Periodic/system-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Periodic:743ce58b140d20c2a65353606197f43671d9208a
Branches Tags
Periodic:main
..
compare: Periodic:87914329640186f9b98fd77883f064885d580abf
Branches Tags
Periodic:main

2 Commits
743ce58b14 ... 8791432964

Author SHA1 Message Date
Drew Haven
8791432964 [goatcounter] Fixes instance for blazestar.net 2025-07-14 15:14:13 -07:00
Drew Haven
638f34c2d3 [goatcounter] Adds instance for blazestar.net 2025-07-10 15:35:57 -07:00
3 changed files with 178 additions and 18 deletions
Expand all files Collapse all files

126
system/features/web-containers.nix Normal file
View File

@@ -0,0 +1,126 @@
{ config, lib, ... }:
{
options =
with lib;
with types;
{
virtualisation.web-containers = {
enable = mkEnableOption "web containers";
containers = mkOption {
type = lazyAttrsOf (submodule {
options =
let
strOpt = mkOption { type = str; };
intOpt = mkOption { type = int; };
boolOpt = mkOption {
type = bool;
default = false;
};
strList = mkOption {
type = listOf str;
default = [ ];
};
attrOpt = mkOption {
type = attrsOf str;
default = { };
};
in
{
image = strOpt;
hostname = strOpt;
port = intOpt;
homepageOpts = attrOpt;
dependsOn = strList;
domain = strOpt;
volumes = strList;
environment = attrOpt;
environmentFiles = strList;
public = boolOpt;
user = mkOption {
type = nullOr str;
default = null;
};
extraOptions = strList;
oauthProxy = boolOpt;
extraLabels = attrOpt;
};
});
default = { };
description = "";
};
};
};
config = {
virtualisation.oci-containers.containers = lib.mkIf config.virtualisation.web-containers.enable (
let
hostRule = host: domain: "Host(`${host}.${domain}`)";
localNet = "192.168.0.0/16";
dockerNet = "10.88.0.0/16";
localNetRule = "(ClientIP(`${localNet}`) || ClientIP(`${dockerNet}`))";
localHostRule = host: domain: "${localNetRule} && ${hostRule host domain}";
mkContainer =
key:
{
image,
hostname,
port,
homepageOpts,
dependsOn,
domain,
volumes,
environment,
environmentFiles,
public,
user,
extraOptions,
oauthProxy,
extraLabels,
}:
let
fqn = "${hostname}.${domain}";
serviceName = lib.strings.replaceChars [ "." ] [ "-" ] fqn;
routerRule = if public then hostRule hostname domain else localHostRule hostname domain;
homepageLabels =
if homepageOpts == { } then
{ }
else
{
"homepage.group" = "${homepageOpts.group}";
"homepage.name" = "${homepageOpts.name}";
"homepage.icon" = "${homepageOpts.icon}";
"homepage.href" = "https://${fqn}";
"homepage.description" = "${homepageOpts.description}";
};
oauthLabels =
if oauthProxy then
{ "traefik.http.routers.${serviceName}.middlewares" = "oidc-auth@file"; }
else
{ };
in
{
inherit
image
dependsOn
volumes
environment
environmentFiles
user
extraOptions
;
autoStart = true;
labels =
{
"traefik.enable" = "true";
"traefik.http.routers.${serviceName}.rule" = "${routerRule}";
"traefik.http.services.${serviceName}.loadbalancer.server.port" = "${toString port}";
}
// oauthLabels
// homepageLabels
// extraLabels;
};
in
builtins.mapAttrs mkContainer config.virtualisation.web-containers.containers
);
};
}

2
system/hosts/mcp/containers/dm-companion.nix
View File

@@ -81,7 +81,7 @@ in
port = 8080; port = 8080;
volumes = [ volumes = [
"/tank/web/dm.terakoda.com/pb_data:/pb/pb_data" "/tank/web/dm.terakoda.com/pb_data:/pb/pb_data"
"/tank/web/dm.terakoda.com/pb_migrniations:/pb/pb_migrations:ro" "/tank/web/dm.terakoda.com/pb_migrations:/pb/pb_migrations:ro"
]; ];
environment = { }; environment = { };
extraLabels = { extraLabels = {

42
system/hosts/mcp/containers/goatcounter.nix
View File

@@ -1,11 +1,22 @@
{ config, ... }: { config, ... }:
let let
inherit (import ./lib.nix config) mkContainer terakoda hostRule; inherit (import ./lib.nix config)
terakoda
blazestar
hostRule
;
in in
{ {
virtualisation.oci-containers.containers.goatcounter = mkContainer { imports = [
../../../features/web-containers.nix
];
virtualisation.web-containers = {
enable = true;
containers = {
goatcounter-terakoda = {
image = "arp242/goatcounter"; image = "arp242/goatcounter";
hostName = "goatcounter"; hostname = "goatcounter";
domain = terakoda; domain = terakoda;
public = true; public = true;
port = 8080; port = 8080;
@@ -18,7 +29,30 @@ in
# Host the script on www.terakoda.com so that it is easy to fetch # Host the script on www.terakoda.com so that it is easy to fetch
"traefik.http.routers.www-terakoda-com-goatcounter.rule" = "traefik.http.routers.www-terakoda-com-goatcounter.rule" =
"PathPrefix(`/count`) && ${hostRule "www" terakoda}"; "PathPrefix(`/count`) && ${hostRule "www" terakoda}";
"traefik.http.routers.www-terakoda-com-goatcounter.service" = "goatcounter"; "traefik.http.routers.www-terakoda-com-goatcounter.entrypoints" = "websecure";
"traefik.http.routers.www-terakoda-com-goatcounter.service" = "goatcounter-terakoda-com";
};
};
goatcounter-blazestar = {
image = "arp242/goatcounter";
hostname = "goatcounter";
domain = blazestar;
public = true;
port = 8080;
volumes = [
"goatcounter-data-blazestar:/home/goatcounter/goatcounter-data"
];
extraLabels = {
# "traefik.http.middlewares.strip-analytics.stripprefix.prefixes" = "/analytics";
# "traefik.http.routers.www-blazestar-net-goatcounter.middlewares" = "strip-analytics";
# Host the script on www.blazestar.net so that it is easy to fetch
"traefik.http.routers.www-blazestar-net-goatcounter.rule" =
"PathPrefix(`/count`) && ${hostRule "www" blazestar}";
"traefik.http.routers.www-blazestar-net-goatcounter.entrypoints" = "websecure";
"traefik.http.routers.www-blazestar-net-goatcounter.service" = "goatcounter-blazestar-net@docker";
};
};
}; };
}; };
} }