volumes
This commit is contained in:
parent
70c96d504d
commit
d77da1ff1a
25
host.nix
25
host.nix
|
|
@ -10,11 +10,12 @@ let services = with builtins;
|
||||||
secrets = import ./secrets/secrets.nix;
|
secrets = import ./secrets/secrets.nix;
|
||||||
|
|
||||||
hostIp = "10.10.0.1";
|
hostIp = "10.10.0.1";
|
||||||
|
hostVolumeDir = "/var/lib/container-storage/";
|
||||||
in
|
in
|
||||||
|
|
||||||
{
|
{
|
||||||
containers =
|
containers =
|
||||||
lib.foldMap ({ name, config, ip, ports, ... }:
|
lib.flatMap ({ name, config, ip, ports, volumes, ... }:
|
||||||
{
|
{
|
||||||
${name} = {
|
${name} = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
|
|
@ -22,13 +23,22 @@ lib.foldMap ({ name, config, ip, ports, ... }:
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostAddress = hostIp;
|
hostAddress = hostIp;
|
||||||
localAddress = ip;
|
localAddress = ip;
|
||||||
|
bindMounts = lib.flatMap (volume@{ name, mountPoint }:
|
||||||
|
{
|
||||||
|
"${name}" = {
|
||||||
|
inherit mountPoint;
|
||||||
|
isReadOnly = if volume ? readOnly then volume.readOnly else false;
|
||||||
|
hostPath = hostVolumeDir + name;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
) volumes;
|
||||||
config = config // {
|
config = config // {
|
||||||
boot.isContainer = true;
|
boot.isContainer = true;
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "${name}";
|
hostName = "${name}";
|
||||||
|
|
||||||
hosts = lib.foldMap ({ name, ip, ...}:
|
hosts = lib.flatMap ({ name, ip, ...}:
|
||||||
{ "${ip}" = [ "${name}.containers" "${name}" ]; }
|
{ "${ip}" = [ "${name}.containers" "${name}" ]; }
|
||||||
) services;
|
) services;
|
||||||
|
|
||||||
|
|
@ -47,13 +57,20 @@ lib.foldMap ({ name, config, ip, ports, ... }:
|
||||||
//
|
//
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
|
system.activationScripts.makeBindMounts = with builtins;
|
||||||
|
lib.flatMapS (name: ''
|
||||||
|
mkdir -p ${hostVolumeDir + name}
|
||||||
|
'')
|
||||||
|
(concatMap (s: map (v: v.name) s.volumes) services);
|
||||||
|
|
||||||
# [NGINX]
|
# [NGINX]
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
virtualHosts =
|
virtualHosts =
|
||||||
lib.foldMap ({ ports, hosts, ip, ... }:
|
lib.flatMap ({ ports, hosts, ip, ... }:
|
||||||
lib.foldMap (host:
|
lib.flatMap (host:
|
||||||
if (builtins.isNull ports.http)
|
if (builtins.isNull ports.http)
|
||||||
then {}
|
then {}
|
||||||
else {
|
else {
|
||||||
|
|
|
||||||
3
lib.nix
3
lib.nix
|
|
@ -1,3 +1,4 @@
|
||||||
{
|
{
|
||||||
foldMap = (f: list: builtins.foldl' (acc: elem: acc // elem) {} (builtins.map f list));
|
flatMap = (f: list: builtins.foldl' (acc: elem: acc // elem) {} (builtins.map f list));
|
||||||
|
flatMapS = (f: list: builtins.foldl' (acc: elem: acc + elem) "" (builtins.map f list));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -26,4 +26,8 @@
|
||||||
http = 3001;
|
http = 3001;
|
||||||
};
|
};
|
||||||
hosts = [ "localhost" ];
|
hosts = [ "localhost" ];
|
||||||
|
volumes = [{
|
||||||
|
name = "gitea-statedir";
|
||||||
|
mountPoint = "/var/lib/gitea";
|
||||||
|
}]; # TODO
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -21,4 +21,8 @@
|
||||||
http = null;
|
http = null;
|
||||||
};
|
};
|
||||||
hosts = [ ];
|
hosts = [ ];
|
||||||
|
volumes = [{
|
||||||
|
name = "postgres-storage";
|
||||||
|
mountPoint = "/var/lib/postgresql";
|
||||||
|
}];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -15,5 +15,12 @@ Services are of the form:
|
||||||
http = 80;
|
http = 80;
|
||||||
};
|
};
|
||||||
hosts = [ "myservice.domain.mjau" ];
|
hosts = [ "myservice.domain.mjau" ];
|
||||||
|
volumes = [
|
||||||
|
{
|
||||||
|
name = "myservice-storage";
|
||||||
|
mountPoint = "/var/lib/whatever";
|
||||||
|
readOnly = false;
|
||||||
|
};
|
||||||
|
];
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user