diff --git a/modules/ptero.nix b/modules/ptero.nix index 84d7653..c8486b5 100644 --- a/modules/ptero.nix +++ b/modules/ptero.nix @@ -23,13 +23,14 @@ in { serviceConfig.Type = "oneshot"; script ='' mkdir -p ${DATA_DIR}/database +mkdir -p ${DATA_DIR}/cache mkdir -p ${DATA_DIR}/panel chown ${panel_user}:${panel_user} -R ${DATA_DIR} chmod +777 -R ${DATA_DIR} ''; }; - virtualisation.oci-containers.backend = "docker"; # maybe podman in the future + virtualisation.oci-containers.backend = "podman"; systemd.services.init-ptero-local-network = { description = "Create the network bridge ${local_bridge} for ptero."; @@ -37,15 +38,13 @@ chmod +777 -R ${DATA_DIR} wantedBy = [ "multi-user.target" ]; serviceConfig.Type = "oneshot"; - script = let dockercli = "${config.virtualisation.docker.package}/bin/docker"; + script = let podmancli = "${config.virtualisation.podman.package}/bin/podman"; in '' - # Put a true at the end to prevent getting non-zero return code, which will - # crash the whole service. - check=$(${dockercli} network ls | grep "${local_bridge}" || true) + check=$(${podmancli} pod ls | grep "ptero" || true) if [ -z "$check" ]; then - ${dockercli} network create --internal ${local_bridge} + ${podmancli} pod create -p "${ptero_port}:80" ptero else - echo "${local_bridge} already exists in docker" + echo "ptero pod already exists" fi ''; }; @@ -54,32 +53,32 @@ chmod +777 -R ${DATA_DIR} virtualisation.oci-containers.containers."ptero-mysql" = { image = "library/mysql:8.0"; workdir = "${DATA_DIR}/database"; - extraOptions = [ "--network=${local_bridge}" ]; + extraOptions = [ "--pod=ptero" ]; environment = { "MYSQL_ROOT_PASSWORD" = "JMK1VmZDwoVAUhvClQ7DncOEw5B1XcKXwqERw45Cw4/CoMKKwqHCocKXwqZrwr9b"; "MYSQL_USER" = "pterodactyl"; "MYSQL_PASSWORD" = "JMK1VmZDwoVAUhvClQ7DncOEw5B1XcKXwqERw45Cw4/CoMKKwqHCocKXwqZrwr9b"; "MYSQL_DATABASE" = "panel"; }; - volumes = ["${DATA_DIR}/database:/var/lib/mysql"]; + volumes = ["${DATA_DIR}/database:/var/lib/mysql" "${DATA_DIR}/database:${DATA_DIR}/database"]; cmd=["--default-authentication-plugin=mysql_native_password"]; }; virtualisation.oci-containers.containers."ptero-cache" = { image = "redis:alpine"; workdir = "${DATA_DIR}/cache"; - extraOptions = [ "--network=${local_bridge}" ]; + volumes = ["${DATA_DIR}/cache:${DATA_DIR}/cache"]; + extraOptions = [ "--pod=ptero" ]; }; virtualisation.oci-containers.containers."ptero-panel" = { image = "ghcr.io/pterodactyl/panel:v${ptero_ver}"; -# workdir = "${DATA_DIR}/panel"; volumes = [ "${DATA_DIR}/panel/var/:/app/var/" "${DATA_DIR}/panel/logs/:/app/storage/logs" "${DATA_DIR}/panel/nginx/:/etc/nginx/conf.d/" ]; - extraOptions = [ "--network=${local_bridge}"]; + extraOptions = [ "--pod=ptero" ]; environment = { "APP_URL" = "https://${ptero_host}"; "APP_TIMEZONE" = "Europe/Berlin"; @@ -99,24 +98,13 @@ chmod +777 -R ${DATA_DIR} "CACHE_DRIVER" = "redis"; "SESSION_DRIVER" = "redis"; "QUEUE_DRIVER" = "redis"; - "REDIS_HOST" = "ptero-cache"; - "DB_HOST" = "ptero-mysql"; + "REDIS_HOST" = "127.0.0.1"; + "DB_HOST" = "127.0.0.1"; "TRUSTED_PROXIES" = "*"; }; labels = { "traefik.http.routers.pterodactyl_panel.entrypoints"="web"; -# "traefik.http.routers.pterodactyl_panel.rule"="Host(`${ptero_host}`)"; -# "traefik.http.routers.pterodactyl_panel.middlewares"="panel_https"; -# "traefik.http.middlewares.panel_https.redirectscheme.scheme"="https"; -# "traefik.http.routers.pterodactyl_panel-https.entrypoints"="websecure"; -# "traefik.http.routers.pterodactyl_panel-https.rule"="Host(`${ptero_host}`)"; -# "traefik.http.routers.pterodactyl_panel-https.tls"="true"; -# "traefik.http.routers.pterodactyl_panel-https.tls.certresolver"="letsencrypt"; -# "traefik.http.services.pterodactyl_panel-https.loadbalancer.server.port"="80"; }; - ports = [ - "${ptero_port}:80" - ]; }; security.acme.certs."${root_host}".extraDomainNames = [ ptero_host ];