fix(docker): add required changes to make every container work
All checks were successful
Discord / discord commits (push) Has been skipped

This commit is contained in:
matt1432 2024-07-24 20:52:32 -04:00
parent 827bf6ba8c
commit 59d2205e7a
21 changed files with 692 additions and 555 deletions

View file

@ -1,5 +1,5 @@
{...}: let {...}: let
configPath = "/var/lib/docker"; configPath = "/var/lib/docker-data";
in { in {
imports = [ imports = [
./forgejo/compose.nix ./forgejo/compose.nix

View file

@ -8,7 +8,10 @@
rwPath = rwDataDir + "/forgejo"; rwPath = rwDataDir + "/forgejo";
in { in {
khepri.compositions."forgejo".services = { khepri.compositions."forgejo" = {
networks.proxy_net = {external = true;};
services = {
"forgejo" = { "forgejo" = {
image = import ./images/forgejo.nix pkgs; image = import ./images/forgejo.nix pkgs;
@ -18,6 +21,8 @@ in {
"3000:3000" "3000:3000"
]; ];
networks = ["proxy_net"];
restart = "always"; restart = "always";
dependsOn = ["forgejo-db"]; dependsOn = ["forgejo-db"];
@ -48,6 +53,7 @@ in {
restart = "always"; restart = "always";
environmentFiles = [secrets.forgejo-db.path]; environmentFiles = [secrets.forgejo-db.path];
networks = ["proxy_net"];
volumes = ["${rwPath}/db:/var/lib/postgresql/data"]; volumes = ["${rwPath}/db:/var/lib/postgresql/data"];
}; };
@ -56,6 +62,8 @@ in {
image = import ./images/act_runner.nix pkgs; image = import ./images/act_runner.nix pkgs;
privileged = true; privileged = true;
user = "root:root";
networks = ["proxy_net"];
restart = "always"; restart = "always";
dependsOn = ["forgejo"]; dependsOn = ["forgejo"];
@ -67,9 +75,8 @@ in {
}; };
volumes = ["${rwPath}/act:/data"]; volumes = ["${rwPath}/act:/data"];
extraHosts = [ extraHosts = ["git.nelim.org:10.0.0.130"];
"git.nelim.org=10.0.0.130" };
];
}; };
}; };
} }

View file

@ -8,16 +8,20 @@
rwPath = rwDataDir + "/freshrss"; rwPath = rwDataDir + "/freshrss";
in { in {
khepri.compositions."freshrss".services = { khepri.compositions."freshrss" = {
networks.proxy_net = {external = true;};
services = {
"freshrss" = { "freshrss" = {
image = import ./images/freshrss.nix pkgs; image = import ./images/freshrss.nix pkgs;
restart = "always"; restart = "always";
ports = ["2800:80"]; ports = ["2800:80"];
extraHosts = [ extraHosts = [
"drss.nelim.org=10.0.0.130" "drss.nelim.org:10.0.0.130"
"bridge.nelim.org=10.0.0.130" "bridge.nelim.org:10.0.0.130"
]; ];
networks = ["proxy_net"];
volumes = let volumes = let
rss-bridge = pkgs.stdenv.mkDerivation { rss-bridge = pkgs.stdenv.mkDerivation {
@ -55,6 +59,8 @@ in {
"${rwPath}/db:/var/lib/postgresql/data" "${rwPath}/db:/var/lib/postgresql/data"
]; ];
networks = ["proxy_net"];
environmentFiles = [secrets.freshrss.path]; environmentFiles = [secrets.freshrss.path];
environment = { environment = {
@ -68,6 +74,8 @@ in {
image = import ./images/docker-hub-rss.nix pkgs; image = import ./images/docker-hub-rss.nix pkgs;
restart = "always"; restart = "always";
ports = ["3007:3000"]; ports = ["3007:3000"];
networks = ["proxy_net"];
}; };
"rss-bridge" = { "rss-bridge" = {
@ -78,6 +86,9 @@ in {
"${rwPath}/bridge:/config" "${rwPath}/bridge:/config"
]; ];
ports = ["3006:80"]; ports = ["3006:80"];
networks = ["proxy_net"];
};
}; };
}; };
} }

View file

@ -5,7 +5,10 @@
}: let }: let
inherit (config.sops) secrets; inherit (config.sops) secrets;
in { in {
khepri.compositions."gameyfin".services."gameyfin" = { khepri.compositions."gameyfin" = {
networks.proxy_net = {external = true;};
services."gameyfin" = {
image = import ./images/gameyfin.nix pkgs; image = import ./images/gameyfin.nix pkgs;
restart = "always"; restart = "always";
user = "1000:1000"; user = "1000:1000";
@ -19,5 +22,7 @@ in {
expose = ["8080"]; expose = ["8080"];
ports = ["8074:8080"]; ports = ["8074:8080"];
networks = ["proxy_net"];
};
}; };
} }

View file

@ -1,9 +1,14 @@
{pkgs, ...}: { {pkgs, ...}: {
khepri.compositions."hauk".services."hauk" = { khepri.compositions."hauk" = {
networks.proxy_net = {external = true;};
services."hauk" = {
image = import ./images/hauk.nix pkgs; image = import ./images/hauk.nix pkgs;
restart = "always"; restart = "always";
ports = ["3003:80"]; ports = ["3003:80"];
networks = ["proxy_net"];
volumes = ["${./config.php}:/etc/hauk/config.php:ro"]; volumes = ["${./config.php}:/etc/hauk/config.php:ro"];
}; };
};
} }

View file

@ -6,7 +6,10 @@
inherit (config.sops) secrets; inherit (config.sops) secrets;
inherit (pkgs.writers) writeYAML; inherit (pkgs.writers) writeYAML;
in { in {
khepri.compositions."homepage".services."homepage" = { khepri.compositions."homepage" = {
networks.proxy_net = {external = true;};
services."homepage" = {
image = import ./images/homepage.nix pkgs; image = import ./images/homepage.nix pkgs;
restart = "always"; restart = "always";
@ -14,7 +17,9 @@ in {
"3020:3000" "3020:3000"
]; ];
extraHosts = ["lan.nelim.org=10.0.0.130"]; networks = ["proxy_net"];
extraHosts = ["lan.nelim.org:10.0.0.130"];
environmentFiles = [secrets.homepage.path]; environmentFiles = [secrets.homepage.path];
@ -59,4 +64,5 @@ in {
"${widgets}:/app/config/widgets.yaml:ro" "${widgets}:/app/config/widgets.yaml:ro"
]; ];
}; };
};
} }

View file

@ -10,7 +10,10 @@
UPLOAD_LOCATION = "${rwPath}/data"; UPLOAD_LOCATION = "${rwPath}/data";
in { in {
khepri.compositions."immich".services = { khepri.compositions."immich" = {
networks.proxy_net = {external = true;};
services = {
"immich_server" = { "immich_server" = {
image = import ./images/server.nix pkgs; image = import ./images/server.nix pkgs;
environmentFiles = [ environmentFiles = [
@ -24,6 +27,7 @@ in {
ports = [ ports = [
"2283:3001" "2283:3001"
]; ];
networks = ["proxy_net"];
dependsOn = ["immich_redis" "immich_postgres"]; dependsOn = ["immich_redis" "immich_postgres"];
restart = "always"; restart = "always";
@ -38,6 +42,7 @@ in {
"${./env}" "${./env}"
secrets.immich.path secrets.immich.path
]; ];
networks = ["proxy_net"];
volumes = [ volumes = [
"${rwPath}/cache:/cache" "${rwPath}/cache:/cache"
@ -52,6 +57,7 @@ in {
"${./env}" "${./env}"
secrets.immich.path secrets.immich.path
]; ];
networks = ["proxy_net"];
}; };
"immich_postgres" = { "immich_postgres" = {
@ -61,6 +67,7 @@ in {
"${./env}" "${./env}"
secrets.immich.path secrets.immich.path
]; ];
networks = ["proxy_net"];
volumes = [ volumes = [
"${rwPath}/db:/var/lib/postgresql/data" "${rwPath}/db:/var/lib/postgresql/data"
@ -73,4 +80,5 @@ in {
}; };
}; };
}; };
};
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/media/bazarr"; rwPath = rwDataDir + "/media/bazarr";
in { in {
khepri.compositions."bazarr".services."bazarr" = { khepri.compositions."bazarr" = {
networks.proxy_net = {external = true;};
services."bazarr" = {
image = import ./images/bazarr.nix pkgs; image = import ./images/bazarr.nix pkgs;
restart = "always"; restart = "always";
@ -17,7 +20,7 @@ in {
TZ = "America/New_York"; TZ = "America/New_York";
}; };
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = [ ports = [
"6767:6767" "6767:6767"
]; ];
@ -28,5 +31,7 @@ in {
]; ];
cpus = 2; cpus = 2;
networks = ["proxy_net"];
};
}; };
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/media/calibre"; rwPath = rwDataDir + "/media/calibre";
in { in {
khepri.compositions."calibre".services = { khepri.compositions."calibre" = {
networks.proxy_net = {external = true;};
services = {
"calibre" = { "calibre" = {
image = import ./images/calibre.nix pkgs; image = import ./images/calibre.nix pkgs;
restart = "always"; restart = "always";
@ -25,11 +28,12 @@ in {
volumes = ["${rwPath}/data-db:/config"]; volumes = ["${rwPath}/data-db:/config"];
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = [ ports = [
"8580:8080" "8580:8080"
#"8081:8081" #"8081:8081"
]; ];
networks = ["proxy_net"];
#network_mode = "host"; #network_mode = "host";
}; };
@ -49,8 +53,10 @@ in {
"${rwPath}/data-db/Calibre Library:/books" "${rwPath}/data-db/Calibre Library:/books"
]; ];
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["8083:8083"]; ports = ["8083:8083"];
networks = ["proxy_net"];
};
}; };
}; };
} }

View file

@ -7,12 +7,15 @@
rwPath = rwDataDir + "/media/joal"; rwPath = rwDataDir + "/media/joal";
in { in {
khepri.compositions."joal".services."joal" = { khepri.compositions."joal" = {
networks.proxy_net = {external = true;};
services."joal" = {
image = import ./images/joal.nix pkgs; image = import ./images/joal.nix pkgs;
restart = "always"; restart = "always";
volumes = ["${rwPath}/data:/data"]; volumes = ["${rwPath}/data:/data"];
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["5656:5656"]; ports = ["5656:5656"];
cmd = [ cmd = [
@ -22,5 +25,7 @@ in {
"--joal.ui.path.prefix=joal" "--joal.ui.path.prefix=joal"
"--joal.ui.secret-token=12345" "--joal.ui.secret-token=12345"
]; ];
networks = ["proxy_net"];
};
}; };
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/media/prowlarr"; rwPath = rwDataDir + "/media/prowlarr";
in { in {
khepri.compositions."prowlarr".services = { khepri.compositions."prowlarr" = {
networks.proxy_net = {external = true;};
services = {
"prowlarr" = { "prowlarr" = {
image = import ./images/prowlarr.nix pkgs; image = import ./images/prowlarr.nix pkgs;
restart = "always"; restart = "always";
@ -19,8 +22,9 @@ in {
}; };
volumes = ["${rwPath}/data:/config"]; volumes = ["${rwPath}/data:/config"];
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["9696:9696"]; ports = ["9696:9696"];
networks = ["proxy_net"];
}; };
"flaresolverr" = { "flaresolverr" = {
@ -34,10 +38,12 @@ in {
TZ = "America/New_York"; TZ = "America/New_York";
}; };
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["8191:8191"]; ports = ["8191:8191"];
dependsOn = ["prowlarr"]; dependsOn = ["prowlarr"];
networks = ["proxy_net"];
};
}; };
}; };
} }

View file

@ -7,11 +7,14 @@
rwPath = rwDataDir + "/media/radarr"; rwPath = rwDataDir + "/media/radarr";
in { in {
khepri.compositions."radarr".services."radarr" = { khepri.compositions."radarr" = {
networks.proxy_net = {external = true;};
services."radarr" = {
image = import ./images/radarr.nix pkgs; image = import ./images/radarr.nix pkgs;
restart = "always"; restart = "always";
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["7878:7878"]; ports = ["7878:7878"];
environment = { environment = {
@ -26,5 +29,7 @@ in {
]; ];
cpus = 0.5; cpus = 0.5;
networks = ["proxy_net"];
};
}; };
} }

View file

@ -7,11 +7,14 @@
rwPath = rwDataDir + "/media/sabnzbd"; rwPath = rwDataDir + "/media/sabnzbd";
in { in {
khepri.compositions."sabnzbd".services."sabnzbd" = { khepri.compositions."sabnzbd" = {
networks.proxy_net = {external = true;};
services."sabnzbd" = {
image = import ./images/sabnzbd.nix pkgs; image = import ./images/sabnzbd.nix pkgs;
restart = "always"; restart = "always";
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["8382:8082"]; ports = ["8382:8082"];
environment = { environment = {
@ -26,5 +29,7 @@ in {
]; ];
cpus = 2; cpus = 2;
networks = ["proxy_net"];
};
}; };
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/media/seerr"; rwPath = rwDataDir + "/media/seerr";
in { in {
khepri.compositions."seerr".services."seerr" = { khepri.compositions."seerr" = {
networks.proxy_net = {external = true;};
services."seerr" = {
image = import ./images/jellyseerr.nix pkgs; image = import ./images/jellyseerr.nix pkgs;
restart = "always"; restart = "always";
@ -20,7 +23,9 @@ in {
"${rwPath}/data:/app/config" "${rwPath}/data:/app/config"
]; ];
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
networks = ["proxy_net"];
ports = ["5055:5055"]; ports = ["5055:5055"];
}; };
};
} }

View file

@ -7,11 +7,14 @@
rwPath = rwDataDir + "/media/sonarr"; rwPath = rwDataDir + "/media/sonarr";
in { in {
khepri.compositions."sonarr".services."sonarr" = { khepri.compositions."sonarr" = {
networks.proxy_net = {external = true;};
services."sonarr" = {
image = import ./images/sonarr.nix pkgs; image = import ./images/sonarr.nix pkgs;
restart = "always"; restart = "always";
extraHosts = ["lan.nelim.org=10.0.0.130"]; extraHosts = ["lan.nelim.org:10.0.0.130"];
ports = ["8989:8989"]; ports = ["8989:8989"];
environment = { environment = {
@ -26,5 +29,7 @@ in {
]; ];
cpus = 0.5; cpus = 0.5;
networks = ["proxy_net"];
};
}; };
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/music/jbots"; rwPath = rwDataDir + "/music/jbots";
in { in {
khepri.compositions."jbots".services = { khepri.compositions."jbots" = {
networks.proxy_net = {external = true;};
services = {
"musicbot_be" = { "musicbot_be" = {
containerName = "be"; containerName = "be";
image = import ./images/jmusicbot.nix pkgs; image = import ./images/jmusicbot.nix pkgs;
@ -17,6 +20,7 @@ in {
"${rwPath}/be/config.txt:/jmb/config/config.txt:ro" "${rwPath}/be/config.txt:/jmb/config/config.txt:ro"
"${rwPath}/be/playlists:/jmb/config/playlists:rw" "${rwPath}/be/playlists:/jmb/config/playlists:rw"
]; ];
networks = ["proxy_net"];
}; };
"musicbot_br" = { "musicbot_br" = {
@ -28,6 +32,8 @@ in {
"${rwPath}/br/config.txt:/jmb/config/config.txt:ro" "${rwPath}/br/config.txt:/jmb/config/config.txt:ro"
"${rwPath}/br/playlists:/jmb/config/playlists:rw" "${rwPath}/br/playlists:/jmb/config/playlists:rw"
]; ];
networks = ["proxy_net"];
};
}; };
}; };
} }

View file

@ -1,18 +1,18 @@
{ {
config, config,
lib,
pkgs, pkgs,
... ...
}: let }: let
inherit (lib) concatStrings;
inherit (config.sops) secrets; inherit (config.sops) secrets;
inherit (config.khepri) rwDataDir; inherit (config.khepri) rwDataDir;
mainContainerName = "app-server"; mainContainerName = "app-server";
rwPath = rwDataDir + "/nextcloud"; rwPath = rwDataDir + "/nextcloud";
in { in {
khepri.compositions."nextcloud".services = { khepri.compositions."nextcloud" = {
networks.proxy_net = {external = true;};
services = {
"${mainContainerName}" = { "${mainContainerName}" = {
image = import ./images/nextcloud.nix pkgs; image = import ./images/nextcloud.nix pkgs;
restart = "always"; restart = "always";
@ -22,6 +22,8 @@ in {
"9000" "9000"
]; ];
networks = ["proxy_net"];
volumes = [ volumes = [
"${rwPath}/data:/var/www/html" "${rwPath}/data:/var/www/html"
"/data/docs:/var/www/drive" "/data/docs:/var/www/drive"
@ -33,12 +35,31 @@ in {
POSTGRES_DB = "nextcloud"; POSTGRES_DB = "nextcloud";
POSTGRES_HOST = "nextcloud-db"; POSTGRES_HOST = "nextcloud-db";
REDIS_HOST = "nextcloud-cache"; REDIS_HOST = "nextcloud-cache";
REDIS_HOST_PASSWORD = "password";
NEXTCLOUD_INIT_HTACCESS = "true"; NEXTCLOUD_INIT_HTACCESS = "true";
}; };
}; };
"onlyoffice-document-server" = { "onlyoffice-document-server" = let
filePath = "/var/www/onlyoffice/documentserver/web-apps/apps/*/mobile/dist/js/app.js";
func = "isSupportEditFeature=function()";
entrypoint =
pkgs.writeScript "entrypoint"
# bash
''
#!/bin/sh
# Fix proxies
sed -i 's/"allowPrivateIPAddress": false,/"allowPrivateIPAddress": true,/' /etc/onlyoffice/documentserver/default.json
sed -i 's/"allowMetaIPAddress": false/"allowMetaIPAddress": true/' /etc/onlyoffice/documentserver/default.json
# Fix mobile editing
sed -i 's/${func}{return!1}/${func}{return 1}/g' ${filePath}
apt update
apt install imagemagick -y
exec /app/ds/run-document-server.sh
'';
in {
image = import ./images/onlyoffice.nix pkgs; image = import ./images/onlyoffice.nix pkgs;
restart = "always"; restart = "always";
@ -50,7 +71,14 @@ in {
"443" "443"
]; ];
volumes = ["${rwPath}/data-onlyoffice:/var/log/onlyoffice"]; networks = ["proxy_net"];
entrypoint = "/entrypoint.sh";
volumes = [
"${entrypoint}:/entrypoint.sh"
"${rwPath}/data-onlyoffice:/var/log/onlyoffice"
];
tmpfs = [ tmpfs = [
"/var/www/onlyoffice/Data" "/var/www/onlyoffice/Data"
"/var/lib/postgresql" "/var/lib/postgresql"
@ -59,28 +87,14 @@ in {
"/var/lib/redis" "/var/lib/redis"
"/var/lib/onlyoffice" "/var/lib/onlyoffice"
]; ];
entrypoint = ''bash -c "${let
filePath = "/var/www/onlyoffice/documentserver/web-apps/apps/*/mobile/dist/js/app.js";
func = "isSupportEditFeature=function()";
in
concatStrings [
# Fix proxies
''sed -i 's/"allowPrivateIPAddress": false,/"allowPrivateIPAddress": true,/' /etc/onlyoffice/documentserver/default.json''
''sed -i 's/"allowMetaIPAddress": false/"allowMetaIPAddress": true/' /etc/onlyoffice/documentserver/default.json''
# Fix mobile editing
"sed -i 's/${func}{return!1}/${func}{return 1}/g' ${filePath};"
"/app/ds/run-document-server.sh;"
"apt update;"
"apt install imagemagick -y;"
]}"'';
}; };
"nginx-server" = { "nginx-server" = {
image = import ./images/nginx.nix pkgs; image = import ./images/nginx.nix pkgs;
restart = "always"; restart = "always";
ports = ["8042:80"]; ports = ["8042:80"];
networks = ["proxy_net"];
volumes = [ volumes = [
"${./nginx.conf}:/etc/nginx/nginx.conf" "${./nginx.conf}:/etc/nginx/nginx.conf"
"${rwPath}/data:/var/www/html" "${rwPath}/data:/var/www/html"
@ -95,18 +109,32 @@ in {
"${rwPath}/database:/var/lib/postgresql/data" "${rwPath}/database:/var/lib/postgresql/data"
"/etc/localtime:/etc/localtime:ro" "/etc/localtime:/etc/localtime:ro"
]; ];
networks = ["proxy_net"];
}; };
"nextcloud-cache" = { "nextcloud-cache" = let
entrypoint =
pkgs.writeScript "entrypoint"
# bash
''
#!/bin/sh
exec redis-server --requirepass "$REDIS_HOST_PASSWORD"
'';
in {
image = import ./images/redis.nix pkgs; image = import ./images/redis.nix pkgs;
restart = "always"; restart = "always";
#mem_limit = "2048m"; #mem_limit = "2048m";
#mem_reservation = "512m"; #mem_reservation = "512m";
environmentFiles = [secrets.nextcloud.path]; environmentFiles = [secrets.nextcloud.path];
cmd = [''/bin/sh -c "redis-server --requirepass $$REDIS_HOST_PASSWORD"''];
tmpfs = [ entrypoint = "/entrypoint.sh";
"/data"
]; volumes = ["${entrypoint}:/entrypoint.sh"];
tmpfs = ["/data"];
networks = ["proxy_net"];
};
}; };
}; };

View file

@ -8,7 +8,10 @@
rwPath = rwDataDir + "/resume"; rwPath = rwDataDir + "/resume";
in { in {
khepri.compositions."resume".services = { khepri.compositions."resume" = {
networks.proxy_net = {external = true;};
services = {
"postgres" = { "postgres" = {
image = import ./images/postgres.nix pkgs; image = import ./images/postgres.nix pkgs;
restart = "always"; restart = "always";
@ -20,6 +23,7 @@ in {
]; ];
environmentFiles = [secrets.resume.path]; environmentFiles = [secrets.resume.path];
networks = ["proxy_net"];
}; };
"server" = { "server" = {
@ -36,6 +40,7 @@ in {
PUBLIC_URL = "https://resume.nelim.org"; PUBLIC_URL = "https://resume.nelim.org";
PUBLIC_SERVER_URL = "https://resauth.nelim.org"; PUBLIC_SERVER_URL = "https://resauth.nelim.org";
}; };
networks = ["proxy_net"];
}; };
"client" = { "client" = {
@ -50,6 +55,8 @@ in {
PUBLIC_URL = "https://resume.nelim.org"; PUBLIC_URL = "https://resume.nelim.org";
PUBLIC_SERVER_URL = "https://resauth.nelim.org"; PUBLIC_SERVER_URL = "https://resauth.nelim.org";
}; };
networks = ["proxy_net"];
};
}; };
}; };
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/vaultwarden"; rwPath = rwDataDir + "/vaultwarden";
in { in {
khepri.compositions."vaultwarden".services = { khepri.compositions."vaultwarden" = {
networks.proxy_net = {external = true;};
services = {
"public-vault" = { "public-vault" = {
image = import ./images/vaultwarden.nix pkgs; image = import ./images/vaultwarden.nix pkgs;
restart = "always"; restart = "always";
@ -15,6 +18,7 @@ in {
ports = ["8781:80"]; ports = ["8781:80"];
volumes = ["${rwPath}/public-data:/data"]; volumes = ["${rwPath}/public-data:/data"];
environment.WEBSOCKET_ENABLED = "true"; environment.WEBSOCKET_ENABLED = "true";
networks = ["proxy_net"];
}; };
"private-vault" = { "private-vault" = {
@ -24,6 +28,8 @@ in {
ports = ["8780:80"]; ports = ["8780:80"];
volumes = ["${rwPath}/private-data:/data"]; volumes = ["${rwPath}/private-data:/data"];
environment.WEBSOCKET_ENABLED = "true"; environment.WEBSOCKET_ENABLED = "true";
networks = ["proxy_net"];
};
}; };
}; };
} }

View file

@ -7,7 +7,10 @@
rwPath = rwDataDir + "/wg-easy"; rwPath = rwDataDir + "/wg-easy";
in { in {
khepri.compositions."wg-easy".services."wg-easy" = { khepri.compositions."wg-easy" = {
networks.proxy_net = {external = true;};
services."wg-easy" = {
image = import ./images/wg-easy.nix pkgs; image = import ./images/wg-easy.nix pkgs;
restart = "always"; restart = "always";
privileged = true; privileged = true;
@ -40,5 +43,8 @@ in {
"51822:51820/udp" "51822:51820/udp"
"51821:51821/tcp" "51821:51821/tcp"
]; ];
networks = ["proxy_net"];
};
}; };
} }

Binary file not shown.