added web.nix to jeevesjr

2024-05-27 20:20:00 -04:00 · 2024-05-27 20:20:00 -04:00 · cabba86d1a
commit cabba86d1a
parent 80bbbc8e9e
4 changed files with 59 additions and 1 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -19,6 +19,7 @@
    "builtins",
    "cachix",
    "charliermarsh",
    "cloudflared",
    "codezombiech",
    "Compat",
    "concatLists",
--- a/systems/jeeves-jr/configuration.nix
+++ b/systems/jeeves-jr/configuration.nix
@ -1,6 +1,9 @@
 { pkgs, ... }:
 {
-  imports = [ ../../users/richie/global/zerotier.nix ];
+  imports = [
    ../../users/richie/global/zerotier.nix
    ./docker
  ];
  networking = {
    hostId = "1beb3026";
--- a/systems/jeeves-jr/docker/default.nix
+++ b/systems/jeeves-jr/docker/default.nix
@ -0,0 +1,15 @@
 { pkgs, config, ... }:
 {
  imports = [ ./web.nix ];
  virtualisation.oci-containers.backend = "docker";
  system.activationScripts.mkVPN =
    let
      docker = config.virtualisation.oci-containers.backend;
      dockerBin = "${pkgs.${docker}}/bin/${docker}";
    in
    ''
      ${dockerBin} network inspect web >/dev/null 2>&1 || ${dockerBin} network create web --subnet 172.100.5.0/16
    '';
 }
--- a/systems/jeeves-jr/docker/web.nix
+++ b/systems/jeeves-jr/docker/web.nix
@ -0,0 +1,39 @@
 {
  virtualisation.oci-containers.containers = {
    arch_mirror = {
      image = "ubuntu/apache2:latest";
      volumes = [
        "/ZFS/Media/Docker/Docker/templates/file_server/sites/:/etc/apache2/sites-enabled/"
        "/ZFS/Media/Mirror/:/data"
      ];
      ports = [ "800:80" ];
      extraOptions = [ "--network=web" ];
      autoStart = true;
    };
    haproxy = {
      image = "haproxy:latest";
      user = "998:998";
      environment = {
        TZ = "Etc/EST";
      };
      volumes = [
        "/ZFS/Main/Docker/jeeves-jr/haproxy/web/haproxy/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
        "/ZFS/Main/Docker/jeeves-jr/haproxy/web/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg"
      ];
      dependsOn = [ "arch_mirror" ];
      extraOptions = [ "--network=web" ];
      autoStart = true;
    };
    cloud_flare_tunnel = {
      image = "cloudflare/cloudflared:latest";
      cmd = [
        "tunnel"
        "run"
      ];
      environmentFiles = [ "/ZFS/Main/Docker/jeeves-jr/haproxy/web/cloudflare_tunnel.env" ];
      dependsOn = [ "haproxy" ];
      extraOptions = [ "--network=web" ];
      autoStart = true;
    };
  };
 }