diff --git a/modules/system/homelab/containers.nix b/modules/system/homelab/containers.nix new file mode 100644 index 0000000..ce86d68 --- /dev/null +++ b/modules/system/homelab/containers.nix @@ -0,0 +1,27 @@ +{ ... }: let + stacks-dir = "/opt/stacks"; +in { + virtualisation = { + oci-containers.backend = "docker"; + docker = { + enable = true; + autoPrune.enable = true; + }; + }; + + virtualisation.oci-containers.containers."dockge" = { + image = "louislam/dockge:latest"; + environment = { + "DOCKGE_STACKS_DIR" = stacks-dir; + }; + volumes = [ + "${stacks-dir}:${stacks-dir}:rw" + "/root/dockge:/app/data:rw" + "/var/run/docker.sock:/var/run/docker.sock:rw" + ]; + ports = [ + "127.0.0.1:5001:5001/tcp" + ]; + log-driver = "journald"; + }; +} diff --git a/modules/system/homelab/dash.nix b/modules/system/homelab/dash.nix index 43f63a4..e19dcaa 100644 --- a/modules/system/homelab/dash.nix +++ b/modules/system/homelab/dash.nix @@ -57,6 +57,7 @@ [ "AdGuardHome" "adguard" "https://dns.proxy.${homelab.domain}" "http://localhost:8088/" ] [ "ApacheHTTPD" "apache" "https://cdn.proxy.${homelab.domain}" "http://localhost:3000/" ] [ "Forgejo" "forgejo" "https://git.proxy.${homelab.domain}" "http://localhost:5080/" ] + [ "Dockge" "docker" "https://containers.proxy.${homelab.domain}" "http://localhost:5001/" ] ]; bookmarks = [ [ "Tailscale" "tailscale" "https://login.tailscale.com/" ] diff --git a/modules/system/homelab/dns.nix b/modules/system/homelab/dns.nix index 95eaa62..b9bde88 100644 --- a/modules/system/homelab/dns.nix +++ b/modules/system/homelab/dns.nix @@ -1,4 +1,4 @@ -{ homelab, ... }: let +{ lib, homelab, ... }: let rewrites = [ [ "router.dns.${homelab.domain}" "10.3.14.1" ] [ "main.dns.${homelab.domain}" "10.3.14.42" ] @@ -59,10 +59,19 @@ in { rewrites_enabled = true; filtering_enabled = true; safe_search.enabled = true; - rewrites = map (e: { enabled = true; domain = builtins.elemAt e 0; answer = builtins.elemAt e 1; }) rewrites; + rewrites = map (e: { + enabled = true; + domain = builtins.elemAt e 0; + answer = builtins.elemAt e 1; + }) rewrites; }; filters = map (url: { enabled = true; url = url; }) blacklist; whitelist_filters = map (url: { enabled = true; url = url; }) whitelist; }; }; + + networking = { + networkmanager.dns = "none"; + nameservers = lib.mkForce [ "127.0.0.1" ]; + }; } \ No newline at end of file diff --git a/modules/system/homelab/proxy.nix b/modules/system/homelab/proxy.nix index 6fce039..929c86a 100644 --- a/modules/system/homelab/proxy.nix +++ b/modules/system/homelab/proxy.nix @@ -1,11 +1,12 @@ { homelab, lib, ... }: let base = "proxy.${homelab.domain}"; proxyMappings = { - "dns" = { dest = "http://localhost:8088"; auth = true; }; - "cdn" = { dest = "http://localhost:3000"; auth = false; }; - "auth" = { dest = "http://localhost:1411"; auth = false; }; - "git" = { dest = "http://localhost:5080"; auth = false; }; - "@" = { dest = "http://localhost:5070"; auth = false; }; + "containers" = { dest = "http://localhost:5001"; auth = false; }; + "auth" = { dest = "http://localhost:1411"; auth = false; }; + "dns" = { dest = "http://localhost:8088"; auth = true; }; + "cdn" = { dest = "http://localhost:3000"; auth = false; }; + "git" = { dest = "http://localhost:5080"; auth = false; }; + "@" = { dest = "http://localhost:5070"; auth = false; }; }; in { users.users.nginx.extraGroups = [ "acme" ]; diff --git a/modules/system/server.nix b/modules/system/server.nix index 36329f7..1eb2940 100644 --- a/modules/system/server.nix +++ b/modules/system/server.nix @@ -1,5 +1,6 @@ -{ lib, ... }: { +{ ... }: { imports = [ + ./homelab/containers.nix ./homelab/share.nix ./homelab/proxy.nix ./homelab/dash.nix @@ -8,9 +9,4 @@ ./homelab/idp.nix ./base.nix ]; - - networking = { - networkmanager.dns = "none"; - nameservers = lib.mkForce [ "127.0.0.1" ]; - }; } \ No newline at end of file