modules/server/virtualisation.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

{ secrets, config, ... }:
let
  inherit (config.modules.server) containerEngine;
in
{
  virtualisation = {
    containers.enable = true;

    docker = {
      enable = containerEngine == "docker";

      daemon.settings = {
        iptables = false;
      };
    };

    podman = {
      enable = containerEngine == "podman";
      dockerCompat = true;
      defaultNetwork.settings.dns_enabled = true;
    };

    oci-containers = {
      backend = containerEngine;

      containers = {
        september = {
          image = "fuwn/september";
          autoStart = true;
          ports = [ "8084:80" ];

          environment = {
            CONDENSE_LINKS_AT_HEADINGS = "## Quick Links,# Fuwn[.me],## Footer";
            EMBED_IMAGES = "2";
            MATHJAX = "true";
            PLAIN_TEXT_ROUTE = "*.xml,*.txt";
            PRIMARY_COLOUR = "#DCC6BD";

            HEAD = ''
              <script
                defer src="https://analytics.fuwn.me/script.js"
                data-website-id="e7eae941-140b-48af-b36b-d7c5fea3a493"
              ></script>

              <link
                rel="icon"
                type="image/x-icon"
                href="https://avatars.githubusercontent.com/u/99055925?s=200&v=4"
              >
            '';
          };
        };

        momoka = {
          image = "fuwn/momoka";
          autoStart = true;
          ports = [ "70:70" ];
        };

        gigi = {
          image = "fuwn/gigi";
          autoStart = true;
          ports = [ "79:79" ];
          volumes = [ "/mnt/docker/gigi:/gigi/.gigi" ];
        };

        mayu = {
          image = "fuwn/mayu";
          autoStart = true;
          ports = [ "8098:3000" ];
          volumes = [ "/mnt/docker/mayu:/mayu/data" ];
        };

        locus = {
          image = "ghcr.io/gemrest/locus";
          autoStart = true;
          ports = [ "1965:1965" ];
          volumes = [ "/mnt/docker/locus:/locus/.locus" ];
          environment.HEADER_IMAGE = "https://ruu.neocities.org/images/animeHeader.gif";
          environmentFiles = [ config.sops.secrets.finnhub_token.path ];

          login = {
            registry = "ghcr.io";
            username = config.sops.secrets."ghcr/user".path;
            passwordFile = config.sops.secrets."ghcr/password".path;
          };
        };

        bin = {
          image = "quxfoo/wastebin";
          autoStart = true;
          ports = [ "8090:8088" ];
          volumes = [ "/mnt/docker/bin:/root/db" ];
        };

        pounce = {
          image = "fuwn/pounce";
          autoStart = true;
          ports = [ "6697:6697" ];
          volumes = [ "/mnt/docker/pounce:/root/.config/pounce" ];
          environment.USER = "fuwn";
        };

        litterbox = {
          image = "fuwn/litterbox";
          autoStart = true;
          volumes = [ "/mnt/docker/litterbox:/root/.config/litterbox" ];
        };

        uptime-kuma = {
          image = "louislam/uptime-kuma";
          autoStart = true;
          ports = [ "8099:3001" ];
          volumes = [ "/mnt/docker/uptime-kuma:/app/data" ];
        };
      };
    };
  };
}