - }; - }; + # docker-compose = { + # enable = true; + # restartIfChanged = true; + # description = "Start docker-compose servers"; + # after = [ "docker.service" "docker.socket" ]; + # requires = [ "docker.service" "docker.socket" ]; + # wantedBy = [ "default.target" ]; + # environment = { + # FILE = "/home/jawz/Development/Docker/docker-compose.yml"; + # }; + # path = [ pkgs.docker-compose ]; + # serviceConfig = { + # Restart = "on-failure"; + # RestartSec = 30; + # ExecStart = + # "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans"; + # ExecStop = + # "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down"; + # }; + # }; nextcloud-cronjob = let jawzNextcloudCronjob = pkgs.writeScriptBin "nextcloud-cronjob" (builtins.readFile ../scripts/nextcloud-cronjob.sh);