diff --git a/flake.nix b/flake.nix index 8fac49b..fae674e 100644 --- a/flake.nix +++ b/flake.nix @@ -1,12 +1,17 @@ { description = "Lemmy via Docker Compose on NixOS"; - inputs = { nixpkgs.url = "nixpkgs/nixos-23.05"; }; + inputs = { + nixpkgs.url = "nixpkgs/nixos-23.05"; + arion.url = "github:hercules-ci/arion"; + }; - outputs = { self, nixpkgs, ... }: { + outputs = { self, nixpkgs, arion, ... }: { nixosModules = rec { default = lemmyDocker; - lemmyDocker = import ./lemmy-docker.nix; + lemmyDocker = { ... }: { + imports = [ arion.nixosModules.arion ./lemmy-docker.nix ]; + }; }; }; } diff --git a/lemmy-docker.nix b/lemmy-docker.nix index 554bf72..97d0b49 100644 --- a/lemmy-docker.nix +++ b/lemmy-docker.nix @@ -1,5 +1,3 @@ -arion: - { config, lib, pkgs, ... }@toplevel: with lib; @@ -8,72 +6,54 @@ let hostSecrets = config.fudo.secrets.host-secrets."${config.instance.hostname}"; - lemmyImage = { hostname, port, lemmyCfgFile, nginxCfgFile, postgresCfgFile - , lemmyDockerImage, lemmyUiDockerImage, pictrsDockerImage - , postgresDockerImage, stateDirectory, ... }: + makeEnvFile = envVars: + let envLines = mapAttrsToList (var: val: ''${val}="${val}"'') envVars; + in pkgs.writeText "envFile" (concatStringsSep "\n" envLines); + + makeLemmyImage = { port, stateDirectory, proxyCfg, lemmyCfg, lemmyUiCfg + , pictrsCfg, postgresCfg, ... }: { pkgs, ... }: { project.name = "lemmy"; services = { proxy = { service = { - image = "nginx:1-alpine"; + image = proxyCfg.image; ports = [ "${port}:8536" ]; - volumes = [ "${nginxCfgFile}:/etc/nginx/nginx.conf:ro,Z" ]; + volumes = [ "${proxyCfg.configFile}:/etc/nginx/nginx.conf:ro,Z" ]; depends_on = [ "pictrs" "lemmy-ui" ]; }; }; lemmy = { service = { - image = lemmyDockerImage; + image = lemmyCfg.image; hostname = "lemmy"; - environment.RUST_LOG = "warn"; - volumes = [ "${lemmyCfgFile}:/config/config.hjson:ro,Z" ]; + env_file = lemmyCfg.envFile; + volumes = [ "${lemmyCfg.configFile}:/config/config.hjson:ro,Z" ]; depends_on = [ "postgres" "pictrs" ]; }; }; lemmy-ui = { service = { - image = lemmyUiDockerImage; + image = lemmyUiCfg.image; hostname = "lemmy-ui"; - environment = { - LEMMY_UI_LEMMY_INTERNAL_HOST = "lemmy:8536"; - LEMMY_UI_LEMMY_EXTERNAL_HOST = hostname; - LEMMY_UI_HTTPS = true; - }; depends_on = [ "lemmy" ]; }; }; pictrs = { service = { - image = pictrsDockerImage; + image = pictrsCfg.image; hostname = "pictrs"; - environment = { - PICTRS_OPENTELEMETRY_URL = "http://otel:4137"; - PICTRS__API_KEY = "pictrsApiKey"; - RUST_LOG = "debug"; - RUST_BACKTRACE = "full"; - PICTRS__MEDIA__VIDEO_CODEC = "vp9"; - PICTRS__MEDIA__GIF__MAX_WIDTH = "256"; - PICTRS__MEDIA__GIF__MAX_HEIGHT = "256"; - PICTRS__MEDIA__GIF__MAX_AREA = "65536"; - PICTRS__MEDIA__GIF__MAX_FRAME_COUNT = "400"; - }; volumes = [ "${stateDirectory}/pictrs:/mnt:Z" ]; service.user = "991:991"; }; }; postgres = { service = { - image = postgresDockerImage; + image = postgresCfg.image; hostname = "postgres"; - environment = { - POSTGRES_USER = "lemmy"; - POSTGRES_PASSWORD = postgresPassword; - POSTGRES_DB = "lemmy"; - }; volumes = [ "${stateDirectory}/postgres:/var/lib/postgresql/data:Z" - "${postgresCfg}:/etc/postgresql.conf" + "${postgresCfg.configFile}:/etc/postgresql.conf" ]; }; }; @@ -162,7 +142,7 @@ let }; }); - postgresCfg = pkgs.writeText "lemmy-postgres.conf" '' + postgresCfgFile = pkgs.writeText "lemmy-postgres.conf" '' # DB Version: 15 # OS Type: linux # DB Type: web @@ -315,8 +295,6 @@ in { }; }; - imports = [ arion.nixosModule.arion ]; - config = mkIf cfg.enable (let postgresPasswd = readFile (pkgs.lib.passwd.random-passwd-file "lemmy-postgres-passwd" 30); @@ -324,55 +302,68 @@ in { readFile (pkgs.lib.passwd.random-passwd-file "lemmy-pictrs-api-key" 30); in { fudo.secrets.host-secrets."${config.instance.hostname}" = { - lemmyDockerEnv = { - source-file = pkgs.writeText "lemmy-docker-env" '' - PICTRS__API_KEY=\"${pictrsApiKey}\" - POSTGRES_PASSWORD=\"${postgresPasswd}\" - ''; - target-file = "/run/lemmy-docker/env"; + lemmyPictrsEnv = { + source-file = makeEnvFile { + PICTRS_OPENTELEMETRY_URL = "http://otel:4137"; + PICTRS__MEDIA__VIDEO_CODEC = "vp9"; + PICTRS__MEDIA__GIF__MAX_WIDTH = "256"; + PICTRS__MEDIA__GIF__MAX_HEIGHT = "256"; + PICTRS__MEDIA__GIF__MAX_AREA = "65536"; + PICTRS__MEDIA__GIF__MAX_FRAME_COUNT = "400"; + PICTRS__API_KEY = pictrsApiKey; + RUST_LOG = "debug"; + }; + target-file = "/run/lemmy/pictrs.env"; + }; + lemmyPostgresEnv = { + source-file = makeEnvFile { + POSTGRES_USER = "lemmy"; + POSTGRES_PASSWORD = postgresPasswd; + POSTGRES_DB = "lemmy"; + }; + target-file = "/run/lemmy/postgres.env"; }; }; virtualisation = { arion = { backend = "podman-socket"; - projects.lemmy.settings = { - - }; - }; - - oci-containers.containers.lemmy = { - # Not sure what the image should be... - image = "lemmy/lemmy"; - imageFile = let - image = lemmyDockerImage { - inherit (cfg) hostname port; - lemmyDockerImage = cfg.docker-images.lemmy; - lemmyUiDockerImage = cfg.docker-images.lemmy-ui; - pictrsDockerImage = cfg.docker-images.pictrs; - postgresDockerImage = cfg.docker-images.postgres; + projects.lemmy.settings = let + lemmyImage = makeLemmyImage { + port = cfg.port; stateDirectory = cfg.state-directory; - smtpServer = cfg.smtp-server; - inherit postgresPasswd pictrsApiKey nginxCfgFile postgresCfg; + proxyCfg = { + image = "nginx:1-alpine"; + configFile = nginxCfgFile; + }; + lemmyCfg = { + image = cfg.docker-images.lemmy; + configFile = makeLemmyImage { + inherit (cfg) hostname; + inherit postgresPasswd pictrsApiKey; + smtpServer = cfg.smtp-server; + }; + envFile = makeEnvFile { RUST_LOG = "warn"; }; + }; + lemmyUiCfg = { + image = cfg.docker-images.lemmy-ui; + envFile = mkEnvFile { + LEMMY_UI_LEMMY_INTERNAL_HOST = "lemmy:8536"; + LEMMY_UI_LEMMY_EXTERNAL_HOST = cfg.hostname; + LEMMY_UI_HTTPS = true; + }; + }; + pictrsCfg = { + image = cfg.docker-images.pictrs; + envFile = host-secrets.lemmy-pictrs-env-file.target-file; + }; + postgresCfg = { + image = cfg.docker-images.postgres; + envFile = hostSecrets.lemmy-postgres-env-file.target-file; + configFile = postgresCfgFile; + }; }; - in "${image}"; - autoStart = true; - environment = { - LEMMY_UI_LEMMY_INTERNAL_HOST = "lemmy:8536"; - LEMMY_UI_LEMMY_EXTERNAL_HOST = cfg.hostname; - LEMMY_UI_HTTPS = "false"; - PICTRS_OPENTELEMETRY_URL = "http://otel:4137"; - RUST_LOG = "debug"; - RUST_BACKTRACE = "full"; - PICTRS__MEDIA__VIDEO_CODEC = "vp9"; - PICTRS__MEDIA__GIF__MAX_WIDTH = "256"; - PICTRS__MEDIA__GIF__MAX_HEIGHT = "256"; - PICTRS__MEDIA__GIF__MAX_AREA = "65536"; - PICTRS__MEDIA__GIF__MAX_FRAME_COUNT = "400"; - POSTGRES_USER = "lemmy"; - POSTGRES_DB = "lemmy"; - }; - environmentFiles = [ hostSecrets.lemmyDockerEnv.target-file ]; + in { imports = [ lemmyImage ]; }; }; };