diff options
| author | Mel <einebeere@gmail.com> | 2024-12-07 18:16:47 +0100 |
|---|---|---|
| committer | Mel <einebeere@gmail.com> | 2024-12-07 18:16:47 +0100 |
| commit | d1a88ffa2c8cf5d6dd690f9059c0da059e01b716 (patch) | |
| tree | b05d964e2e5c692ce36ec3471939f1f32ba54593 | |
| parent | a511e64fab20700fad50dedd1f966b4605e637b5 (diff) | |
| download | network-d1a88ffa2c8cf5d6dd690f9059c0da059e01b716.tar.zst network-d1a88ffa2c8cf5d6dd690f9059c0da059e01b716.zip | |
Convert most services to streamed images and foundation
Signed-off-by: Mel <einebeere@gmail.com>
| -rw-r--r-- | modules/foundation/services.nix | 1 | ||||
| -rw-r--r-- | services/akkoma/default.nix | 91 | ||||
| -rw-r--r-- | services/cgit.nix | 6 | ||||
| -rw-r--r-- | services/dendrite.nix | 75 | ||||
| -rw-r--r-- | services/irc/soju.nix | 5 | ||||
| -rw-r--r-- | services/minecraft.nix | 6 | ||||
| -rw-r--r-- | services/pds.nix | 4 |
7 files changed, 39 insertions, 149 deletions
diff --git a/modules/foundation/services.nix b/modules/foundation/services.nix index a552d9f..d4edcb3 100644 --- a/modules/foundation/services.nix +++ b/modules/foundation/services.nix @@ -159,6 +159,7 @@ in else if imageStream != null then { inherit imageStream; + image = "${imageStream.imageName}:${imageStream.imageTag}"; } else throw "can't use both `fullImage` and `image` together."; diff --git a/services/akkoma/default.nix b/services/akkoma/default.nix index 8b89df7..939e9be 100644 --- a/services/akkoma/default.nix +++ b/services/akkoma/default.nix @@ -1,11 +1,11 @@ -{ lib, pkgs, unstablePkgs, auxiliaryPkgs, ... }: +{ pkgs, unstablePkgs, auxiliaryPkgs, ... }: let inherit (pkgs) dockerTools; inherit (auxiliaryPkgs) common; inherit (unstablePkgs) fedifetcher; - akkomaLocalPort = "1111"; + akkomaLocalPort = 1111; akkomaDir = "/srv/akkoma"; akkoma = unstablePkgs.akkoma.overrideAttrs { @@ -15,7 +15,7 @@ let ''; }; - akkomaImage = dockerTools.buildLayeredImage { + akkomaImage = dockerTools.streamLayeredImage { name = "akkoma"; tag = akkoma.version; fromImage = common.alpine.base; @@ -43,7 +43,7 @@ let tail -f /var/log/fedifetcher.log ''; - fedifetcherImage = dockerTools.buildLayeredImage { + fedifetcherImage = dockerTools.streamLayeredImage { name = "fedifetcher"; tag = fedifetcher.version; fromImage = common.alpine.base; @@ -58,15 +58,14 @@ let in { - virtualisation.oci-containers.containers = { + foundation.service.akkoma = { akkoma = { - imageFile = akkomaImage; - image = "akkoma:${akkoma.version}"; - ports = [ "127.0.0.1:${akkomaLocalPort}:4000"]; + image = akkomaImage; + ports = [ [ akkomaLocalPort 4000 ] ]; volumes = [ - "${akkomaDir}/data:/var/lib/akkoma" - "${akkomaDir}/config:/opt/akkoma/config" + [ "${akkomaDir}/data" "/var/lib/akkoma" ] + [ "${akkomaDir}/config" "/opt/akkoma/config" ] ]; # TODO: remove redundant variables @@ -84,87 +83,29 @@ in entrypoint = "${akkoma}/docker-entrypoint.sh"; workdir = "${akkoma}"; - - extraOptions = [ - "--network-alias=akkoma" - "--network=akkoma" - ]; }; - akkoma-db = { - inherit (common.postgres14) image imageFile; + db = { + fullImage = common.postgres14; - volumes = [ "${akkomaDir}/pgdata:/var/lib/postgresql/data" ]; + volumes = [ [ "${akkomaDir}/pgdata" "/var/lib/postgresql/data" ] ]; environment = { "POSTGRES_DB" = "akkoma"; "POSTGRES_USER" = "akkoma"; "POSTGRES_PASSWORD" = "akkoma"; }; - - extraOptions = [ - "--network-alias=db" - "--network=akkoma" - ]; }; - akkoma-fedifetcher = { - imageFile = fedifetcherImage; - image = "fedifetcher:${fedifetcher.version}"; + fedifetcher = { + image = fedifetcherImage; volumes = [ - "${akkomaDir}/fedifetcher:/opt/fedifetcher" - "${akkomaDir}/fedifetcher.json:/etc/fedifetcher/config.json" + [ "${akkomaDir}/fedifetcher" "/opt/fedifetcher" ] + [ "${akkomaDir}/fedifetcher.json" "/etc/fedifetcher/config.json" ] ]; entrypoint = "/bin/fedifetcher-entry.sh"; - - extraOptions = [ - "--network-alias=db" - "--network=akkoma" - ]; - }; - }; - - # systemd configuration to combine containers. - # mostly condensed from compose2nix output. - # TODO: make this automatic!! - systemd = let - root = "docker-akkoma-root"; - network = "docker-akkoma-network"; - - containerService = { - serviceConfig = { - Restart = lib.mkOverride 90 "always"; - RestartMaxDelaySec = lib.mkOverride 90 "1m"; - RestartSec = lib.mkOverride 90 "100ms"; - RestartSteps = lib.mkOverride 90 9; - }; - after = [ "${network}.service" ]; requires = [ "${network}.service" ]; - partOf = [ "${root}.target" ]; wantedBy = [ "${root}.target" ]; - }; - in { - services = { - "docker-akkoma" = containerService; - "docker-akkoma-db" = containerService; - "docker-akkoma-fedifetcher" = containerService; - - "${network}" = { - path = [ pkgs.docker ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStop = "docker network rm -f akkoma"; - }; - script = '' - docker network inspect akkoma || docker network create akkoma --driver=bridge - ''; - partOf = [ "${root}.target" ]; wantedBy = [ "${root}.target" ]; - }; - }; - - targets = { - "${root}" = { wantedBy = [ "multi-user.target" ]; }; }; }; } diff --git a/services/cgit.nix b/services/cgit.nix index a60b0e7..f8c2930 100644 --- a/services/cgit.nix +++ b/services/cgit.nix @@ -11,9 +11,7 @@ let cgitDir = "/srv/cgit"; gitDir = "/srv/git"; - # TODO: replace `buildLayeredImage` with `streamLayeredImage` - # in the upcoming 24.11 release. - cgitImage = dockerTools.buildLayeredImage { + cgitImage = dockerTools.streamLayeredImage { name = "cgit"; tag = cgit.version; fromImage = common.alpine.base; @@ -36,7 +34,7 @@ let in { foundation.services.cgit = { - fullImage = { imageFile = cgitImage; image = "cgit:${cgit.version}"; }; + image = cgitImage; ports = [ [ cgitLocalPort 80 ] ]; volumes = [ diff --git a/services/dendrite.nix b/services/dendrite.nix index 2987762..dcd4dc9 100644 --- a/services/dendrite.nix +++ b/services/dendrite.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, unstablePkgs, auxiliaryPkgs, ... }: +{ pkgs, unstablePkgs, auxiliaryPkgs, ... }: let inherit (pkgs) dockerTools; @@ -8,7 +8,7 @@ let dendrite = unstablePkgs.dendrite; - dendriteImage = dockerTools.buildLayeredImage { + dendriteImage = dockerTools.streamLayeredImage { name = "dendrite"; tag = dendrite.version; fromImage = common.alpine.base; @@ -18,84 +18,33 @@ let in { - virtualisation.oci-containers.containers = { + foundation.service.dendrite = { dendrite = { - imageFile = dendriteImage; - image = "dendrite:${dendrite.version}"; - ports = [ - "127.0.0.1:8008:8008" - "127.0.0.1:8448:8448" + image = dendriteImage; + ports = [ + [ 8008 8008 ] + [ 8448 8448 ] ]; volumes = [ - "${dendriteDir}/config:/etc/dendrite" - "${dendriteDir}/data:/var/dendrite" + [ "${dendriteDir}/config" "/etc/dendrite" ] + [ "${dendriteDir}/data" "/var/dendrite" ] ]; entrypoint = "${dendrite}/bin/dendrite"; workdir = "/etc/dendrite"; - - dependsOn = [ "dendrite-db" ]; - - extraOptions = [ - "--network-alias=dendrite" - "--network=dendrite" - ]; }; - dendrite-db = { - inherit (common.postgres15) image imageFile; + db = { + fullImage = common.postgres15; - volumes = [ "${dendriteDir}/pgdata:/var/lib/postgresql/data" ]; + volumes = [ [ "${dendriteDir}/pgdata" "/var/lib/postgresql/data" ] ]; environment = { "POSTGRES_DATABASE" = "dendrite"; "POSTGRES_USER" = "dendrite"; "POSTGRES_PASSWORD" = "TFbQi2cHnzwe26"; }; - - extraOptions = [ - "--network-alias=db" - "--network=dendrite" - ]; - }; - }; - - systemd = let - root = "docker-dendrite-root"; - network = "docker-dendrite-network"; - - containerService = { - serviceConfig = { - Restart = lib.mkOverride 90 "always"; - RestartMaxDelaySec = lib.mkOverride 90 "1m"; - RestartSec = lib.mkOverride 90 "100ms"; - RestartSteps = lib.mkOverride 90 9; - }; - after = [ "${network}.service" ]; requires = [ "${network}.service" ]; - partOf = [ "${root}.target" ]; wantedBy = [ "${root}.target" ]; - }; - in { - services = { - "docker-dendrite-db" = containerService; - "docker-dendrite" = containerService; - - "${network}" = { - path = [ pkgs.docker ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStop = "docker network rm -f dendrite"; - }; - script = '' - docker network inspect dendrite || docker network create dendrite --driver=bridge - ''; - partOf = [ "${root}.target" ]; wantedBy = [ "${root}.target" ]; - }; - }; - - targets = { - "${root}" = { wantedBy = [ "multi-user.target" ]; }; }; }; } diff --git a/services/irc/soju.nix b/services/irc/soju.nix index 75adfaa..f6c7ff0 100644 --- a/services/irc/soju.nix +++ b/services/irc/soju.nix @@ -8,7 +8,7 @@ let socketPort = "3030"; sojuDir = "/srv/soju"; - sojuImage = dockerTools.buildLayeredImage { + sojuImage = dockerTools.streamLayeredImage { name = soju.pname; tag = soju.version; fromImage = common.alpine.base; @@ -24,8 +24,9 @@ in { virtualisation.oci-containers.containers = { soju = { - imageFile = sojuImage; + imageStream = sojuImage; image = "soju:${soju.version}"; + # TODO: allow tailscale ports in foundation ports = [ "${me.tailscale.ip}:${ircPort}:${ircPort}" "${me.tailscale.ip}:${socketPort}:${socketPort}" diff --git a/services/minecraft.nix b/services/minecraft.nix index 29e8e00..cd04e31 100644 --- a/services/minecraft.nix +++ b/services/minecraft.nix @@ -17,7 +17,7 @@ let minecraftDir = "/srv/mc"; minecraftMemory = "8G"; - minecraftImage = dockerTools.buildLayeredImage { + minecraftImage = dockerTools.streamLayeredImage { name = "minecraft"; tag = minecraft.version; fromImage = common.alpine.base; @@ -28,9 +28,9 @@ in { networking.firewall.allowedTCPPorts = [ minecraftPort ]; - # TODO: put global ports and streamed images into foundation + # TODO: put global ports into foundation virtualisation.oci-containers.containers.minecraft = { - imageFile = minecraftImage; + imageStream = minecraftImage; image = "minecraft:${minecraft.version}"; # expose minecraft service port globally. ports = [ "0.0.0.0:${toString minecraftPort}:${toString minecraftPort}" ]; diff --git a/services/pds.nix b/services/pds.nix index 68ca66a..671dc6a 100644 --- a/services/pds.nix +++ b/services/pds.nix @@ -9,7 +9,7 @@ let pdsLocalPort = 16419; pdsDir = "/srv/pds"; - pdsImage = dockerTools.buildLayeredImage { + pdsImage = dockerTools.streamLayeredImage { name = "pds"; tag = pds.version; fromImage = common.alpine.base; @@ -30,7 +30,7 @@ in }; foundation.services.pds = { - fullImage = { imageFile = pdsImage; image = "pds:${pds.version}"; }; + image = pdsImage; ports = [ [ pdsLocalPort 3000 ] ]; volumes = [ |