added web.nix to jeevesjr

2024-05-27 20:20:00 -04:00 · 2024-05-27 20:20:00 -04:00 · cabba86d1a
commit cabba86d1a
parent 80bbbc8e9e
4 changed files with 59 additions and 1 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -19,6 +19,7 @@
    "builtins",
    "cachix",
    "charliermarsh",
+    "cloudflared",
    "codezombiech",
    "Compat",
    "concatLists",
--- a/systems/jeeves-jr/configuration.nix
+++ b/systems/jeeves-jr/configuration.nix
@ -1,6 +1,9 @@
 { pkgs, ... }:
 {
-  imports = [ ../../users/richie/global/zerotier.nix ];
+  imports = [
+    ../../users/richie/global/zerotier.nix
+    ./docker
+  ];

  networking = {
    hostId = "1beb3026";
--- a/systems/jeeves-jr/docker/default.nix
+++ b/systems/jeeves-jr/docker/default.nix
@ -0,0 +1,15 @@
+{ pkgs, config, ... }:
+{
+  imports = [ ./web.nix ];
+
+  virtualisation.oci-containers.backend = "docker";
+
+  system.activationScripts.mkVPN =
+    let
+      docker = config.virtualisation.oci-containers.backend;
+      dockerBin = "${pkgs.${docker}}/bin/${docker}";
+    in
+    ''
+      ${dockerBin} network inspect web >/dev/null 2>&1 || ${dockerBin} network create web --subnet 172.100.5.0/16
+    '';
+}
--- a/systems/jeeves-jr/docker/web.nix
+++ b/systems/jeeves-jr/docker/web.nix
@ -0,0 +1,39 @@
+{
+  virtualisation.oci-containers.containers = {
+    arch_mirror = {
+      image = "ubuntu/apache2:latest";
+      volumes = [
+        "/ZFS/Media/Docker/Docker/templates/file_server/sites/:/etc/apache2/sites-enabled/"
+        "/ZFS/Media/Mirror/:/data"
+      ];
+      ports = [ "800:80" ];
+      extraOptions = [ "--network=web" ];
+      autoStart = true;
+    };
+    haproxy = {
+      image = "haproxy:latest";
+      user = "998:998";
+      environment = {
+        TZ = "Etc/EST";
+      };
+      volumes = [
+        "/ZFS/Main/Docker/jeeves-jr/haproxy/web/haproxy/cloudflare.pem:/etc/ssl/certs/cloudflare.pem"
+        "/ZFS/Main/Docker/jeeves-jr/haproxy/web/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg"
+      ];
+      dependsOn = [ "arch_mirror" ];
+      extraOptions = [ "--network=web" ];
+      autoStart = true;
+    };
+    cloud_flare_tunnel = {
+      image = "cloudflare/cloudflared:latest";
+      cmd = [
+        "tunnel"
+        "run"
+      ];
+      environmentFiles = [ "/ZFS/Main/Docker/jeeves-jr/haproxy/web/cloudflare_tunnel.env" ];
+      dependsOn = [ "haproxy" ];
+      extraOptions = [ "--network=web" ];
+      autoStart = true;
+    };
+  };
+}