Misc updates

deploy.sh

@@ -404,24 +404,24 @@ services_generation() {
 
     if [[ -z "${NETWORK_NAME_OVERRIDE}" ]]; then
       NETWORK_ID=$((NETWORK_ID + 1))
-      PODMAN_NETWORKS+="      sudo -u numbus-admin podman network exists \"${SERVICE}_frontend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${SERVICE}_frontend\""$'\n'
+      PODMAN_NETWORKS+="      sudo -u numbus-admin podman network exists \"${SERVICE}_frontend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"10.89.${NETWORK_ID}.0/24\" --ip-range=\"10.89.${NETWORK_ID}.0/24\" --gateway=\"10.89.${NETWORK_ID}.254\" \"${SERVICE}_frontend\""$'\n'
       TRAEFIK_NETWORKS+="              ${SERVICE}_frontend:"$'\n'
-      TRAEFIK_NETWORKS+="                ipv4_address: 172.16.${NETWORK_ID}.253"$'\n'
+      TRAEFIK_NETWORKS+="                ipv4_address: 10.89.${NETWORK_ID}.253"$'\n'
       TRAEFIK_REF_NETWORKS+="          ${SERVICE}_frontend:"$'\n'
       TRAEFIK_REF_NETWORKS+="            external: true"$'\n'
 
       if [[ "${HAS_BACKEND}" == "1" ]]; then
         NETWORK_ID=$((NETWORK_ID + 1))
-        PODMAN_NETWORKS+="      sudo -u numbus-admin podman network exists \"${SERVICE}_backend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${SERVICE}_backend\""$'\n'
+        PODMAN_NETWORKS+="      sudo -u numbus-admin podman network exists \"${SERVICE}_backend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"10.89.${NETWORK_ID}.0/24\" --ip-range=\"10.89.${NETWORK_ID}.0/24\" --gateway=\"10.89.${NETWORK_ID}.254\" \"${SERVICE}_backend\""$'\n'
         SERVICES_NETWORK_IDS+=("$(( ${NETWORK_ID} - 1 )),${NETWORK_ID}:${SERVICE}")
       else
         SERVICES_NETWORK_IDS+=("${NETWORK_ID}:${SERVICE}")
       fi
     else
       NETWORK_ID=$((NETWORK_ID + 1))
-      PODMAN_NETWORKS+="      sudo -u numbus-admin podman network exists \"${NETWORK_NAME_OVERRIDE}\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${NETWORK_NAME_OVERRIDE}\""$'\n'
+      PODMAN_NETWORKS+="      sudo -u numbus-admin podman network exists \"${NETWORK_NAME_OVERRIDE}\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"10.89.${NETWORK_ID}.0/24\" --ip-range=\"10.89.${NETWORK_ID}.0/24\" --gateway=\"10.89.${NETWORK_ID}.254\" \"${NETWORK_NAME_OVERRIDE}\""$'\n'
       TRAEFIK_NETWORKS+="              ${NETWORK_NAME_OVERRIDE}:"$'\n'
-      TRAEFIK_NETWORKS+="                ipv4_address: 172.16.${NETWORK_ID}.253"$'\n'
+      TRAEFIK_NETWORKS+="                ipv4_address: 10.89.${NETWORK_ID}.253"$'\n'
       TRAEFIK_REF_NETWORKS+="          ${NETWORK_NAME_OVERRIDE}:"$'\n'
       TRAEFIK_REF_NETWORKS+="            external: true"$'\n'
       SERVICES_NETWORK_IDS+=("${NETWORK_ID}:${SERVICE}")

templates/nix-config/configuration.nix

@@ -104,6 +104,10 @@
     podman
     podman-compose
     podman-tui
+    passt
+    slirp4netns
+    netavark
+    aardvark-dns
     snapraid
     mergerfs
     mergerfs-tools
@@ -127,6 +131,9 @@
   # Enable Podman
   virtualisation.podman.enable = true;
   virtualisation.podman.defaultNetwork.settings.dns_enabled = true;
+  virtualisation.containers.containersConf.settings = {
+    network.default_rootless_network_cmd = "pasta";
+  };
 
   # Enable libvirt
 #  virtualisation.libvirtd.enable = true;

templates/nix-config/misc/activation.nix

@@ -93,7 +93,7 @@ PODMAN_NETWORKS
 
 http:
   use_x_forwarded_for: true
-  trusted_proxies: 172.16.0.0/16
+  trusted_proxies: 10.89.0.0/16
 
 zha:
 EOF

templates/nix-config/podman/gitea.nix

@@ -3,7 +3,6 @@
 let
   container_name = "gitea";
   compose_file = "podman/gitea/compose.yaml";
-  config_dir = "/mnt/config/gitea";
 in
 
 {
@@ -21,7 +20,7 @@ in
               gitea_frontend:
               gitea_backend:
             volumes:
-              - ${config_dir}:/data
+              - gitea_data:/data
               - /etc/localtime:/etc/localtime:ro
             environment:
               - USER_UID=1000
@@ -56,9 +55,13 @@ in
             networks:
               gitea_backend:
             volumes:
-              - ${config_dir}:/var/lib/postgresql/data
+              - gitea_database:/var/lib/postgresql/data
             restart: unless-stopped
 
+        volumes:
+          gitea_data:
+          gitea_database:
+
         networks:
           gitea_frontend:
             external: true

templates/nix-config/podman/pi-hole.nix

@@ -64,7 +64,7 @@ in
 
     systemd.services."${container_name}" = {
       description = "Podman container : ${container_name}";
-      after = [ "network.target" "traefik.service" "pi-hole.service" ];
+      after = [ "network.target" "traefik.service" ];
       requires = [ "traefik.service" ];
       wantedBy = [ "multi-user.target" ];
       path = [ pkgs.podman pkgs.coreutils ];

templates/podman-config/traefik/traefik.yaml

@@ -48,7 +48,6 @@ serversTransport:
 providers:
   docker:
     exposedByDefault: false
-    network: nextcloud-aio, passbolt_frontend, pihole, hass_frontend, immich_frontend, it-tools, gitrea_frontend
   file:
     directory: "/etc/traefik/conf/"
     watch: true