# Auto-generated by compose2nix. { pkgs, lib, config, ... }: { # Runtime virtualisation.podman = { enable = true; autoPrune.enable = true; dockerCompat = true; }; # Enable container name DNS for all Podman networks. networking.firewall.interfaces = let matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; in { "${matchAll}".allowedUDPPorts = [53]; }; virtualisation.oci-containers.backend = "podman"; # Containers virtualisation.oci-containers.containers."partdb" = { image = "jbtronics/part-db1:latest"; environment = { "ALLOW_ATTACHMENT_DOWNLOADS" = "0"; "APP_ENV" = "docker"; "BASE_CURRENCY" = "EUR"; "DATABASE_URL" = "postgresql://:@:/?charset=utf8"; "DEFAULT_LANG" = "en"; "DEFAULT_TIMEZONE" = "Europe/Berlin"; "INSTANCE_NAME" = "Part-DB"; "POSTGRES_DB" = "part_db_database"; "POSTGRES_HOST" = "10.1.1.251"; "POSTGRES_PORT" = "5432"; "USE_GRAVATAR" = "0"; }; environmentFiles = [ config.sops.secrets."songsheet/database".path ]; volumes = [ "nix-system-configs/modules/songsheet/wavelog/db:/var/www/html/var/db:rw" "nix-system-configs/modules/songsheet/wavelog/public_media:/var/www/html/public/media:rw" "nix-system-configs/modules/songsheet/wavelog/uploads:/var/www/html/uploads:rw" ]; ports = [ "8087:80/tcp" ]; labels = { "compose2nix.settings.sops.secrets" = "songsheet/database"; }; log-driver = "journald"; extraOptions = [ "--network-alias=partdb" "--network=wavelog_default" ]; }; systemd.services."podman-partdb" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; }; after = [ "podman-network-wavelog_default.service" ]; requires = [ "podman-network-wavelog_default.service" ]; partOf = [ "podman-compose-wavelog-root.target" ]; wantedBy = [ "podman-compose-wavelog-root.target" ]; }; virtualisation.oci-containers.containers."wavelog-db" = { image = "mariadb:11.3"; environment = { "MARIADB_DATABASE" = "wavelog"; "MARIADB_PASSWORD" = "THIS_IS_NOT_IN_USE_yes"; "MARIADB_RANDOM_ROOT_PASSWORD" = "yes"; "MARIADB_USER" = "wavelog"; }; volumes = [ "wavelog_wavelog-dbdata:/var/lib/mysql:rw" ]; log-driver = "journald"; extraOptions = [ "--network-alias=wavelog-db" "--network=wavelog_default" ]; }; systemd.services."podman-wavelog-db" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; }; after = [ "podman-network-wavelog_default.service" "podman-volume-wavelog_wavelog-dbdata.service" ]; requires = [ "podman-network-wavelog_default.service" "podman-volume-wavelog_wavelog-dbdata.service" ]; partOf = [ "podman-compose-wavelog-root.target" ]; wantedBy = [ "podman-compose-wavelog-root.target" ]; }; virtualisation.oci-containers.containers."wavelog-main" = { image = "ghcr.io/wavelog/wavelog:latest"; environment = { "CI_ENV" = "docker"; }; volumes = [ "wavelog_wavelog-config:/var/www/html/application/config/docker:rw" "wavelog_wavelog-uploads:/var/www/html/uploads:rw" "wavelog_wavelog-userdata:/var/www/html/userdata:rw" ]; ports = [ "8086:80/tcp" ]; dependsOn = [ "wavelog-db" ]; log-driver = "journald"; extraOptions = [ "--network-alias=wavelog-main" "--network=wavelog_default" ]; }; systemd.services."podman-wavelog-main" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; }; after = [ "podman-network-wavelog_default.service" "podman-volume-wavelog_wavelog-config.service" "podman-volume-wavelog_wavelog-uploads.service" "podman-volume-wavelog_wavelog-userdata.service" ]; requires = [ "podman-network-wavelog_default.service" "podman-volume-wavelog_wavelog-config.service" "podman-volume-wavelog_wavelog-uploads.service" "podman-volume-wavelog_wavelog-userdata.service" ]; partOf = [ "podman-compose-wavelog-root.target" ]; wantedBy = [ "podman-compose-wavelog-root.target" ]; }; # Networks systemd.services."podman-network-wavelog_default" = { path = [pkgs.podman]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; ExecStop = "podman network rm -f wavelog_default"; }; script = '' podman network inspect wavelog_default || podman network create wavelog_default ''; partOf = ["podman-compose-wavelog-root.target"]; wantedBy = ["podman-compose-wavelog-root.target"]; }; # Volumes systemd.services."podman-volume-wavelog_wavelog-config" = { path = [pkgs.podman]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' podman volume inspect wavelog_wavelog-config || podman volume create wavelog_wavelog-config ''; partOf = ["podman-compose-wavelog-root.target"]; wantedBy = ["podman-compose-wavelog-root.target"]; }; systemd.services."podman-volume-wavelog_wavelog-dbdata" = { path = [pkgs.podman]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' podman volume inspect wavelog_wavelog-dbdata || podman volume create wavelog_wavelog-dbdata ''; partOf = ["podman-compose-wavelog-root.target"]; wantedBy = ["podman-compose-wavelog-root.target"]; }; systemd.services."podman-volume-wavelog_wavelog-uploads" = { path = [pkgs.podman]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' podman volume inspect wavelog_wavelog-uploads || podman volume create wavelog_wavelog-uploads ''; partOf = ["podman-compose-wavelog-root.target"]; wantedBy = ["podman-compose-wavelog-root.target"]; }; systemd.services."podman-volume-wavelog_wavelog-userdata" = { path = [pkgs.podman]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' podman volume inspect wavelog_wavelog-userdata || podman volume create wavelog_wavelog-userdata ''; partOf = ["podman-compose-wavelog-root.target"]; wantedBy = ["podman-compose-wavelog-root.target"]; }; # Root service # When started, this will automatically create all resources and start # the containers. When stopped, this will teardown all resources. systemd.targets."podman-compose-wavelog-root" = { unitConfig = { Description = "Root target generated by compose2nix."; }; wantedBy = ["multi-user.target"]; }; }