Avery/NixOS
Avery/NixOS
1
0
Fork 0
Code Activity
NixOS/hosts/greatyamada/services/koito.nix
Avery a339897c48
Configure podman and koito
2025-06-21 19:39:41 +00:00

71 lines
2.4 KiB
Nix
Raw Blame History

{ pkgs, lib, config, ... }:
let
portDefinitions = import ./_port-definitions.nix;
nginxLocalConfig = import ./nginx-local-config.nix;
in {
virtualisation.oci-containers.containers."koito" = {
image = "gabehf/koito:latest";
environment = {
"KOITO_ALLOWED_HOSTS" = "koito.rcia.dev";
"KOITO_ENABLE_LBZ_RELAY" = "true";
"KOITO_LBZ_RELAY_URL" = "https://api.listenbrainz.org/1";
};
environmentFiles = [ config.sops.templates."koito.env".path ];
volumes = [ "/mnt/hdd-01/koito:/etc/koito:rw" ];
ports = [ "${toString portDefinitions.koito}:4110/tcp" ];
log-driver = "journald";
extraOptions = [ "--network-alias=koito" "--network=koito_default" ];
};
systemd.services."podman-koito" = {
serviceConfig = { Restart = lib.mkOverride 90 "always"; };
after = [ "podman-network-koito_default.service" ];
requires = [ "podman-network-koito_default.service" ];
partOf = [ "podman-compose-koito-root.target" ];
wantedBy = [ "podman-compose-koito-root.target" ];
};
services.nginx.virtualHosts."koito.rcia.dev" = {
locations."/".proxyPass =
"http://localhost:${toString portDefinitions.koito}";
forceSSL = true;
useACMEHost = "rcia.dev";
};
sops = {
secrets = {
"koito/database_url" = { };
"koito/listenbrainz_token" = { };
};
templates."koito.env".content = ''
KOITO_DATABASE_URL=${config.sops.placeholder."koito/database_url"}
KOITO_LBZ_RELAY_TOKEN=${
config.sops.placeholder."koito/listenbrainz_token"
}
'';
};
# Networks
systemd.services."podman-network-koito_default" = {
path = [ pkgs.podman ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "podman network rm -f koito_default";
};
script = ''
podman network inspect koito_default || podman network create koito_default
'';
partOf = [ "podman-compose-koito-root.target" ];
wantedBy = [ "podman-compose-koito-root.target" ];
};
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
systemd.targets."podman-compose-koito-root" = {
unitConfig = { Description = "Root target generated by compose2nix."; };
after = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
};
}
View git blame Copy permalink