public
/
mastodon-container
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Okay, make networks a thing...

This commit is contained in:
niten 2023-09-03 11:51:29 -07:00
parent 9a0a2be3a1
commit 4f6c240f42
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
mastodon-container.nix
View File

@ -265,6 +265,10 @@ in {
mkUserMap = uid: "${toString uid}:${toString uid}"; mkUserMap = uid: "${toString uid}:${toString uid}";
image = { pkgs, ... }: { image = { pkgs, ... }: {
project.name = "mastodon"; project.name = "mastodon";
networks = {
internal_network.internal = true;
external_network.internal = false;
};
services = { services = {
proxy.service = { proxy.service = {
image = cfg.images.nginx; image = cfg.images.nginx;
@ -272,6 +276,7 @@ in {
ports = [ "${toString cfg.port}:3000" ]; ports = [ "${toString cfg.port}:3000" ];
volumes = [ "${proxyConf}:/etc/nginx/nginx.conf:ro,Z" ]; volumes = [ "${proxyConf}:/etc/nginx/nginx.conf:ro,Z" ];
depends_on = [ "web" "streaming" ]; depends_on = [ "web" "streaming" ];
networks = [ "external_network" "internal_network" ];
}; };
postgres.service = { postgres.service = {
image = cfg.images.postgres; image = cfg.images.postgres;
@ -285,6 +290,7 @@ in {
hostSecrets.mastodonCommonEnv.target-file hostSecrets.mastodonCommonEnv.target-file
hostSecrets.mastodonPostgresEnv.target-file hostSecrets.mastodonPostgresEnv.target-file
]; ];
networks = [ "internal_network" ];
}; };
redis.service = { redis.service = {
image = cfg.images.redis; image = cfg.images.redis;
@ -293,6 +299,7 @@ in {
healthcheck.test = [ "CMD" "redis-cli" "ping" ]; healthcheck.test = [ "CMD" "redis-cli" "ping" ];
user = mkUserMap cfg.uids.redis; user = mkUserMap cfg.uids.redis;
env_file = [ hostSecrets.mastodonCommonEnv.target-file ]; env_file = [ hostSecrets.mastodonCommonEnv.target-file ];
networks = [ "internal_network" ];
}; };
web.service = { web.service = {
image = cfg.images.mastodon; image = cfg.images.mastodon;
@ -313,6 +320,7 @@ in {
hostSecrets.mastodonCommonEnv.target-file hostSecrets.mastodonCommonEnv.target-file
hostSecrets.mastodonEnv.target-file hostSecrets.mastodonEnv.target-file
]; ];
networks = [ "internal_network" ];
}; };
streaming.service = { streaming.service = {
image = cfg.images.mastodon; image = cfg.images.mastodon;
@ -324,11 +332,11 @@ in {
"wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1" "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"
]; ];
depends_on = [ "postgres" "redis" ]; depends_on = [ "postgres" "redis" ];
networks = [ "internal_network" ];
env_file = [ env_file = [
hostSecrets.mastodonCommonEnv.target-file hostSecrets.mastodonCommonEnv.target-file
hostSecrets.mastodonEnv.target-file hostSecrets.mastodonEnv.target-file
]; ];
networks = [ "internal_network" ];
}; };
sidekiq.service = { sidekiq.service = {
image = cfg.images.mastodon; image = cfg.images.mastodon;
@ -339,12 +347,12 @@ in {
healthcheck.test = healthcheck.test =
[ "CMD-SHELL" "ps aux | grep '[s]idekiq 6' || false" ]; [ "CMD-SHELL" "ps aux | grep '[s]idekiq 6' || false" ];
depends_on = [ "postgres" "redis" ]; depends_on = [ "postgres" "redis" ];
networks = [ "internal_network" "external_network" ];
user = mkUserMap cfg.uids.mastodon; user = mkUserMap cfg.uids.mastodon;
env_file = [ env_file = [
hostSecrets.mastodonCommonEnv.target-file hostSecrets.mastodonCommonEnv.target-file
hostSecrets.mastodonEnv.target-file hostSecrets.mastodonEnv.target-file
]; ];
networks = [ "internal_network" ];
}; };
}; };
}; };