diff --git a/apps/update/default.nix b/apps/update/default.nix index 6a707e43..08146a64 100644 --- a/apps/update/default.nix +++ b/apps/update/default.nix @@ -22,7 +22,7 @@ in npmDepsHash = "sha256-qpnQSJNl68LrsU8foJYxdBXpoFj7VKQahC9DFmleWTs="; runtimeInputs = [ - (callPackage ../../modules/arion/updateImage.nix {}) + (callPackage ../../modules/docker/updateImage.nix {}) mozilla-addons-to-nix.packages.${system}.default ]; nativeBuildInputs = [makeWrapper]; diff --git a/apps/update/src/misc.ts b/apps/update/src/misc.ts index b3be5e70..3bcca6e5 100644 --- a/apps/update/src/misc.ts +++ b/apps/update/src/misc.ts @@ -30,7 +30,7 @@ export const updateFlakeInputs = () => { export const updateDocker = () => { let updates = ''; - const FILE = `${FLAKE}/devices/nos/modules/arion`; + const FILE = `${FLAKE}/devices/nos/modules/docker`; readdirSync(FILE, { withFileTypes: true, recursive: true }).forEach((path) => { if (path.name === 'compose.nix') { diff --git a/common/default.nix b/common/default.nix index f795d19a..de060697 100644 --- a/common/default.nix +++ b/common/default.nix @@ -16,7 +16,6 @@ home-manager.nixosModules.home-manager - ../modules/arion ../modules/borgbackup ]; diff --git a/devices/nos/default.nix b/devices/nos/default.nix index 1e67e033..18d2bebe 100644 --- a/devices/nos/default.nix +++ b/devices/nos/default.nix @@ -1,4 +1,8 @@ -{config, ...}: let +{ + config, + self, + ... +}: let inherit (config.vars) mainUser hostName; in { # ------------------------------------------------ @@ -11,12 +15,14 @@ in { ../../modules/sshd.nix ../../modules/tailscale.nix - ./modules/arion + ./modules/docker ./modules/jellyfin ./modules/mergerfs.nix ./modules/qbittorrent ./modules/snapraid.nix ./modules/subtitles + + self.nixosModules.docker ]; # State Version: DO NOT CHANGE diff --git a/devices/nos/modules/arion/default.nix b/devices/nos/modules/docker/default.nix similarity index 82% rename from devices/nos/modules/arion/default.nix rename to devices/nos/modules/docker/default.nix index 729fca9f..f250898e 100644 --- a/devices/nos/modules/arion/default.nix +++ b/devices/nos/modules/docker/default.nix @@ -1,5 +1,5 @@ {...}: let - configPath = "/var/lib/arion"; + configPath = "/var/lib/docker"; in { imports = [ ./forgejo/compose.nix @@ -24,13 +24,11 @@ in { ./media/sonarr/compose.nix ]; - arion = { - enable = true; + khepri = { rwDataDir = configPath; }; - services.borgbackup.configs.arion = { + services.borgbackup.configs.docker = { paths = [configPath]; - exclude = ["**/lineageos*"]; }; } diff --git a/devices/nos/modules/arion/forgejo/compose.nix b/devices/nos/modules/docker/forgejo/compose.nix similarity index 64% rename from devices/nos/modules/arion/forgejo/compose.nix rename to devices/nos/modules/docker/forgejo/compose.nix index 43f5dd0f..7fa62155 100644 --- a/devices/nos/modules/arion/forgejo/compose.nix +++ b/devices/nos/modules/docker/forgejo/compose.nix @@ -1,12 +1,16 @@ -{config, ...}: let +{ + config, + pkgs, + ... +}: let inherit (config.sops) secrets; - inherit (config.arion) rwDataDir; + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/forgejo"; in { - arion.projects."forgejo" = { + khepri.compositions."forgejo".services = { "forgejo" = { - image = ./images/forgejo.nix; + image = import ./images/forgejo.nix pkgs; ports = [ # Redirect WAN port 22 to this port @@ -15,9 +19,9 @@ in { ]; restart = "always"; - depends_on = ["forgejo-db"]; + dependsOn = ["forgejo-db"]; - env_file = [secrets.forgejo.path]; + environmentFiles = [secrets.forgejo.path]; environment = { APP_NAME = "Gitea"; @@ -27,8 +31,8 @@ in { ROOT_URL = "https://git.nelim.org"; SSH_DOMAIN = "git.nelim.org"; - SSH_PORT = 22; - HTTP_PORT = 3000; + SSH_PORT = "22"; + HTTP_PORT = "3000"; }; volumes = [ @@ -39,32 +43,31 @@ in { }; "forgejo-db" = { - image = ./images/postgres.nix; + image = import ./images/postgres.nix pkgs; restart = "always"; - env_file = [secrets.forgejo-db.path]; + environmentFiles = [secrets.forgejo-db.path]; volumes = ["${rwPath}/db:/var/lib/postgresql/data"]; }; "act_runner" = { - image = ./images/act_runner.nix; + image = import ./images/act_runner.nix pkgs; + privileged = true; restart = "always"; - depends_on = ["forgejo"]; + dependsOn = ["forgejo"]; - env_file = [secrets.forgejo-runner.path]; + environmentFiles = [secrets.forgejo-runner.path]; environment = { GITEA_INSTANCE_URL = "https://git.nelim.org"; GITEA_RUNNER_NAME = "DinD"; }; volumes = ["${rwPath}/act:/data"]; - - dns = ["1.0.0.1"]; - extra_hosts = [ + extraHosts = [ "git.nelim.org=10.0.0.130" ]; }; diff --git a/devices/nos/modules/arion/forgejo/images/act_runner.nix b/devices/nos/modules/docker/forgejo/images/act_runner.nix similarity index 100% rename from devices/nos/modules/arion/forgejo/images/act_runner.nix rename to devices/nos/modules/docker/forgejo/images/act_runner.nix diff --git a/devices/nos/modules/arion/forgejo/images/forgejo.nix b/devices/nos/modules/docker/forgejo/images/forgejo.nix similarity index 100% rename from devices/nos/modules/arion/forgejo/images/forgejo.nix rename to devices/nos/modules/docker/forgejo/images/forgejo.nix diff --git a/devices/nos/modules/arion/forgejo/images/postgres.nix b/devices/nos/modules/docker/forgejo/images/postgres.nix similarity index 100% rename from devices/nos/modules/arion/forgejo/images/postgres.nix rename to devices/nos/modules/docker/forgejo/images/postgres.nix diff --git a/devices/nos/modules/arion/freshrss/compose.nix b/devices/nos/modules/docker/freshrss/compose.nix similarity index 79% rename from devices/nos/modules/arion/freshrss/compose.nix rename to devices/nos/modules/docker/freshrss/compose.nix index a8352514..8e63b8eb 100644 --- a/devices/nos/modules/arion/freshrss/compose.nix +++ b/devices/nos/modules/docker/freshrss/compose.nix @@ -4,17 +4,17 @@ ... }: let inherit (config.sops) secrets; - inherit (config.arion) rwDataDir; + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/freshrss"; in { - arion.projects."freshrss" = { + khepri.compositions."freshrss".services = { "freshrss" = { - image = ./images/freshrss.nix; + image = import ./images/freshrss.nix pkgs; restart = "always"; ports = ["2800:80"]; - extra_hosts = [ + extraHosts = [ "drss.nelim.org=10.0.0.130" "bridge.nelim.org=10.0.0.130" ]; @@ -39,7 +39,7 @@ in { "${rss-bridge}/xExtension-RssBridge:/var/www/FreshRSS/extensions/xExtension-RssBridge:ro" ]; - env_file = [secrets.freshrss.path]; + environmentFiles = [secrets.freshrss.path]; environment = { TZ = "America/New_York"; @@ -48,14 +48,14 @@ in { }; "freshrss-db" = { - image = ./images/postgres.nix; + image = import ./images/postgres.nix pkgs; restart = "always"; volumes = [ "${rwPath}/db:/var/lib/postgresql/data" ]; - env_file = [secrets.freshrss.path]; + environmentFiles = [secrets.freshrss.path]; environment = { POSTGRES_DB = "\${DB_BASE:-freshrss}"; @@ -65,13 +65,13 @@ in { }; "docker-hub-rss" = { - image = ./images/docker-hub-rss.nix; + image = import ./images/docker-hub-rss.nix pkgs; restart = "always"; ports = ["3007:3000"]; }; "rss-bridge" = { - image = ./images/rss-bridge.nix; + image = import ./images/rss-bridge.nix pkgs; restart = "always"; volumes = [ diff --git a/devices/nos/modules/arion/freshrss/images/docker-hub-rss.nix b/devices/nos/modules/docker/freshrss/images/docker-hub-rss.nix similarity index 100% rename from devices/nos/modules/arion/freshrss/images/docker-hub-rss.nix rename to devices/nos/modules/docker/freshrss/images/docker-hub-rss.nix diff --git a/devices/nos/modules/arion/freshrss/images/freshrss.nix b/devices/nos/modules/docker/freshrss/images/freshrss.nix similarity index 100% rename from devices/nos/modules/arion/freshrss/images/freshrss.nix rename to devices/nos/modules/docker/freshrss/images/freshrss.nix diff --git a/devices/nos/modules/arion/freshrss/images/postgres.nix b/devices/nos/modules/docker/freshrss/images/postgres.nix similarity index 100% rename from devices/nos/modules/arion/freshrss/images/postgres.nix rename to devices/nos/modules/docker/freshrss/images/postgres.nix diff --git a/devices/nos/modules/arion/freshrss/images/rss-bridge.nix b/devices/nos/modules/docker/freshrss/images/rss-bridge.nix similarity index 100% rename from devices/nos/modules/arion/freshrss/images/rss-bridge.nix rename to devices/nos/modules/docker/freshrss/images/rss-bridge.nix diff --git a/devices/nos/modules/arion/gameyfin/compose.nix b/devices/nos/modules/docker/gameyfin/compose.nix similarity index 57% rename from devices/nos/modules/arion/gameyfin/compose.nix rename to devices/nos/modules/docker/gameyfin/compose.nix index 772a279a..cd4c27c3 100644 --- a/devices/nos/modules/arion/gameyfin/compose.nix +++ b/devices/nos/modules/docker/gameyfin/compose.nix @@ -1,12 +1,16 @@ -{config, ...}: let +{ + config, + pkgs, + ... +}: let inherit (config.sops) secrets; in { - arion.projects."gameyfin"."gameyfin" = { - image = ./images/gameyfin.nix; + khepri.compositions."gameyfin".services."gameyfin" = { + image = import ./images/gameyfin.nix pkgs; restart = "always"; user = "1000:1000"; - env_file = [secrets.gameyfin.path]; + environmentFiles = [secrets.gameyfin.path]; environment.GAMEYFIN_USER = "mathis"; volumes = [ diff --git a/devices/nos/modules/arion/gameyfin/images/gameyfin.nix b/devices/nos/modules/docker/gameyfin/images/gameyfin.nix similarity index 100% rename from devices/nos/modules/arion/gameyfin/images/gameyfin.nix rename to devices/nos/modules/docker/gameyfin/images/gameyfin.nix diff --git a/devices/nos/modules/arion/hauk/compose.nix b/devices/nos/modules/docker/hauk/compose.nix similarity index 52% rename from devices/nos/modules/arion/hauk/compose.nix rename to devices/nos/modules/docker/hauk/compose.nix index 5481423d..2fd9ff62 100644 --- a/devices/nos/modules/arion/hauk/compose.nix +++ b/devices/nos/modules/docker/hauk/compose.nix @@ -1,6 +1,6 @@ -{...}: { - arion.projects."hauk"."hauk" = { - image = ./images/hauk.nix; +{pkgs, ...}: { + khepri.compositions."hauk".services."hauk" = { + image = import ./images/hauk.nix pkgs; restart = "always"; ports = ["3003:80"]; diff --git a/devices/nos/modules/arion/hauk/config.php b/devices/nos/modules/docker/hauk/config.php similarity index 100% rename from devices/nos/modules/arion/hauk/config.php rename to devices/nos/modules/docker/hauk/config.php diff --git a/devices/nos/modules/arion/hauk/images/hauk.nix b/devices/nos/modules/docker/hauk/images/hauk.nix similarity index 100% rename from devices/nos/modules/arion/hauk/images/hauk.nix rename to devices/nos/modules/docker/hauk/images/hauk.nix diff --git a/devices/nos/modules/arion/homepage/compose.nix b/devices/nos/modules/docker/homepage/compose.nix similarity index 85% rename from devices/nos/modules/arion/homepage/compose.nix rename to devices/nos/modules/docker/homepage/compose.nix index d777ea25..bfbd40ac 100644 --- a/devices/nos/modules/arion/homepage/compose.nix +++ b/devices/nos/modules/docker/homepage/compose.nix @@ -6,17 +6,17 @@ inherit (config.sops) secrets; inherit (pkgs.writers) writeYAML; in { - arion.projects."homepage"."homepage" = { - image = ./images/homepage.nix; + khepri.compositions."homepage".services."homepage" = { + image = import ./images/homepage.nix pkgs; restart = "always"; ports = [ "3020:3000" ]; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; - env_file = [secrets.homepage.path]; + environmentFiles = [secrets.homepage.path]; volumes = let services = writeYAML "services.yaml" (import ./services.nix); diff --git a/devices/nos/modules/arion/homepage/images/homepage.nix b/devices/nos/modules/docker/homepage/images/homepage.nix similarity index 100% rename from devices/nos/modules/arion/homepage/images/homepage.nix rename to devices/nos/modules/docker/homepage/images/homepage.nix diff --git a/devices/nos/modules/arion/homepage/services.nix b/devices/nos/modules/docker/homepage/services.nix similarity index 100% rename from devices/nos/modules/arion/homepage/services.nix rename to devices/nos/modules/docker/homepage/services.nix diff --git a/devices/nos/modules/arion/immich/compose.nix b/devices/nos/modules/docker/immich/compose.nix similarity index 69% rename from devices/nos/modules/arion/immich/compose.nix rename to devices/nos/modules/docker/immich/compose.nix index 2ce906b5..d1e93e1c 100644 --- a/devices/nos/modules/arion/immich/compose.nix +++ b/devices/nos/modules/docker/immich/compose.nix @@ -1,15 +1,19 @@ -{config, ...}: let +{ + config, + pkgs, + ... +}: let inherit (config.sops) secrets; - inherit (config.arion) rwDataDir; + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/immich"; UPLOAD_LOCATION = "${rwPath}/data"; in { - arion.projects."immich" = { + khepri.compositions."immich".services = { "immich_server" = { - image = ./images/server.nix; - env_file = [ + image = import ./images/server.nix pkgs; + environmentFiles = [ "${./env}" secrets.immich.path ]; @@ -21,16 +25,16 @@ in { "2283:3001" ]; - depends_on = ["immich_redis" "immich_postgres"]; + dependsOn = ["immich_redis" "immich_postgres"]; restart = "always"; environment.NODE_ENV = "production"; }; "immich_machine_learning" = { - image = ./images/machine-learning.nix; + image = import ./images/machine-learning.nix pkgs; restart = "always"; - env_file = [ + environmentFiles = [ "${./env}" secrets.immich.path ]; @@ -41,19 +45,19 @@ in { }; "immich_redis" = { - image = ./images/redis.nix; + image = import ./images/redis.nix pkgs; restart = "always"; tmpfs = ["/data"]; - env_file = [ + environmentFiles = [ "${./env}" secrets.immich.path ]; }; "immich_postgres" = { - image = ./images/postgres.nix; + image = import ./images/postgres.nix pkgs; restart = "always"; - env_file = [ + environmentFiles = [ "${./env}" secrets.immich.path ]; diff --git a/devices/nos/modules/arion/immich/env b/devices/nos/modules/docker/immich/env similarity index 100% rename from devices/nos/modules/arion/immich/env rename to devices/nos/modules/docker/immich/env diff --git a/devices/nos/modules/arion/immich/images/machine-learning.nix b/devices/nos/modules/docker/immich/images/machine-learning.nix similarity index 100% rename from devices/nos/modules/arion/immich/images/machine-learning.nix rename to devices/nos/modules/docker/immich/images/machine-learning.nix diff --git a/devices/nos/modules/arion/immich/images/postgres.nix b/devices/nos/modules/docker/immich/images/postgres.nix similarity index 100% rename from devices/nos/modules/arion/immich/images/postgres.nix rename to devices/nos/modules/docker/immich/images/postgres.nix diff --git a/devices/nos/modules/arion/immich/images/redis.nix b/devices/nos/modules/docker/immich/images/redis.nix similarity index 100% rename from devices/nos/modules/arion/immich/images/redis.nix rename to devices/nos/modules/docker/immich/images/redis.nix diff --git a/devices/nos/modules/arion/immich/images/server.nix b/devices/nos/modules/docker/immich/images/server.nix similarity index 100% rename from devices/nos/modules/arion/immich/images/server.nix rename to devices/nos/modules/docker/immich/images/server.nix diff --git a/devices/nos/modules/arion/media/bazarr/compose.nix b/devices/nos/modules/docker/media/bazarr/compose.nix similarity index 54% rename from devices/nos/modules/arion/media/bazarr/compose.nix rename to devices/nos/modules/docker/media/bazarr/compose.nix index 7b83bde0..b7d9a3fc 100644 --- a/devices/nos/modules/arion/media/bazarr/compose.nix +++ b/devices/nos/modules/docker/media/bazarr/compose.nix @@ -1,10 +1,14 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/bazarr"; in { - arion.projects."bazarr"."bazarr" = { - image = ./images/bazarr.nix; + khepri.compositions."bazarr".services."bazarr" = { + image = import ./images/bazarr.nix pkgs; restart = "always"; environment = { @@ -13,7 +17,7 @@ in { TZ = "America/New_York"; }; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = [ "6767:6767" ]; @@ -23,8 +27,6 @@ in { "/data:/data" ]; - extraOptions = { - deploy.resources.limits.cpus = "2"; - }; + cpus = 2; }; } diff --git a/devices/nos/modules/arion/media/bazarr/images/bazarr.nix b/devices/nos/modules/docker/media/bazarr/images/bazarr.nix similarity index 100% rename from devices/nos/modules/arion/media/bazarr/images/bazarr.nix rename to devices/nos/modules/docker/media/bazarr/images/bazarr.nix diff --git a/devices/nos/modules/arion/media/calibre/compose.nix b/devices/nos/modules/docker/media/calibre/compose.nix similarity index 72% rename from devices/nos/modules/arion/media/calibre/compose.nix rename to devices/nos/modules/docker/media/calibre/compose.nix index cac05854..f00a881f 100644 --- a/devices/nos/modules/arion/media/calibre/compose.nix +++ b/devices/nos/modules/docker/media/calibre/compose.nix @@ -1,11 +1,15 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/calibre"; in { - arion.projects."calibre" = { + khepri.compositions."calibre".services = { "calibre" = { - image = ./images/calibre.nix; + image = import ./images/calibre.nix pkgs; restart = "always"; environment = { @@ -21,7 +25,7 @@ in { volumes = ["${rwPath}/data-db:/config"]; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = [ "8580:8080" #"8081:8081" @@ -30,7 +34,7 @@ in { }; "calibre-web" = { - image = ./images/calibre-web.nix; + image = import ./images/calibre-web.nix pkgs; restart = "always"; environment = { @@ -45,7 +49,7 @@ in { "${rwPath}/data-db/Calibre Library:/books" ]; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["8083:8083"]; }; }; diff --git a/devices/nos/modules/arion/media/calibre/images/calibre-web.nix b/devices/nos/modules/docker/media/calibre/images/calibre-web.nix similarity index 100% rename from devices/nos/modules/arion/media/calibre/images/calibre-web.nix rename to devices/nos/modules/docker/media/calibre/images/calibre-web.nix diff --git a/devices/nos/modules/arion/media/calibre/images/calibre.nix b/devices/nos/modules/docker/media/calibre/images/calibre.nix similarity index 100% rename from devices/nos/modules/arion/media/calibre/images/calibre.nix rename to devices/nos/modules/docker/media/calibre/images/calibre.nix diff --git a/devices/nos/modules/arion/media/joal/compose.nix b/devices/nos/modules/docker/media/joal/compose.nix similarity index 59% rename from devices/nos/modules/arion/media/joal/compose.nix rename to devices/nos/modules/docker/media/joal/compose.nix index 465046cd..9ae01b70 100644 --- a/devices/nos/modules/arion/media/joal/compose.nix +++ b/devices/nos/modules/docker/media/joal/compose.nix @@ -1,17 +1,21 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/joal"; in { - arion.projects."joal"."joal" = { - image = ./images/joal.nix; + khepri.compositions."joal".services."joal" = { + image = import ./images/joal.nix pkgs; restart = "always"; volumes = ["${rwPath}/data:/data"]; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["5656:5656"]; - command = [ + cmd = [ "--joal-conf=/data" "--spring.main.web-environment=true" "--server.port=5656" diff --git a/devices/nos/modules/arion/media/joal/images/joal.nix b/devices/nos/modules/docker/media/joal/images/joal.nix similarity index 100% rename from devices/nos/modules/arion/media/joal/images/joal.nix rename to devices/nos/modules/docker/media/joal/images/joal.nix diff --git a/devices/nos/modules/arion/media/prowlarr/compose.nix b/devices/nos/modules/docker/media/prowlarr/compose.nix similarity index 60% rename from devices/nos/modules/arion/media/prowlarr/compose.nix rename to devices/nos/modules/docker/media/prowlarr/compose.nix index afcd3851..9577ad5b 100644 --- a/devices/nos/modules/arion/media/prowlarr/compose.nix +++ b/devices/nos/modules/docker/media/prowlarr/compose.nix @@ -1,11 +1,15 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/prowlarr"; in { - arion.projects."prowlarr" = { + khepri.compositions."prowlarr".services = { "prowlarr" = { - image = ./images/prowlarr.nix; + image = import ./images/prowlarr.nix pkgs; restart = "always"; environment = { @@ -15,12 +19,12 @@ in { }; volumes = ["${rwPath}/data:/config"]; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["9696:9696"]; }; "flaresolverr" = { - image = ./images/flaresolverr.nix; + image = import ./images/flaresolverr.nix pkgs; restart = "always"; environment = { @@ -30,10 +34,10 @@ in { TZ = "America/New_York"; }; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["8191:8191"]; - depends_on = ["prowlarr"]; + dependsOn = ["prowlarr"]; }; }; } diff --git a/devices/nos/modules/arion/media/prowlarr/images/flaresolverr.nix b/devices/nos/modules/docker/media/prowlarr/images/flaresolverr.nix similarity index 100% rename from devices/nos/modules/arion/media/prowlarr/images/flaresolverr.nix rename to devices/nos/modules/docker/media/prowlarr/images/flaresolverr.nix diff --git a/devices/nos/modules/arion/media/prowlarr/images/prowlarr.nix b/devices/nos/modules/docker/media/prowlarr/images/prowlarr.nix similarity index 100% rename from devices/nos/modules/arion/media/prowlarr/images/prowlarr.nix rename to devices/nos/modules/docker/media/prowlarr/images/prowlarr.nix diff --git a/devices/nos/modules/arion/media/radarr/compose.nix b/devices/nos/modules/docker/media/radarr/compose.nix similarity index 53% rename from devices/nos/modules/arion/media/radarr/compose.nix rename to devices/nos/modules/docker/media/radarr/compose.nix index 52e685f0..2f545235 100644 --- a/devices/nos/modules/arion/media/radarr/compose.nix +++ b/devices/nos/modules/docker/media/radarr/compose.nix @@ -1,13 +1,17 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/radarr"; in { - arion.projects."radarr"."radarr" = { - image = ./images/radarr.nix; + khepri.compositions."radarr".services."radarr" = { + image = import ./images/radarr.nix pkgs; restart = "always"; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["7878:7878"]; environment = { @@ -21,8 +25,6 @@ in { "/data:/data" ]; - extraOptions = { - deploy.resources.limits.cpus = "0.5"; - }; + cpus = 0.5; }; } diff --git a/devices/nos/modules/arion/media/radarr/images/radarr.nix b/devices/nos/modules/docker/media/radarr/images/radarr.nix similarity index 100% rename from devices/nos/modules/arion/media/radarr/images/radarr.nix rename to devices/nos/modules/docker/media/radarr/images/radarr.nix diff --git a/devices/nos/modules/arion/media/sabnzbd/compose.nix b/devices/nos/modules/docker/media/sabnzbd/compose.nix similarity index 53% rename from devices/nos/modules/arion/media/sabnzbd/compose.nix rename to devices/nos/modules/docker/media/sabnzbd/compose.nix index c56001ff..a92d8253 100644 --- a/devices/nos/modules/arion/media/sabnzbd/compose.nix +++ b/devices/nos/modules/docker/media/sabnzbd/compose.nix @@ -1,13 +1,17 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/sabnzbd"; in { - arion.projects."sabnzbd"."sabnzbd" = { - image = ./images/sabnzbd.nix; + khepri.compositions."sabnzbd".services."sabnzbd" = { + image = import ./images/sabnzbd.nix pkgs; restart = "always"; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["8382:8082"]; environment = { @@ -21,8 +25,6 @@ in { "/data:/data" ]; - extraOptions = { - deploy.resources.limits.cpus = "2"; - }; + cpus = 2; }; } diff --git a/devices/nos/modules/arion/media/sabnzbd/images/sabnzbd.nix b/devices/nos/modules/docker/media/sabnzbd/images/sabnzbd.nix similarity index 100% rename from devices/nos/modules/arion/media/sabnzbd/images/sabnzbd.nix rename to devices/nos/modules/docker/media/sabnzbd/images/sabnzbd.nix diff --git a/devices/nos/modules/arion/media/seerr/compose.nix b/devices/nos/modules/docker/media/seerr/compose.nix similarity index 53% rename from devices/nos/modules/arion/media/seerr/compose.nix rename to devices/nos/modules/docker/media/seerr/compose.nix index 24c2e44e..fc0b3564 100644 --- a/devices/nos/modules/arion/media/seerr/compose.nix +++ b/devices/nos/modules/docker/media/seerr/compose.nix @@ -1,10 +1,14 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/seerr"; in { - arion.projects."seerr"."seerr" = { - image = ./images/jellyseerr.nix; + khepri.compositions."seerr".services."seerr" = { + image = import ./images/jellyseerr.nix pkgs; restart = "always"; environment = { @@ -16,7 +20,7 @@ in { "${rwPath}/data:/app/config" ]; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["5055:5055"]; }; } diff --git a/devices/nos/modules/arion/media/seerr/images/jellyseerr.nix b/devices/nos/modules/docker/media/seerr/images/jellyseerr.nix similarity index 100% rename from devices/nos/modules/arion/media/seerr/images/jellyseerr.nix rename to devices/nos/modules/docker/media/seerr/images/jellyseerr.nix diff --git a/devices/nos/modules/arion/media/sonarr/compose.nix b/devices/nos/modules/docker/media/sonarr/compose.nix similarity index 53% rename from devices/nos/modules/arion/media/sonarr/compose.nix rename to devices/nos/modules/docker/media/sonarr/compose.nix index 8acb2b6c..61b96505 100644 --- a/devices/nos/modules/arion/media/sonarr/compose.nix +++ b/devices/nos/modules/docker/media/sonarr/compose.nix @@ -1,13 +1,17 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/media/sonarr"; in { - arion.projects."sonarr"."sonarr" = { - image = ./images/sonarr.nix; + khepri.compositions."sonarr".services."sonarr" = { + image = import ./images/sonarr.nix pkgs; restart = "always"; - extra_hosts = ["lan.nelim.org=10.0.0.130"]; + extraHosts = ["lan.nelim.org=10.0.0.130"]; ports = ["8989:8989"]; environment = { @@ -21,8 +25,6 @@ in { "/data:/data" ]; - extraOptions = { - deploy.resources.limits.cpus = "0.5"; - }; + cpus = 0.5; }; } diff --git a/devices/nos/modules/arion/media/sonarr/images/sonarr.nix b/devices/nos/modules/docker/media/sonarr/images/sonarr.nix similarity index 100% rename from devices/nos/modules/arion/media/sonarr/images/sonarr.nix rename to devices/nos/modules/docker/media/sonarr/images/sonarr.nix diff --git a/devices/nos/modules/arion/music/jbots/compose.nix b/devices/nos/modules/docker/music/jbots/compose.nix similarity index 62% rename from devices/nos/modules/arion/music/jbots/compose.nix rename to devices/nos/modules/docker/music/jbots/compose.nix index 06ea6484..5debd68d 100644 --- a/devices/nos/modules/arion/music/jbots/compose.nix +++ b/devices/nos/modules/docker/music/jbots/compose.nix @@ -1,12 +1,16 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/music/jbots"; in { - arion.projects."jbots" = { + khepri.compositions."jbots".services = { "musicbot_be" = { - container_name = "benis"; - image = ./images/jmusicbot.nix; + containerName = "be"; + image = import ./images/jmusicbot.nix pkgs; restart = "always"; volumes = [ @@ -16,8 +20,8 @@ in { }; "musicbot_br" = { - container_name = "bruh"; - image = ./images/jmusicbot.nix; + containerName = "br"; + image = import ./images/jmusicbot.nix pkgs; restart = "always"; volumes = [ diff --git a/devices/nos/modules/arion/music/jbots/images/jmusicbot.nix b/devices/nos/modules/docker/music/jbots/images/jmusicbot.nix similarity index 100% rename from devices/nos/modules/arion/music/jbots/images/jmusicbot.nix rename to devices/nos/modules/docker/music/jbots/images/jmusicbot.nix diff --git a/devices/nos/modules/arion/nextcloud/compose.nix b/devices/nos/modules/docker/nextcloud/compose.nix similarity index 81% rename from devices/nos/modules/arion/nextcloud/compose.nix rename to devices/nos/modules/docker/nextcloud/compose.nix index a35044c5..4eeec572 100644 --- a/devices/nos/modules/arion/nextcloud/compose.nix +++ b/devices/nos/modules/docker/nextcloud/compose.nix @@ -4,16 +4,17 @@ pkgs, ... }: let - inherit (config.sops) secrets; - inherit (config.arion) rwDataDir; inherit (lib) concatStrings; + inherit (config.sops) secrets; + inherit (config.khepri) rwDataDir; + mainContainerName = "app-server"; rwPath = rwDataDir + "/nextcloud"; in { - arion.projects."nextcloud" = { + khepri.compositions."nextcloud".services = { "${mainContainerName}" = { - image = ./images/nextcloud.nix; + image = import ./images/nextcloud.nix pkgs; restart = "always"; expose = [ @@ -26,7 +27,7 @@ in { "/data/docs:/var/www/drive" ]; - env_file = [secrets.nextcloud.path]; + environmentFiles = [secrets.nextcloud.path]; environment = { POSTGRES_DB = "nextcloud"; @@ -38,7 +39,7 @@ in { }; "onlyoffice-document-server" = { - image = ./images/onlyoffice.nix; + image = import ./images/onlyoffice.nix pkgs; restart = "always"; environment.JWT_ENABLED = "false"; @@ -77,7 +78,7 @@ in { }; "nginx-server" = { - image = ./images/nginx.nix; + image = import ./images/nginx.nix pkgs; restart = "always"; ports = ["8042:80"]; volumes = [ @@ -87,9 +88,9 @@ in { }; "nextcloud-db" = { - image = ./images/postgres.nix; + image = import ./images/postgres.nix pkgs; restart = "always"; - env_file = [secrets.nextcloud.path]; + environmentFiles = [secrets.nextcloud.path]; volumes = [ "${rwPath}/database:/var/lib/postgresql/data" "/etc/localtime:/etc/localtime:ro" @@ -97,12 +98,12 @@ in { }; "nextcloud-cache" = { - image = ./images/redis.nix; + image = import ./images/redis.nix pkgs; restart = "always"; #mem_limit = "2048m"; #mem_reservation = "512m"; - env_file = [secrets.nextcloud.path]; - command = ''/bin/sh -c "redis-server --requirepass $$REDIS_HOST_PASSWORD"''; + environmentFiles = [secrets.nextcloud.path]; + cmd = [''/bin/sh -c "redis-server --requirepass $$REDIS_HOST_PASSWORD"'']; tmpfs = [ "/data" ]; @@ -119,8 +120,8 @@ in { }; systemd.services.nextcloud-cron = { description = "Nextcloud Cron"; - requires = ["arion-nextcloud.service"]; - after = ["arion-nextcloud.service"]; + requires = ["docker-nextcloud_app-server.service"]; + after = ["docker-nextcloud_app-server.service"]; serviceConfig = { Type = "oneshot"; diff --git a/devices/nos/modules/arion/nextcloud/images/nextcloud.nix b/devices/nos/modules/docker/nextcloud/images/nextcloud.nix similarity index 100% rename from devices/nos/modules/arion/nextcloud/images/nextcloud.nix rename to devices/nos/modules/docker/nextcloud/images/nextcloud.nix diff --git a/devices/nos/modules/arion/nextcloud/images/nginx.nix b/devices/nos/modules/docker/nextcloud/images/nginx.nix similarity index 100% rename from devices/nos/modules/arion/nextcloud/images/nginx.nix rename to devices/nos/modules/docker/nextcloud/images/nginx.nix diff --git a/devices/nos/modules/arion/nextcloud/images/onlyoffice.nix b/devices/nos/modules/docker/nextcloud/images/onlyoffice.nix similarity index 100% rename from devices/nos/modules/arion/nextcloud/images/onlyoffice.nix rename to devices/nos/modules/docker/nextcloud/images/onlyoffice.nix diff --git a/devices/nos/modules/arion/nextcloud/images/postgres.nix b/devices/nos/modules/docker/nextcloud/images/postgres.nix similarity index 100% rename from devices/nos/modules/arion/nextcloud/images/postgres.nix rename to devices/nos/modules/docker/nextcloud/images/postgres.nix diff --git a/devices/nos/modules/arion/nextcloud/images/redis.nix b/devices/nos/modules/docker/nextcloud/images/redis.nix similarity index 100% rename from devices/nos/modules/arion/nextcloud/images/redis.nix rename to devices/nos/modules/docker/nextcloud/images/redis.nix diff --git a/devices/nos/modules/arion/nextcloud/nginx.conf b/devices/nos/modules/docker/nextcloud/nginx.conf similarity index 100% rename from devices/nos/modules/arion/nextcloud/nginx.conf rename to devices/nos/modules/docker/nextcloud/nginx.conf diff --git a/devices/nos/modules/arion/resume/compose.nix b/devices/nos/modules/docker/resume/compose.nix similarity index 61% rename from devices/nos/modules/arion/resume/compose.nix rename to devices/nos/modules/docker/resume/compose.nix index cbd24f53..2483fd64 100644 --- a/devices/nos/modules/arion/resume/compose.nix +++ b/devices/nos/modules/docker/resume/compose.nix @@ -1,12 +1,16 @@ -{config, ...}: let +{ + config, + pkgs, + ... +}: let inherit (config.sops) secrets; - inherit (config.arion) rwDataDir; + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/resume"; in { - arion.projects."resume" = { + khepri.compositions."resume".services = { "postgres" = { - image = ./images/postgres.nix; + image = import ./images/postgres.nix pkgs; restart = "always"; ports = ["5432:5432"]; @@ -15,18 +19,18 @@ in { "${rwPath}/db:/var/lib/postgresql/data" ]; - env_file = [secrets.resume.path]; + environmentFiles = [secrets.resume.path]; }; "server" = { - image = ./images/resume-server.nix; + image = import ./images/resume-server.nix pkgs; restart = "always"; ports = ["3100:3100"]; - depends_on = ["postgres"]; + dependsOn = ["postgres"]; - env_file = [secrets.resume.path]; + environmentFiles = [secrets.resume.path]; environment = { PUBLIC_URL = "https://resume.nelim.org"; @@ -35,12 +39,12 @@ in { }; "client" = { - image = ./images/resume-client.nix; + image = import ./images/resume-client.nix pkgs; restart = "always"; ports = ["3060:3000"]; - depends_on = ["server"]; + dependsOn = ["server"]; environment = { PUBLIC_URL = "https://resume.nelim.org"; diff --git a/devices/nos/modules/arion/resume/images/postgres.nix b/devices/nos/modules/docker/resume/images/postgres.nix similarity index 100% rename from devices/nos/modules/arion/resume/images/postgres.nix rename to devices/nos/modules/docker/resume/images/postgres.nix diff --git a/devices/nos/modules/arion/resume/images/resume-client.nix b/devices/nos/modules/docker/resume/images/resume-client.nix similarity index 100% rename from devices/nos/modules/arion/resume/images/resume-client.nix rename to devices/nos/modules/docker/resume/images/resume-client.nix diff --git a/devices/nos/modules/arion/resume/images/resume-server.nix b/devices/nos/modules/docker/resume/images/resume-server.nix similarity index 100% rename from devices/nos/modules/arion/resume/images/resume-server.nix rename to devices/nos/modules/docker/resume/images/resume-server.nix diff --git a/devices/nos/modules/arion/vaultwarden/compose.nix b/devices/nos/modules/docker/vaultwarden/compose.nix similarity index 64% rename from devices/nos/modules/arion/vaultwarden/compose.nix rename to devices/nos/modules/docker/vaultwarden/compose.nix index ba9af9d9..dbb8893f 100644 --- a/devices/nos/modules/arion/vaultwarden/compose.nix +++ b/devices/nos/modules/docker/vaultwarden/compose.nix @@ -1,11 +1,15 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/vaultwarden"; in { - arion.projects."vaultwarden" = { + khepri.compositions."vaultwarden".services = { "public-vault" = { - image = ./images/vaultwarden.nix; + image = import ./images/vaultwarden.nix pkgs; restart = "always"; ports = ["8781:80"]; @@ -14,7 +18,7 @@ in { }; "private-vault" = { - image = ./images/vaultwarden.nix; + image = import ./images/vaultwarden.nix pkgs; restart = "always"; ports = ["8780:80"]; diff --git a/devices/nos/modules/arion/vaultwarden/images/vaultwarden.nix b/devices/nos/modules/docker/vaultwarden/images/vaultwarden.nix similarity index 100% rename from devices/nos/modules/arion/vaultwarden/images/vaultwarden.nix rename to devices/nos/modules/docker/vaultwarden/images/vaultwarden.nix diff --git a/devices/nos/modules/arion/wg-easy/compose.nix b/devices/nos/modules/docker/wg-easy/compose.nix similarity index 57% rename from devices/nos/modules/arion/wg-easy/compose.nix rename to devices/nos/modules/docker/wg-easy/compose.nix index 2ba74096..418b747b 100644 --- a/devices/nos/modules/arion/wg-easy/compose.nix +++ b/devices/nos/modules/docker/wg-easy/compose.nix @@ -1,22 +1,26 @@ -{config, ...}: let - inherit (config.arion) rwDataDir; +{ + config, + pkgs, + ... +}: let + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/wg-easy"; in { - arion.projects."wg-easy"."wg-easy" = { - image = ./images/wg-easy.nix; + khepri.compositions."wg-easy".services."wg-easy" = { + image = import ./images/wg-easy.nix pkgs; restart = "always"; privileged = true; - capabilities = { - NET_ADMIN = true; - SYS_MODULE = true; - }; + capAdd = [ + "NET_ADMIN" + "SYS_MODULE" + ]; - sysctls = { - "net.ipv4.ip_forward" = 1; - "net.ipv4.conf.all.src_valid_mark" = 1; - }; + sysctls = [ + "net.ipv4.ip_forward=1" + "net.ipv4.conf.all.src_valid_mark=1" + ]; dns = ["1.0.0.1"]; diff --git a/devices/nos/modules/arion/wg-easy/images/wg-easy.nix b/devices/nos/modules/docker/wg-easy/images/wg-easy.nix similarity index 100% rename from devices/nos/modules/arion/wg-easy/images/wg-easy.nix rename to devices/nos/modules/docker/wg-easy/images/wg-easy.nix diff --git a/devices/nos/modules/jellyfin/jfa-go.nix b/devices/nos/modules/jellyfin/jfa-go.nix index bfc46d84..af2903b5 100644 --- a/devices/nos/modules/jellyfin/jfa-go.nix +++ b/devices/nos/modules/jellyfin/jfa-go.nix @@ -1,13 +1,17 @@ -{config, ...}: let +{ + config, + pkgs, + ... +}: let jellyService = config.systemd.services.jellyfin.serviceConfig; in { - systemd.services."arion-jfa-go" = { + systemd.services."docker-jfa-go_jfa-go" = { after = ["jellyfin.service"]; partOf = ["jellyfin.service"]; }; - arion.projects."jfa-go"."jfa-go" = { - image = ./images/jfa-go.nix; + khepri.compositions."jfa-go".services."jfa-go" = { + image = import ./images/jfa-go.nix pkgs; restart = "always"; ports = ["8056:8056"]; diff --git a/devices/servivi/default.nix b/devices/servivi/default.nix index 5ba81e80..045a81f6 100644 --- a/devices/servivi/default.nix +++ b/devices/servivi/default.nix @@ -1,4 +1,8 @@ -{config, ...}: let +{ + config, + self, + ... +}: let inherit (config.vars) mainUser hostName; in { # ------------------------------------------------ @@ -15,6 +19,8 @@ in { ./modules/binary-cache.nix ./modules/minecraft.nix ./modules/nfs.nix + + self.nixosModules.docker ]; # State Version: DO NOT CHANGE @@ -63,5 +69,5 @@ in { # ------------------------------------------------ # `Self` Modules configuration # ------------------------------------------------ - arion.enable = true; + # ... } diff --git a/flake.in.nix b/flake.in.nix index 2b6aafc0..ab92ef7c 100644 --- a/flake.in.nix +++ b/flake.in.nix @@ -58,6 +58,7 @@ nixosModules = { adb = import ./modules/adb.nix; desktop = import ./modules/desktop; + docker = import ./modules/docker; nvidia = import ./modules/nvidia.nix; plymouth = import ./modules/plymouth.nix; }; diff --git a/flake.lock b/flake.lock index 5d27b505..28e49d15 100644 --- a/flake.lock +++ b/flake.lock @@ -90,29 +90,6 @@ "type": "github" } }, - "arion": { - "inputs": { - "flake-parts": "flake-parts", - "haskell-flake": "haskell-flake", - "hercules-ci-effects": "hercules-ci-effects", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1720147808, - "narHash": "sha256-hlWEQGUbIwYb+vnd8egzlW/P++yKu3HjV/rOdOPVank=", - "owner": "hercules-ci", - "repo": "arion", - "rev": "236f9dd82d6ef6a2d9987c7a7df3e75f1bc8b318", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "arion", - "type": "github" - } - }, "astal": { "inputs": { "nixpkgs": [ @@ -327,48 +304,6 @@ } }, "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "arion", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719994518, - "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "arion", - "hercules-ci-effects", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", - "type": "github" - }, - "original": { - "id": "flake-parts", - "type": "indirect" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, @@ -386,7 +321,7 @@ "type": "github" } }, - "flake-parts_4": { + "flake-parts_2": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, @@ -404,7 +339,7 @@ "type": "github" } }, - "flake-parts_5": { + "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_3" }, @@ -422,7 +357,7 @@ "type": "github" } }, - "flake-parts_6": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "nixpkgs-wayland", @@ -531,6 +466,24 @@ "type": "github" } }, + "flake-utils_5": { + "inputs": { + "systems": "systems_9" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flakegen": { "inputs": { "systems": "systems_2" @@ -675,22 +628,6 @@ "type": "github" } }, - "haskell-flake": { - "locked": { - "lastModified": 1675296942, - "narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=", - "owner": "srid", - "repo": "haskell-flake", - "rev": "c2cafce9d57bfca41794dc3b99c593155006c71e", - "type": "github" - }, - "original": { - "owner": "srid", - "ref": "0.1.0", - "repo": "haskell-flake", - "type": "github" - } - }, "headscale": { "inputs": { "flake-utils": "flake-utils", @@ -712,28 +649,6 @@ "type": "github" } }, - "hercules-ci-effects": { - "inputs": { - "flake-parts": "flake-parts_2", - "nixpkgs": [ - "arion", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719226092, - "narHash": "sha256-YNkUMcCUCpnULp40g+svYsaH1RbSEj6s4WdZY/SHe38=", - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "rev": "11e4b8dc112e2f485d7c97e1cee77f9958f498f5", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -1030,9 +945,30 @@ "type": "github" } }, + "khepri": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1721850043, + "narHash": "sha256-k81yKgWcQL5DCEGaDdqEhOF6guRRC/0pO+Ct5DvNmw0=", + "owner": "matt1432", + "repo": "khepri", + "rev": "94c47e89d4acb52d75cf57a2e4bf75ebecc2c3d4", + "type": "github" + }, + "original": { + "owner": "matt1432", + "repo": "khepri", + "type": "github" + } + }, "lib-aggregate": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs-lib": "nixpkgs-lib_4" }, "locked": { @@ -1081,7 +1017,7 @@ }, "lix-module": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "flakey-profile": "flakey-profile", "lix": "lix", "nixpkgs": [ @@ -1141,7 +1077,7 @@ }, "mozilla-addons-to-nix": { "inputs": { - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixpkgs" ], @@ -1231,7 +1167,7 @@ }, "nix-eval-jobs": { "inputs": { - "flake-parts": "flake-parts_6", + "flake-parts": "flake-parts_4", "nix-github-actions": "nix-github-actions_2", "nixpkgs": "nixpkgs_2", "treefmt-nix": "treefmt-nix_2" @@ -1252,7 +1188,7 @@ }, "nix-fast-build": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts", "nixpkgs": [ "nixpkgs" ], @@ -1300,7 +1236,7 @@ }, "nix-gaming": { "inputs": { - "flake-parts": "flake-parts_4", + "flake-parts": "flake-parts_2", "nixpkgs": [ "nixpkgs" ], @@ -1431,7 +1367,7 @@ }, "nixd": { "inputs": { - "flake-parts": "flake-parts_5", + "flake-parts": "flake-parts_3", "flake-root": "flake-root", "nixpkgs": [ "nixpkgs" @@ -1834,7 +1770,6 @@ "inputs": { "Hyprspace": "Hyprspace", "ags": "ags", - "arion": "arion", "astal": "astal", "astal-tray": "astal-tray", "bat-theme-src": "bat-theme-src", @@ -1857,6 +1792,7 @@ "hyprland-plugins": "hyprland-plugins", "jellyfin-flake": "jellyfin-flake", "jovian": "jovian", + "khepri": "khepri", "libratbag-src": "libratbag-src", "lix-module": "lix-module", "minix": "minix", @@ -2146,6 +2082,21 @@ "type": "github" } }, + "systems_9": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "trash-d-src": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 9b92e85e..2ff13720 100644 --- a/flake.nix +++ b/flake.nix @@ -13,12 +13,6 @@ repo = "ags"; type = "github"; }; - arion = { - inputs.nixpkgs.follows = "nixpkgs"; - owner = "hercules-ci"; - repo = "arion"; - type = "github"; - }; astal = { inputs.nixpkgs.follows = "nixpkgs"; owner = "Aylur"; @@ -146,6 +140,12 @@ repo = "Jovian-NixOS"; type = "github"; }; + khepri = { + inputs.nixpkgs.follows = "nixpkgs"; + owner = "matt1432"; + repo = "khepri"; + type = "github"; + }; libratbag-src = { flake = false; owner = "libratbag"; diff --git a/flake/inputs.nix b/flake/inputs.nix index ede5f080..b4889382 100644 --- a/flake/inputs.nix +++ b/flake/inputs.nix @@ -91,9 +91,9 @@ let }; nosInputs = { - arion = mkDep { - owner = "hercules-ci"; - repo = "arion"; + khepri = mkDep { + owner = "matt1432"; + repo = "khepri"; }; jellyfin-flake = mkDep { diff --git a/modules/arion/default.nix b/modules/arion/default.nix deleted file mode 100644 index 715b072d..00000000 --- a/modules/arion/default.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ - arion, - config, - lib, - pkgs, - ... -}: let - inherit - (lib) - filterAttrs - hasAttr - mapAttrs - mkEnableOption - mkForce - mkIf - mkOption - optionalAttrs - types - ; - - inherit (config.vars) mainUser; - - cfg = config.arion; -in { - imports = [arion.nixosModules.arion]; - - options.arion = { - enable = mkEnableOption "My custom arion config layer module"; - - rwDataDir = mkOption { - default = "/var/lib/arion"; - type = types.str; - description = '' - Directory to place persistent data in - ''; - }; - - projects = mkOption { - default = {}; - description = '' - Declarative specification of docker-compose in nix. - ''; - type = types.attrs; - }; - }; - - config = mkIf cfg.enable { - users.extraUsers.${mainUser}.extraGroups = ["docker"]; - - virtualisation = { - docker = { - enable = true; - storageDriver = "btrfs"; - }; - - arion = { - backend = "docker"; - - projects = - mapAttrs (n: v: { - # https://docs.hercules-ci.com/arion/options - settings = { - enableDefaultNetwork = v.enableDefaultNetwork or true; - - networks = - optionalAttrs (hasAttr "networks" v) - v.networks; - - services = - mapAttrs (n': v': { - # https://github.com/hercules-ci/arion/issues/169#issuecomment-1301370634 - build.image = let - importImage = file: pkgs.callPackage file pkgs; - in - mkForce (importImage v'.image); - - service = - (filterAttrs (attrName: _: - attrName != "image" && attrName != "extraOptions") - v') - # By default set the container_name to the attrset's name - // (optionalAttrs (! hasAttr "container_name" v') { - container_name = n'; - }); - - out.service = - optionalAttrs - (hasAttr "extraOptions" v') - v'.extraOptions; - }) - v; - }; - }) - cfg.projects; - }; - }; - - # Script for updating the images of all images of a compose.nix file - environment.systemPackages = with pkgs; [ - (callPackage ./updateImage.nix {}) - ]; - }; -} diff --git a/modules/borgbackup/default.nix b/modules/borgbackup/default.nix index 79c20dc9..1f1ba408 100644 --- a/modules/borgbackup/default.nix +++ b/modules/borgbackup/default.nix @@ -4,7 +4,7 @@ services.borgbackup = { existingRepos = [ { - name = "arion"; + name = "docker"; authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi" ]; diff --git a/modules/arion/.template/compose.nix b/modules/docker/.template/compose.nix similarity index 52% rename from modules/arion/.template/compose.nix rename to modules/docker/.template/compose.nix index e88934d1..a369d90e 100644 --- a/modules/arion/.template/compose.nix +++ b/modules/docker/.template/compose.nix @@ -1,9 +1,10 @@ {config, ...}: let inherit (config.sops) secrets; - inherit (config.arion) rwDataDir; + inherit (config.khepri) rwDataDir; rwPath = rwDataDir + "/projectName"; in { - arion.projects."projectName" = { + khepri.compositions."projectName" = { + services = {}; }; } diff --git a/modules/arion/.template/images/image.nix b/modules/docker/.template/images/image.nix similarity index 100% rename from modules/arion/.template/images/image.nix rename to modules/docker/.template/images/image.nix diff --git a/modules/docker/default.nix b/modules/docker/default.nix new file mode 100644 index 00000000..0a878f81 --- /dev/null +++ b/modules/docker/default.nix @@ -0,0 +1,41 @@ +{ + config, + khepri, + lib, + pkgs, + ... +}: let + inherit (lib) mkOption types; + + inherit (config.vars) mainUser; +in { + imports = [khepri.nixosModules.default]; + + options.khepri = { + rwDataDir = mkOption { + default = "/var/lib/docker"; + type = types.str; + description = '' + Directory to place persistent data in. + ''; + }; + }; + + config = { + users.extraUsers.${mainUser}.extraGroups = ["docker"]; + + virtualisation = { + docker = { + enable = true; + storageDriver = "btrfs"; + }; + # khepri uses oci-containers under the hood and it must be set to docker to work + oci-containers.backend = "docker"; + }; + + # Script for updating the images of all images of a compose.nix file + environment.systemPackages = with pkgs; [ + (callPackage ./updateImage.nix {}) + ]; + }; +} diff --git a/modules/arion/updateImage.nix b/modules/docker/updateImage.nix similarity index 100% rename from modules/arion/updateImage.nix rename to modules/docker/updateImage.nix