install docker and compose
This commit is contained in:
parent
afaf3c4697
commit
53d2343f04
|
@ -1,26 +1,10 @@
|
||||||
{ pkgs, inputs, ... }:
|
{pkgs, ...}: {
|
||||||
{
|
|
||||||
|
|
||||||
imports = [ inputs.arion.nixosModules.arion ];
|
|
||||||
environment.systemPackages = [
|
|
||||||
pkgs.arion
|
|
||||||
];
|
|
||||||
|
|
||||||
# Arion works with Docker, but for NixOS-based containers, you need Podman
|
|
||||||
# since NixOS 21.05.
|
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
podman = {
|
|
||||||
enable = true;
|
|
||||||
defaultNetwork.settings.dns_enabled = true;
|
|
||||||
};
|
|
||||||
docker = {
|
docker = {
|
||||||
enable = true;
|
enable = true;
|
||||||
storageDriver = "btrfs";
|
|
||||||
rootless = {
|
|
||||||
enable = true;
|
|
||||||
setSocketVariable = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
docker-compose
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ pkgs, lib, inputs, config, ... }:
|
{
|
||||||
let
|
pkgs,
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
admin_dbPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/admin_db/password".path;
|
admin_dbPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/admin_db/password".path;
|
||||||
initScript = pkgs.writeText "init.sh" ''
|
initScript = pkgs.writeText "init.sh" ''
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
@ -15,20 +20,20 @@ let
|
||||||
CREATE DATABASE $database;
|
CREATE DATABASE $database;
|
||||||
GRANT ALL PRIVILEGES ON DATABASE $database TO $user;
|
GRANT ALL PRIVILEGES ON DATABASE $database TO $user;
|
||||||
EOSQL
|
EOSQL
|
||||||
|
|
||||||
# Loop through extensions and create them
|
# Loop through extensions and create them
|
||||||
for ext in $(echo "$extensions" | tr ',' ' '); do
|
for ext in $(echo "$extensions" | tr ',' ' '); do
|
||||||
echo " - Installing extention $ext"
|
echo " - Installing extention $ext"
|
||||||
psql -v --username "$POSTGRES_USER" -d "$database" -c "CREATE EXTENSION $ext;"
|
psql -v --username "$POSTGRES_USER" -d "$database" -c "CREATE EXTENSION $ext;"
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
|
if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
|
||||||
|
|
||||||
# Parse the JSON string
|
# Parse the JSON string
|
||||||
database_names=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r '.[0] | keys[]')
|
database_names=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r '.[0] | keys[]')
|
||||||
echo "Multiple database creation requested: $(echo "$database_names" | tr "\n" " ")"
|
echo "Multiple database creation requested: $(echo "$database_names" | tr "\n" " ")"
|
||||||
|
|
||||||
# Loop through each database and create it
|
# Loop through each database and create it
|
||||||
for db_name in $database_names; do
|
for db_name in $database_names; do
|
||||||
user=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r ".[0] | .''${db_name} | .user")
|
user=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r ".[0] | .''${db_name} | .user")
|
||||||
|
@ -67,10 +72,9 @@ let
|
||||||
timezone = 'Etc/UTC'
|
timezone = 'Etc/UTC'
|
||||||
default_text_search_config = 'pg_catalog.english'
|
default_text_search_config = 'pg_catalog.english'
|
||||||
'';
|
'';
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
sops.secrets = {
|
sops.secrets = {
|
||||||
"software/postgres/admin_db/password" = { };
|
"software/postgres/admin_db/password" = {};
|
||||||
};
|
};
|
||||||
virtualisation.arion = {
|
virtualisation.arion = {
|
||||||
backend = "docker";
|
backend = "docker";
|
||||||
|
@ -79,15 +83,15 @@ in
|
||||||
restart = "unless-stopped";
|
restart = "unless-stopped";
|
||||||
build.context = "/nix/store";
|
build.context = "/nix/store";
|
||||||
build.dockerfile = builtins.baseNameOf "${pkgs.writeText "pgDockerfile" ''
|
build.dockerfile = builtins.baseNameOf "${pkgs.writeText "pgDockerfile" ''
|
||||||
FROM postgres:16
|
FROM postgres:16
|
||||||
# install packages
|
# install packages
|
||||||
RUN apt-get update \
|
RUN apt-get update \
|
||||||
&& apt-get install -y --no-install-recommends \
|
&& apt-get install -y --no-install-recommends \
|
||||||
postgresql-16-postgis \
|
postgresql-16-postgis \
|
||||||
jq \
|
jq \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
''}";
|
''}";
|
||||||
command = [ "postgres" "-c" "config_file=/etc/postgresql/postgresql.conf" ];
|
command = ["postgres" "-c" "config_file=/etc/postgresql/postgresql.conf"];
|
||||||
environment = {
|
environment = {
|
||||||
POSTGRES_PASSWORD_FILE = admin_dbPasswordFile;
|
POSTGRES_PASSWORD_FILE = admin_dbPasswordFile;
|
||||||
POSTGRES_USER = "admin";
|
POSTGRES_USER = "admin";
|
||||||
|
@ -119,9 +123,8 @@ in
|
||||||
]
|
]
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
ports = [ "5432:5432" ];
|
ports = ["5432:5432"];
|
||||||
volumes = [
|
volumes = [
|
||||||
|
|
||||||
# Mount pgdata to external zfs volume
|
# Mount pgdata to external zfs volume
|
||||||
"/mnt/postgres:/var/lib/postgresql/data"
|
"/mnt/postgres:/var/lib/postgresql/data"
|
||||||
|
|
||||||
|
@ -129,7 +132,7 @@ in
|
||||||
# "${pg_hbaConfig}:/var/lib/postgres/data/pgdata/pg_hba.conf"
|
# "${pg_hbaConfig}:/var/lib/postgres/data/pgdata/pg_hba.conf"
|
||||||
"${pgsqlConfig}:/etc/postgresql/postgresql.conf"
|
"${pgsqlConfig}:/etc/postgresql/postgresql.conf"
|
||||||
|
|
||||||
# Need to mount secret file
|
# Need to mount secret file
|
||||||
"${admin_dbPasswordFile}:${admin_dbPasswordFile}"
|
"${admin_dbPasswordFile}:${admin_dbPasswordFile}"
|
||||||
|
|
||||||
# PG init script to parse json specified in POSTGRES_MULTIPLE_DATABASES
|
# PG init script to parse json specified in POSTGRES_MULTIPLE_DATABASES
|
||||||
|
@ -140,4 +143,3 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -23,6 +23,7 @@ in {
|
||||||
"networkmanager"
|
"networkmanager"
|
||||||
"scanner"
|
"scanner"
|
||||||
"lp"
|
"lp"
|
||||||
|
"docker"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -46,6 +46,7 @@ in {
|
||||||
../common/optional/nfs-mounts/media.nix
|
../common/optional/nfs-mounts/media.nix
|
||||||
../common/optional/nfs-mounts/homeshare.nix
|
../common/optional/nfs-mounts/homeshare.nix
|
||||||
../common/optional/printing.nix
|
../common/optional/printing.nix
|
||||||
|
../common/optional/docker
|
||||||
];
|
];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
pkgs: {
|
pkgs: {
|
||||||
sddm-theme = pkgs.callPackage ./sddm-theme { };
|
sddm-theme = pkgs.callPackage ./sddm-theme {};
|
||||||
st = pkgs.callPackage ./st { };
|
st = pkgs.callPackage ./st {};
|
||||||
dwmblocks = pkgs.callPackage ./dwmblocks { };
|
dwmblocks = pkgs.callPackage ./dwmblocks {};
|
||||||
dmenu = pkgs.callPackage ./dmenu { };
|
dmenu = pkgs.callPackage ./dmenu {};
|
||||||
nsxiv = pkgs.callPackage ./nsxiv { };
|
nsxiv = pkgs.callPackage ./nsxiv {};
|
||||||
sqlfmt = pkgs.callPackage ./sqlfmt { };
|
sqlfmt = pkgs.callPackage ./sqlfmt {};
|
||||||
kunst = pkgs.callPackage ./kunst { };
|
kunst = pkgs.callPackage ./kunst {};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue