From ede2d7a3a31e8ad127ea2b0c8d0738c489a02f5a Mon Sep 17 00:00:00 2001 From: Christine Elisabeth Koppel Date: Fri, 6 Feb 2026 23:37:08 +0100 Subject: [PATCH] Add configuration for NixOS songsheet service, with Wavelog --- nix-system-configs/database/configuration.nix | 6 + .../modules/local/hostname_username.nix | 2 +- .../songsheet/wavelog/docker-compose.nix | 179 ++++++++++++++++++ .../songsheet/wavelog/docker-compose.yml | 33 ++++ .../modules/system/compose-songsheet.nix | 62 ++++++ 5 files changed, 281 insertions(+), 1 deletion(-) create mode 100644 nix-system-configs/modules/songsheet/wavelog/docker-compose.nix create mode 100644 nix-system-configs/modules/songsheet/wavelog/docker-compose.yml create mode 100644 nix-system-configs/modules/system/compose-songsheet.nix diff --git a/nix-system-configs/database/configuration.nix b/nix-system-configs/database/configuration.nix index 337ed78..cb98bde 100644 --- a/nix-system-configs/database/configuration.nix +++ b/nix-system-configs/database/configuration.nix @@ -148,6 +148,12 @@ ''; }; + # Enable MariaDB + services.mysql = { + enable = true; + package = pkgs.mariadb; + }; + # Enable the OpenSSH daemon. services.openssh.enable = true; diff --git a/nix-system-configs/modules/local/hostname_username.nix b/nix-system-configs/modules/local/hostname_username.nix index 8e52e63..de38364 100644 --- a/nix-system-configs/modules/local/hostname_username.nix +++ b/nix-system-configs/modules/local/hostname_username.nix @@ -11,7 +11,7 @@ users.users.${config.local.username or "defaultuser"} = { isNormalUser = true; description = config.local.userDescription or "NixOS Playground"; - extraGroups = ["networkmanager" "wheel" "seat" "acme"]; + extraGroups = ["networkmanager" "wheel" "seat" "acme" "wheel"]; packages = with pkgs; []; initialPassword = "nixos"; # Simple, change on first login diff --git a/nix-system-configs/modules/songsheet/wavelog/docker-compose.nix b/nix-system-configs/modules/songsheet/wavelog/docker-compose.nix new file mode 100644 index 0000000..c260015 --- /dev/null +++ b/nix-system-configs/modules/songsheet/wavelog/docker-compose.nix @@ -0,0 +1,179 @@ +# Auto-generated by compose2nix. + +{ pkgs, lib, config, ... }: + +{ + # Runtime + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + dockerCompat = true; + }; + + # Enable container name DNS for all Podman networks. + networking.firewall.interfaces = let + matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; + in { + "${matchAll}".allowedUDPPorts = [ 53 ]; + }; + + virtualisation.oci-containers.backend = "podman"; + + # Containers + virtualisation.oci-containers.containers."wavelog-db" = { + image = "mariadb:11.3"; + environment = { + "MARIADB_DATABASE" = "wavelog"; + "MARIADB_PASSWORD" = "oijawfjiojoijoiawf"; + "MARIADB_RANDOM_ROOT_PASSWORD" = "yes"; + "MARIADB_USER" = "wavelog"; + }; + volumes = [ + "wavelog_wavelog-dbdata:/var/lib/mysql:rw" + ]; + log-driver = "journald"; + extraOptions = [ + "--network-alias=wavelog-db" + "--network=wavelog_default" + ]; + }; + systemd.services."podman-wavelog-db" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + }; + after = [ + "podman-network-wavelog_default.service" + "podman-volume-wavelog_wavelog-dbdata.service" + ]; + requires = [ + "podman-network-wavelog_default.service" + "podman-volume-wavelog_wavelog-dbdata.service" + ]; + partOf = [ + "podman-compose-wavelog-root.target" + ]; + wantedBy = [ + "podman-compose-wavelog-root.target" + ]; + }; + virtualisation.oci-containers.containers."wavelog-main" = { + image = "ghcr.io/wavelog/wavelog:latest"; + environment = { + "CI_ENV" = "docker"; + }; + volumes = [ + "wavelog_wavelog-config:/var/www/html/application/config/docker:rw" + "wavelog_wavelog-uploads:/var/www/html/uploads:rw" + "wavelog_wavelog-userdata:/var/www/html/userdata:rw" + ]; + ports = [ + "8086:80/tcp" + ]; + dependsOn = [ + "wavelog-db" + ]; + log-driver = "journald"; + extraOptions = [ + "--network-alias=wavelog-main" + "--network=wavelog_default" + ]; + }; + systemd.services."podman-wavelog-main" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + }; + after = [ + "podman-network-wavelog_default.service" + "podman-volume-wavelog_wavelog-config.service" + "podman-volume-wavelog_wavelog-uploads.service" + "podman-volume-wavelog_wavelog-userdata.service" + ]; + requires = [ + "podman-network-wavelog_default.service" + "podman-volume-wavelog_wavelog-config.service" + "podman-volume-wavelog_wavelog-uploads.service" + "podman-volume-wavelog_wavelog-userdata.service" + ]; + partOf = [ + "podman-compose-wavelog-root.target" + ]; + wantedBy = [ + "podman-compose-wavelog-root.target" + ]; + }; + + # Networks + systemd.services."podman-network-wavelog_default" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStop = "podman network rm -f wavelog_default"; + }; + script = '' + podman network inspect wavelog_default || podman network create wavelog_default + ''; + partOf = [ "podman-compose-wavelog-root.target" ]; + wantedBy = [ "podman-compose-wavelog-root.target" ]; + }; + + # Volumes + systemd.services."podman-volume-wavelog_wavelog-config" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect wavelog_wavelog-config || podman volume create wavelog_wavelog-config + ''; + partOf = [ "podman-compose-wavelog-root.target" ]; + wantedBy = [ "podman-compose-wavelog-root.target" ]; + }; + systemd.services."podman-volume-wavelog_wavelog-dbdata" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect wavelog_wavelog-dbdata || podman volume create wavelog_wavelog-dbdata + ''; + partOf = [ "podman-compose-wavelog-root.target" ]; + wantedBy = [ "podman-compose-wavelog-root.target" ]; + }; + systemd.services."podman-volume-wavelog_wavelog-uploads" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect wavelog_wavelog-uploads || podman volume create wavelog_wavelog-uploads + ''; + partOf = [ "podman-compose-wavelog-root.target" ]; + wantedBy = [ "podman-compose-wavelog-root.target" ]; + }; + systemd.services."podman-volume-wavelog_wavelog-userdata" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect wavelog_wavelog-userdata || podman volume create wavelog_wavelog-userdata + ''; + partOf = [ "podman-compose-wavelog-root.target" ]; + wantedBy = [ "podman-compose-wavelog-root.target" ]; + }; + + # Root service + # When started, this will automatically create all resources and start + # the containers. When stopped, this will teardown all resources. + systemd.targets."podman-compose-wavelog-root" = { + unitConfig = { + Description = "Root target generated by compose2nix."; + }; + wantedBy = [ "multi-user.target" ]; + }; +} diff --git a/nix-system-configs/modules/songsheet/wavelog/docker-compose.yml b/nix-system-configs/modules/songsheet/wavelog/docker-compose.yml new file mode 100644 index 0000000..4b84568 --- /dev/null +++ b/nix-system-configs/modules/songsheet/wavelog/docker-compose.yml @@ -0,0 +1,33 @@ +services: + wavelog-db: + image: mariadb:11.3 + container_name: wavelog-db + environment: + MARIADB_RANDOM_ROOT_PASSWORD: yes + MARIADB_DATABASE: wavelog + MARIADB_USER: wavelog + MARIADB_PASSWORD: oijawfjiojoijoiawfoij191229888dajkvhiuviuaiuhvaihuauis1123312 # THIS DATABASE WILL BE MIGRATED PROABLY - TODO CHECK OUT https://github.com/ryantm/agenix + volumes: + - wavelog-dbdata:/var/lib/mysql + restart: unless-stopped + + wavelog-main: + container_name: wavelog-main + image: ghcr.io/wavelog/wavelog:latest + depends_on: + - wavelog-db + environment: + CI_ENV: docker + volumes: + - wavelog-config:/var/www/html/application/config/docker + - wavelog-uploads:/var/www/html/uploads + - wavelog-userdata:/var/www/html/userdata + ports: + - "8086:80" + restart: unless-stopped + +volumes: + wavelog-dbdata: + wavelog-uploads: + wavelog-userdata: + wavelog-config: \ No newline at end of file diff --git a/nix-system-configs/modules/system/compose-songsheet.nix b/nix-system-configs/modules/system/compose-songsheet.nix new file mode 100644 index 0000000..ba4b39c --- /dev/null +++ b/nix-system-configs/modules/system/compose-songsheet.nix @@ -0,0 +1,62 @@ +{ + config, + pkgs, + lib, + ... +}: { + options.local = { + hostname = lib.mkOption { + type = lib.types.str; + default = "nixos-default"; + description = "System hostname"; + }; + username = lib.mkOption { + type = lib.types.str; + default = "user"; + description = "Primary user username"; + }; + userDescription = lib.mkOption { + type = lib.types.str; + default = "NixOS User"; + description = "Primary user description"; + }; + address = lib.mkOption { + type = lib.types.str; + default = "10.1.1.100"; + description = "Static IP address"; + }; + }; + + imports = [ + ./modules/desktop-manager/sway_greetd_homemanager.nix + ./modules/local/hostname_username.nix + ./modules/local/networking_local.nix + ./modules/bootloader/seabios-assigned-iso-at-birth.nix + ./modules/lix-default.nix + # Optionally: ./modules/toolsets/remote_building.nix + # + # + ## Compose modules for Portainer service + ./modules/songsheet/wavelog/docker-compose.nix + ]; + + config = { + local.hostname = "nixos-songsheet"; + local.username = "songsheetprg"; + local.userDescription = "NixOS PRG Portainer-Like Songsheet Service"; + local.address = "10.1.1.249"; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 8086 # Wavelog + ]; + networking.firewall.allowedUDPPorts = [ + 80 + 443 + 8086 # Wavelog + ]; + + system.stateVersion = "25.11"; + }; +}