jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docker migration + giving up on collabora

Browse Source
This commit is contained in:
Danilo Reyes 2023-12-20 20:33:39 -06:00
parent 239dd9710a
commit 67a5e79952
4 changed files with 79 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
server/configuration.org
View File

@ -62,6 +62,7 @@ passwords and other secrets.
imports = [ imports = [
./fstab.nix ./fstab.nix
./servers.nix ./servers.nix
./docker.nix
# ./mail.nix # ./mail.nix
# ./openldap.nix # ./openldap.nix
# <agenix/modules/age.nix> # <agenix/modules/age.nix>

48
server/docker.nix Normal file
View File

@ -0,0 +1,48 @@
{ config, lib, pkgs, ... }:
{
environment.systemPackages = with pkgs; [ arion docker-compose ];
virtualisation = {
docker = {
enable = true;
enableNvidia = true;
storageDriver = "btrfs";
};
oci-containers = {
backend = "docker";
containers.collabora = {
image = "collabora/code";
imageFile = pkgs.dockerTools.pullImage {
imageName = "collabora/code";
imageDigest =
"sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f";
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs=";
};
ports = [ "9980:9980" ];
environment = {
domain = "cloud.servidos.lat";
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
};
extraOptions = [ "--cap-add" "MKNOD" ];
};
};
# arion = {
# backend = "docker";
# "collabora".settings.services."collabora".service = {
# image = "collabora/code";
# ports = [ "9980:9980/tcp" ];
# environment = {
# server_name = "collabora.servidos.lat";
# aliasgroup1 = "https://cloud.servidos.lat:443";
# dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
# username = "jawz";
# password = "password";
# extra_params = "--o:ssl.enable=false --o:ssl.termination=true";
# };
# extraOptions = [ "--pull=newer" ];
# };
# };
};
}

9
server/nginx.nix
View File

@ -6,7 +6,7 @@
let let
localhost = "127.0.0.1"; localhost = "127.0.0.1";
workstation = "192.168.1.64"; workstation = "192.168.1.64";
collabora = "https://127.0.0.1:9980"; collabora = "http://127.0.0.1:9980";
jellyfinPort = "8096"; jellyfinPort = "8096";
nextcloudPort = 80; nextcloudPort = 80;
flamePort = 5005; flamePort = 5005;
@ -75,7 +75,6 @@ in {
map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; } map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; }
map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; } map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; }
## upload configs ## upload configs
proxy_read_timeout 600; proxy_read_timeout 600;
proxy_connect_timeout 600; proxy_connect_timeout 600;
@ -251,6 +250,12 @@ in {
enableACME = true; enableACME = true;
http2 = true; http2 = true;
serverAliases = [ "cloud.rotehaare.art" ]; serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
# uh, equals what?
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
}; };
}; };
}; };

52
server/servers.nix
View File

@ -28,10 +28,10 @@ in {
perl perl
(perlPackages.buildPerlPackage rec { (perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool"; pname = "Image-ExifTool";
version = "12.60"; version = "12.70";
src = fetchurl { src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz"; url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-c9vgbQBMMQgqVueNfyRvK7AAL7sYNUR7wyorB289Mq0="; hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4=";
}; };
}) })
]); ]);
@ -45,7 +45,7 @@ in {
in { in {
sonarr = base // { package = pkgs.sonarr; }; sonarr = base // { package = pkgs.sonarr; };
radarr = base // { package = pkgs.radarr; }; radarr = base // { package = pkgs.radarr; };
bazarr = base // { }; # bazarr = base // { };
jellyfin = base // { }; jellyfin = base // { };
prowlarr.enable = true; prowlarr.enable = true;
microbin = { microbin = {
@ -196,34 +196,28 @@ in {
''; '';
}; };
}; };
environment.systemPackages = with pkgs; [ docker-compose ];
virtualisation.docker = {
enable = true;
enableNvidia = true;
storageDriver = "btrfs";
};
systemd = { systemd = {
services = { services = {
docker-compose = { # docker-compose = {
enable = true; # enable = true;
restartIfChanged = true; # restartIfChanged = true;
description = "Start docker-compose servers"; # description = "Start docker-compose servers";
after = [ "docker.service" "docker.socket" ]; # after = [ "docker.service" "docker.socket" ];
requires = [ "docker.service" "docker.socket" ]; # requires = [ "docker.service" "docker.socket" ];
wantedBy = [ "default.target" ]; # wantedBy = [ "default.target" ];
environment = { # environment = {
FILE = "/home/jawz/Development/Docker/docker-compose.yml"; # FILE = "/home/jawz/Development/Docker/docker-compose.yml";
}; # };
path = [ pkgs.docker-compose ]; # path = [ pkgs.docker-compose ];
serviceConfig = { # serviceConfig = {
Restart = "on-failure"; # Restart = "on-failure";
RestartSec = 30; # RestartSec = 30;
ExecStart = # ExecStart =
"${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans"; # "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans";
ExecStop = # ExecStop =
"${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down"; # "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down";
}; # };
}; # };
nextcloud-cronjob = let nextcloud-cronjob = let
jawzNextcloudCronjob = pkgs.writeScriptBin "nextcloud-cronjob" jawzNextcloudCronjob = pkgs.writeScriptBin "nextcloud-cronjob"
(builtins.readFile ../scripts/nextcloud-cronjob.sh); (builtins.readFile ../scripts/nextcloud-cronjob.sh);