James/eve-psr-nix0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
eve-psr-nix0/application/containers.nix

135 lines
4.8 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
{
virtualisation.oci-containers = {
containers = {
gitlab = {
image = "gitlab/gitlab-ce:latest";
ports = [ "26616:80" "26617:22" ];
volumes = [
"/home/sezycei/srv/containerdata/gitlab/config:/etc/gitlab"
"/home/sezycei/srv/containerdata/gitlab/log:/var/log/gitlab"
"/home/sezycei/srv/containerdata/gitlab/data:/var/opt/gitlab"
];
environment = {
GITLAB_OMNIBUS_CONFIG = ''
external_url 'https://git.eversole.co'
nginx['listen_port'] = 80
nginx['listen_https'] = false
gitlab_rails['gitlab_shell_ssh_port'] = 26617
'';
};
};
# gitlab-runner = a service definition in this file.
jellyfin = {
image = "linuxserver/jellyfin";
ports = [ "127.0.0.1:8096:8096" "127.0.0.1:8920:8920" ];
volumes = [
"/home/sezycei/srv/containerdata/jellyfin/config:/config"
"/home/torrent/data/completed:/data/unsorted"
"/home/torrent/data/TV:/data/tvshows"
"/home/torrent/data/Movies:/data/movies"
"/home/torrent/data/transcode:/data/transcode"
"/home/torrent/data/Music:/data/music"
];
environment = {
PGID = "1000";
PUID = "1000";
TZ = "America/Chicago";
UMASK_SET = "022";
};
};
murmur = {
image = "goofball222/murmur";
ports = [ "127.0.0.1:64738:64738" "127.0.0.1:64738:64738/udp" ];
volumes = [
"/home/sezycei/srv/containerdata/registry/registry/data:/var/lib/registry"
"/home/sezycei/srv/containerdata/registry/registry/certs:/certs"
"/home/sezycei/srv/containerdata/registry/registry/auth:/auth"
];
environment = { };
};
purr = {
image = "docker.matri.cx/purr";
ports = [ "127.0.0.1:5195:3000" ];
volumes = [
"/home/sezycei/dev/purr/data/Purr.sqlite:/app/data/Purr.sqlite"
"/home/sezycei/dev/purr/config.dhall:/app/config.dhall"
];
environment = { };
};
registry = {
image = "registry:2";
ports = [ "127.0.0.1:3001:5000" ];
volumes = [
"/home/sezycei/srv/containerdata/registry/registry/data:/var/lib/registry"
"/home/sezycei/srv/containerdata/registry/registry/certs:/certs"
"/home/sezycei/srv/containerdata/registry/registry/auth:/auth"
];
environment = { };
};
transmission = {
image = "haugene/transmission-openvpn";
ports = [ "127.0.0.1:9091:9091" ];
volumes = [
"/home/sezycei/srv/scripts/transmission/settings.json:/etc/transmission-daemon/settings.json"
"/etc/localtime:/etc/localtime:ro"
"/home/torrent/data:/data"
];
environmentFiles =
[ config.age.secrets.transmission-env.path ];
extraOptions = [ "--cap-add=NET_ADMIN" "--privileged" ];
};
};
};
services.gitlab-runner = {
enable = true;
services = {
nix = with lib; {
registrationConfigFile = toString /run/agenix/gitlab-runner;
dockerImage = "alpine";
dockerVolumes = [
"/nix/store:/nix/store:ro"
"/nix/var/nix/db:/nix/var/nix/db:ro"
"/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
];
preBuildScript = pkgs.writeScript "setup-container" ''
mkdir -p -m 0755 /nix/var/log/nix/drvs
mkdir -p -m 0755 /nix/var/nix/gcroots
mkdir -p -m 0755 /nix/var/nix/profiles
mkdir -p -m 0755 /nix/var/nix/temproots
mkdir -p -m 0755 /nix/var/nix/userpool
mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
mkdir -p -m 1777 /nix/var/nix/profiles/per-user
mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
mkdir -p -m 0700 "$HOME/.nix-defexpr"
. ${pkgs.nix}/etc/profile.d/nix-daemon.sh
${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixos-23.05 nixpkgs
${pkgs.nix}/bin/nix-channel --update nixpkgs
${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
# Config
mkdir -p "$HOME/.config/nix"
echo "experimental-features = nix-command flakes" >> "$HOME/.config/nix/nix.conf"
echo "max-jobs = 8" >> "$HOME/.config/nix/nix.conf"
echo "build-cores = 8" >> "$HOME/.config/nix/nix.conf"
'';
environmentVariables = {
ENV = "/etc/profile";
USER = "root";
NIX_REMOTE = "daemon";
PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink