diff --git a/hosts/ports.nix b/hosts/ports.nix index 04f26c8..66a63ad 100644 --- a/hosts/ports.nix +++ b/hosts/ports.nix @@ -24,7 +24,8 @@ ntfy = 3010; audio = 3011; atuin = 3012; - stream = 3013; + stream = 3013; # seedbox-frontend + seedbox = 3014; # seedbox-backend search = 8081; videos = 8082; @@ -39,7 +40,6 @@ prowlarr = 5006; flaresolverr = 5007; torrent = 5008; - seedbox = 5009; }; }; } diff --git a/modules/nixos/server/containers/seedbox.nix b/modules/nixos/server/containers/seedbox.nix index b0f6fc8..559ce8a 100644 --- a/modules/nixos/server/containers/seedbox.nix +++ b/modules/nixos/server/containers/seedbox.nix @@ -7,7 +7,7 @@ }: let cfg = config.mods.server.seedbox; port = config.mods.server.nginx.ports.stream; - backend-port = config.mods.server.local.ports.seedbox; + backend-port = config.mods.server.nginx.ports.seedbox; in with lib; { options.mods.server.seedbox = { @@ -19,27 +19,15 @@ in config = mkIf cfg.enable { # Runtime - virtualisation.podman = { + virtualisation.docker = { enable = true; autoPrune.enable = true; - dockerCompat = true; }; - - # Enable container name DNS for all Podman networks. - networking.firewall.interfaces = let - matchAll = - if !config.networking.nftables.enable - then "podman+" - else "podman*"; - in { - "${matchAll}".allowedUDPPorts = [53]; - }; - - virtualisation.oci-containers.backend = "podman"; + virtualisation.oci-containers.backend = "docker"; # Containers virtualisation.oci-containers.containers."seedbox-backend" = { - image = "localhost/compose2nix/seedbox-backend"; + image = "compose2nix/seedbox-backend"; volumes = [ "seedbox-lite_seedbox_cache:/app/cache:rw" "seedbox-lite_seedbox_data:/app/data:rw" @@ -52,32 +40,39 @@ in "--network-alias=seedbox-backend" "--network=seedbox-lite_seedbox-network" ]; + environment = { + NODE_ENV = "production"; + ACCESS_PASSWORD = "temp_pass"; + }; }; - systemd.services."podman-seedbox-backend" = { + systemd.services."docker-seedbox-backend" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; + RestartMaxDelaySec = lib.mkOverride 90 "1m"; + RestartSec = lib.mkOverride 90 "100ms"; + RestartSteps = lib.mkOverride 90 9; }; after = [ - "podman-network-seedbox-lite_seedbox-network.service" - "podman-volume-seedbox-lite_seedbox_cache.service" - "podman-volume-seedbox-lite_seedbox_data.service" + "docker-network-seedbox-lite_seedbox-network.service" + "docker-volume-seedbox-lite_seedbox_cache.service" + "docker-volume-seedbox-lite_seedbox_data.service" ]; requires = [ - "podman-network-seedbox-lite_seedbox-network.service" - "podman-volume-seedbox-lite_seedbox_cache.service" - "podman-volume-seedbox-lite_seedbox_data.service" + "docker-network-seedbox-lite_seedbox-network.service" + "docker-volume-seedbox-lite_seedbox_cache.service" + "docker-volume-seedbox-lite_seedbox_data.service" ]; partOf = [ - "podman-compose-seedbox-lite-root.target" + "docker-compose-seedbox-lite-root.target" ]; wantedBy = [ - "podman-compose-seedbox-lite-root.target" + "docker-compose-seedbox-lite-root.target" ]; }; virtualisation.oci-containers.containers."seedbox-frontend" = { - image = "localhost/compose2nix/seedbox-frontend"; + image = "compose2nix/seedbox-frontend"; ports = [ - "${toString port}:80/tcp" + "${toString port}:8080/tcp" ]; dependsOn = [ "seedbox-backend" @@ -87,90 +82,95 @@ in "--network-alias=seedbox-frontend" "--network=seedbox-lite_seedbox-network" ]; + environment = { + NODE_ENV = "production"; + ACCESS_PASSWORD = "temp_pass"; + }; }; - systemd.services."podman-seedbox-frontend" = { + systemd.services."docker-seedbox-frontend" = { serviceConfig = { Restart = lib.mkOverride 90 "always"; + RestartMaxDelaySec = lib.mkOverride 90 "1m"; + RestartSec = lib.mkOverride 90 "100ms"; + RestartSteps = lib.mkOverride 90 9; }; after = [ - "podman-network-seedbox-lite_seedbox-network.service" + "docker-network-seedbox-lite_seedbox-network.service" ]; requires = [ - "podman-network-seedbox-lite_seedbox-network.service" + "docker-network-seedbox-lite_seedbox-network.service" ]; partOf = [ - "podman-compose-seedbox-lite-root.target" + "docker-compose-seedbox-lite-root.target" ]; wantedBy = [ - "podman-compose-seedbox-lite-root.target" + "docker-compose-seedbox-lite-root.target" ]; }; # Networks - systemd.services."podman-network-seedbox-lite_seedbox-network" = { - path = [pkgs.podman]; + systemd.services."docker-network-seedbox-lite_seedbox-network" = { + path = [pkgs.docker]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; - ExecStop = "podman network rm -f seedbox-lite_seedbox-network"; + ExecStop = "docker network rm -f seedbox-lite_seedbox-network"; }; script = '' - podman network inspect seedbox-lite_seedbox-network || podman network create seedbox-lite_seedbox-network --driver=bridge + docker network inspect seedbox-lite_seedbox-network || docker network create seedbox-lite_seedbox-network --driver=bridge ''; - partOf = ["podman-compose-seedbox-lite-root.target"]; - wantedBy = ["podman-compose-seedbox-lite-root.target"]; + partOf = ["docker-compose-seedbox-lite-root.target"]; + wantedBy = ["docker-compose-seedbox-lite-root.target"]; }; # Volumes - systemd.services."podman-volume-seedbox-lite_seedbox_cache" = { - path = [pkgs.podman]; + systemd.services."docker-volume-seedbox-lite_seedbox_cache" = { + path = [pkgs.docker]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' - podman volume inspect seedbox-lite_seedbox_cache || podman volume create seedbox-lite_seedbox_cache --driver=local + docker volume inspect seedbox-lite_seedbox_cache || docker volume create seedbox-lite_seedbox_cache --driver=local ''; - partOf = ["podman-compose-seedbox-lite-root.target"]; - wantedBy = ["podman-compose-seedbox-lite-root.target"]; + partOf = ["docker-compose-seedbox-lite-root.target"]; + wantedBy = ["docker-compose-seedbox-lite-root.target"]; }; - systemd.services."podman-volume-seedbox-lite_seedbox_data" = { - path = [pkgs.podman]; + systemd.services."docker-volume-seedbox-lite_seedbox_data" = { + path = [pkgs.docker]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; script = '' - podman volume inspect seedbox-lite_seedbox_data || podman volume create seedbox-lite_seedbox_data --driver=local + docker volume inspect seedbox-lite_seedbox_data || docker volume create seedbox-lite_seedbox_data --driver=local ''; - partOf = ["podman-compose-seedbox-lite-root.target"]; - wantedBy = ["podman-compose-seedbox-lite-root.target"]; + partOf = ["docker-compose-seedbox-lite-root.target"]; + wantedBy = ["docker-compose-seedbox-lite-root.target"]; }; # Builds - systemd.services."podman-build-seedbox-backend" = { - path = [pkgs.podman pkgs.git]; + systemd.services."docker-build-seedbox-backend" = { + path = [pkgs.docker pkgs.git]; serviceConfig = { Type = "oneshot"; TimeoutSec = 300; }; script = '' cd /tmp - git clone https://github.com/hotheadhacker/seedbox-lite.git - cd seedbox-lite/server + git clone https://github.com/hotheadhacker/seedbox-lite.git && cd seedbox-lite/server || cd seedbox-lite/server podman build -t compose2nix/seedbox-backend . ''; }; - systemd.services."podman-build-seedbox-frontend" = { - path = [pkgs.podman pkgs.git]; + systemd.services."docker-build-seedbox-frontend" = { + path = [pkgs.docker pkgs.git]; serviceConfig = { Type = "oneshot"; TimeoutSec = 300; }; script = '' cd /tmp - git clone https://github.com/hotheadhacker/seedbox-lite.git - cd seedbox-lite/client + git clone https://github.com/hotheadhacker/seedbox-lite.git && cd seedbox-lite/client || cd seedbox-lite/client podman build -t compose2nix/seedbox-frontend --build-arg VITE_API_BASE_URL=http://localhost:${toString backend-port} . ''; }; @@ -178,7 +178,7 @@ in # Root service # When started, this will automatically create all resources and start # the containers. When stopped, this will teardown all resources. - systemd.targets."podman-compose-seedbox-lite-root" = { + systemd.targets."docker-compose-seedbox-lite-root" = { unitConfig = { Description = "Root target generated by compose2nix."; };