Updated the network generation. Made it robust.
This commit is contained in:
Raphaël Numbus
@@ -383,27 +383,54 @@ services_generation() {
|
||||
export "${SERVICE_UPPER}_DB_PASSWORD"="$(xkcdpass -d "-")"
|
||||
}
|
||||
|
||||
generate_network() {
|
||||
local SERVICE="${1}"
|
||||
local HAS_BACKEND=${2:-0}
|
||||
local NETWORK_NAME_OVERRIDE="${3:-}"
|
||||
|
||||
if [[ -z "${NETWORK_NAME_OVERRIDE}" ]]; then
|
||||
((NETWORK_ID++))
|
||||
PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${SERVICE}_frontend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${SERVICE}_frontend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" ${SERVICE}_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${NETWORK_ID}.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" ${SERVICE}_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
if [[ ${HAS_BACKEND} -eq 1 ]]; then
|
||||
((NETWORK_ID++))
|
||||
PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${SERVICE}_backend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${SERVICE}_backend\""$'\n'
|
||||
SERVICES_NETWORK_IDS+=("$(( ${NETWORK_ID} - 1 )),${NETWORK_ID}:${SERVICE}")
|
||||
else
|
||||
SERVICES_NETWORK_IDS+=("${NETWORK_ID}:${SERVICE}")
|
||||
fi
|
||||
else
|
||||
PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${NETWORK_NAME_OVERRIDE}\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${NETWORK_NAME_OVERRIDE}\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" ${NETWORK_NAME_OVERRIDE}:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${NETWORK_ID}.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" ${NETWORK_NAME_OVERRIDE}:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
SERVICES_NETWORK_IDS+=("${NETWORK_ID}:${SERVICE}")
|
||||
fi
|
||||
|
||||
export NETWORK_ID
|
||||
export PODMAN_NETWORKS
|
||||
export TRAEFIK_NETWORKS
|
||||
export TRAEFIK_REF_NETWORKS
|
||||
export SERVICES_NETWORK_IDS
|
||||
}
|
||||
|
||||
NETWORK_ID=0
|
||||
|
||||
echo -e "\n ✅ Writing configuration files for the selected homelab services..."
|
||||
cp -${FILES_COPY_FLAGS} templates/nix-config/configuration.nix final-nix-config/etc/nixos/configuration.nix
|
||||
cp -${FILES_COPY_FLAGS} templates/nix-config/podman/traefik.nix final-nix-config/etc/nixos/podman/traefik.nix
|
||||
envsubst < templates/podman-config/traefik/traefik.yaml > final-nix-config/mnt/config/traefik/traefik.yaml
|
||||
|
||||
j=1
|
||||
for service in "${SELECTED_SERVICES[@]}"; do
|
||||
[[ "${service}" == "frigate" ]] && continue
|
||||
# Copy podman container file
|
||||
[[ "${service}" != "virtualization" ]] && cp -${FILES_COPY_FLAGS} templates/nix-config/podman/"${service}".nix final-nix-config/etc/nixos/podman/"${service}".nix
|
||||
SERVICES_NETWORK_IDS+=("${j},$(( ${j} + 1 )):${service}")
|
||||
PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${service}_frontend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${j}.0/24\" --ip-range=\"172.16.${j}.0/24\" --gateway=\"172.16.${j}.254\" \"${service}_frontend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" ${service}_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${j}.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" ${service}_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
((j++))
|
||||
PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${service}_backend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${j}.0/24\" --ip-range=\"172.16.${j}.0/24\" --gateway=\"172.16.${j}.254\" \"${service}_backend\""$'\n'
|
||||
((j++))
|
||||
done
|
||||
|
||||
for service in "${SELECTED_SERVICES[@]}"; do
|
||||
# Frigate config
|
||||
if [[ "${service}" == "frigate" ]]; then
|
||||
local FRIGATE_DEVICES_BLOCK=""
|
||||
[[ "${TARGET_GRAPHICS_RENDERER}" == "true" ]] && FRIGATE_DEVICES_BLOCK+=" - /dev/dri:/dev/dri\n"
|
||||
@@ -418,10 +445,14 @@ j=1
|
||||
sed -i "s|# --- frigate devices --- #|$REPLACEMENT|" final-nix-config/etc/nixos/podman/frigate.nix
|
||||
fi
|
||||
|
||||
# Gitea config
|
||||
elif [[ "${service}" == "gitea" ]]; then
|
||||
generate_network "${service}" 1
|
||||
generate_db_creds "GITEA"
|
||||
|
||||
# Home Assistant config
|
||||
elif [[ "${service}" == "home-assistant" ]]; then
|
||||
generate_network "${service}" 1
|
||||
if [[ -n "${TARGET_ZIGBEE_DEVICE}" ]]; then
|
||||
local REPLACEMENT="devices:\n - /dev/serial/by-id/${TARGET_ZIGBEE_DEVICE}:/dev/ttyUSB0"
|
||||
sed -i "s|# --- home-assistant devices --- #|$REPLACEMENT|" final-nix-config/etc/nixos/podman/home-assistant.nix
|
||||
@@ -434,7 +465,10 @@ j=1
|
||||
chmod 0700 final-nix-config/mnt/config/mqtt/password.txt
|
||||
mosquitto_passwd -b final-nix-config/mnt/config/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD"
|
||||
|
||||
# Immich config
|
||||
elif [[ "${service}" == "immich" ]]; then
|
||||
generate_network "${service}" 1
|
||||
generate_db_creds "IMMICH"
|
||||
local IMMICH_DEVICES_BLOCK=""
|
||||
if [[ "$TARGET_GRAPHICS_RENDERER" == "true" ]]; then
|
||||
IMMICH_DEVICES_BLOCK+=" - /dev/dri:/dev/dri\n"
|
||||
@@ -443,24 +477,33 @@ j=1
|
||||
local REPLACEMENT="devices:\n${IMMICH_DEVICES_BLOCK%\\n}"
|
||||
sed -i "s|# --- immich devices --- #|$REPLACEMENT|" final-nix-config/etc/nixos/podman/immich.nix
|
||||
fi
|
||||
generate_db_creds "IMMICH"
|
||||
|
||||
# Nextcloud config
|
||||
elif [[ "${service}" == "nextcloud" ]]; then
|
||||
generate_network "${service}" 0 "nextcloud-aio"
|
||||
envsubst < templates/podman-config/traefik/nextcloud.yaml > final-nix-config/mnt/config/traefik/rules/nextcloud.yaml
|
||||
|
||||
# Passbolt config
|
||||
elif [[ "${service}" == "passbolt" ]]; then
|
||||
generate_network "${service}" 1
|
||||
generate_db_creds "PASSBOLT"
|
||||
envsubst < templates/podman-config/traefik/headers.yaml > final-nix-config/mnt/config/traefik/rules/headers.yaml
|
||||
envsubst < templates/podman-config/traefik/tls.yaml > final-nix-config/mnt/config/traefik/rules/tls.yaml
|
||||
|
||||
# Pi-Hole config
|
||||
elif [[ "${service}" == "pi-hole" ]]; then
|
||||
generate_network "${service}" 0
|
||||
export FTLCONF_WEBSERVER_PASSWORD="$(xkcdpass -d "-")"
|
||||
|
||||
# Virtualization config
|
||||
elif [[ "${service}" == "virtualization" ]]; then
|
||||
sed -i "s|# virtualisation.libvirtd.enable = true;| virtualisation.libvirtd.enable = true;|" final-nix-config/etc/nixos/configuration.nix
|
||||
sed -i "s|# programs.virt-manager.enable = true;| programs.virt-manager.enable = true;|" final-nix-config/etc/nixos/configuration.nix
|
||||
sed -i 's|extraGroups = \[ "wheel" \];|extraGroups = [ "wheel" "libvirtd" ];|' final-nix-config/etc/nixos/configuration.nix
|
||||
|
||||
# Other podman containers with no special configuration
|
||||
else
|
||||
generate_network "${service}" 0
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
Reference in New Issue
Block a user