Grimmauld/grimm-nix-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ITS ALIVE

Browse Source
This commit is contained in:
Grimmauld 2024-01-30 21:30:49 +01:00
parent 4c950c9577
commit 30bdaa6e9f
1 changed files with 13 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
modules/ptero.nix
View File

@ -23,13 +23,14 @@ in {
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
script ='' script =''
mkdir -p ${DATA_DIR}/database mkdir -p ${DATA_DIR}/database
mkdir -p ${DATA_DIR}/cache
mkdir -p ${DATA_DIR}/panel mkdir -p ${DATA_DIR}/panel
chown ${panel_user}:${panel_user} -R ${DATA_DIR} chown ${panel_user}:${panel_user} -R ${DATA_DIR}
chmod +777 -R ${DATA_DIR} chmod +777 -R ${DATA_DIR}
''; '';
}; };
virtualisation.oci-containers.backend = "docker"; # maybe podman in the future virtualisation.oci-containers.backend = "podman";
systemd.services.init-ptero-local-network = { systemd.services.init-ptero-local-network = {
description = "Create the network bridge ${local_bridge} for ptero."; description = "Create the network bridge ${local_bridge} for ptero.";
@ -37,15 +38,13 @@ chmod +777 -R ${DATA_DIR}
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
script = let dockercli = "${config.virtualisation.docker.package}/bin/docker"; script = let podmancli = "${config.virtualisation.podman.package}/bin/podman";
in '' in ''
# Put a true at the end to prevent getting non-zero return code, which will check=$(${podmancli} pod ls | grep "ptero" || true)
# crash the whole service.
check=$(${dockercli} network ls | grep "${local_bridge}" || true)
if [ -z "$check" ]; then if [ -z "$check" ]; then
${dockercli} network create --internal ${local_bridge} ${podmancli} pod create -p "${ptero_port}:80" ptero
else else
echo "${local_bridge} already exists in docker" echo "ptero pod already exists"
fi fi
''; '';
}; };
@ -54,32 +53,32 @@ chmod +777 -R ${DATA_DIR}
virtualisation.oci-containers.containers."ptero-mysql" = { virtualisation.oci-containers.containers."ptero-mysql" = {
image = "library/mysql:8.0"; image = "library/mysql:8.0";
workdir = "${DATA_DIR}/database"; workdir = "${DATA_DIR}/database";
extraOptions = [ "--network=${local_bridge}" ]; extraOptions = [ "--pod=ptero" ];
environment = { environment = {
"MYSQL_ROOT_PASSWORD" = "JMK1VmZDwoVAUhvClQ7DncOEw5B1XcKXwqERw45Cw4/CoMKKwqHCocKXwqZrwr9b"; "MYSQL_ROOT_PASSWORD" = "JMK1VmZDwoVAUhvClQ7DncOEw5B1XcKXwqERw45Cw4/CoMKKwqHCocKXwqZrwr9b";
"MYSQL_USER" = "pterodactyl"; "MYSQL_USER" = "pterodactyl";
"MYSQL_PASSWORD" = "JMK1VmZDwoVAUhvClQ7DncOEw5B1XcKXwqERw45Cw4/CoMKKwqHCocKXwqZrwr9b"; "MYSQL_PASSWORD" = "JMK1VmZDwoVAUhvClQ7DncOEw5B1XcKXwqERw45Cw4/CoMKKwqHCocKXwqZrwr9b";
"MYSQL_DATABASE" = "panel"; "MYSQL_DATABASE" = "panel";
}; };
volumes = ["${DATA_DIR}/database:/var/lib/mysql"]; volumes = ["${DATA_DIR}/database:/var/lib/mysql" "${DATA_DIR}/database:${DATA_DIR}/database"];
cmd=["--default-authentication-plugin=mysql_native_password"]; cmd=["--default-authentication-plugin=mysql_native_password"];
}; };
virtualisation.oci-containers.containers."ptero-cache" = { virtualisation.oci-containers.containers."ptero-cache" = {
image = "redis:alpine"; image = "redis:alpine";
workdir = "${DATA_DIR}/cache"; workdir = "${DATA_DIR}/cache";
extraOptions = [ "--network=${local_bridge}" ]; volumes = ["${DATA_DIR}/cache:${DATA_DIR}/cache"];
extraOptions = [ "--pod=ptero" ];
}; };
virtualisation.oci-containers.containers."ptero-panel" = { virtualisation.oci-containers.containers."ptero-panel" = {
image = "ghcr.io/pterodactyl/panel:v${ptero_ver}"; image = "ghcr.io/pterodactyl/panel:v${ptero_ver}";
# workdir = "${DATA_DIR}/panel";
volumes = [ volumes = [
"${DATA_DIR}/panel/var/:/app/var/" "${DATA_DIR}/panel/var/:/app/var/"
"${DATA_DIR}/panel/logs/:/app/storage/logs" "${DATA_DIR}/panel/logs/:/app/storage/logs"
"${DATA_DIR}/panel/nginx/:/etc/nginx/conf.d/" "${DATA_DIR}/panel/nginx/:/etc/nginx/conf.d/"
]; ];
extraOptions = [ "--network=${local_bridge}"]; extraOptions = [ "--pod=ptero" ];
environment = { environment = {
"APP_URL" = "https://${ptero_host}"; "APP_URL" = "https://${ptero_host}";
"APP_TIMEZONE" = "Europe/Berlin"; "APP_TIMEZONE" = "Europe/Berlin";
@ -99,24 +98,13 @@ chmod +777 -R ${DATA_DIR}
"CACHE_DRIVER" = "redis"; "CACHE_DRIVER" = "redis";
"SESSION_DRIVER" = "redis"; "SESSION_DRIVER" = "redis";
"QUEUE_DRIVER" = "redis"; "QUEUE_DRIVER" = "redis";
"REDIS_HOST" = "ptero-cache"; "REDIS_HOST" = "127.0.0.1";
"DB_HOST" = "ptero-mysql"; "DB_HOST" = "127.0.0.1";
"TRUSTED_PROXIES" = "*"; "TRUSTED_PROXIES" = "*";
}; };
labels = { labels = {
"traefik.http.routers.pterodactyl_panel.entrypoints"="web"; "traefik.http.routers.pterodactyl_panel.entrypoints"="web";
# "traefik.http.routers.pterodactyl_panel.rule"="Host(`${ptero_host}`)";
# "traefik.http.routers.pterodactyl_panel.middlewares"="panel_https";
# "traefik.http.middlewares.panel_https.redirectscheme.scheme"="https";
# "traefik.http.routers.pterodactyl_panel-https.entrypoints"="websecure";
# "traefik.http.routers.pterodactyl_panel-https.rule"="Host(`${ptero_host}`)";
# "traefik.http.routers.pterodactyl_panel-https.tls"="true";
# "traefik.http.routers.pterodactyl_panel-https.tls.certresolver"="letsencrypt";
# "traefik.http.services.pterodactyl_panel-https.loadbalancer.server.port"="80";
}; };
ports = [
"${ptero_port}:80"
];
}; };
security.acme.certs."${root_host}".extraDomainNames = [ ptero_host ]; security.acme.certs."${root_host}".extraDomainNames = [ ptero_host ];