diff --git a/deploy.sh b/deploy.sh index 0b7d7b7..cb742be 100644 --- a/deploy.sh +++ b/deploy.sh @@ -251,7 +251,7 @@ services_selection() { local AVAILABLE_SERVICES=( "frigate" "gitea" "home-assistant" "immich" "it-tools" \ "nextcloud" "passbolt" "pi-hole" "virtualization" ) - local SERVICES_DESCRIPTION=( "Pi-Hole : Block ads on all your devices" \ + local SERVICES_DESCRIPTION=( "Pi-Hole [Always included] : Block ads on all your devices" \ "Immich : Pictures and videos backup with local machine-learning" \ "Nextcloud : No fuss Office 365 replacement" \ "Passbolt: Security-first password manager with collaboration features" \ @@ -443,7 +443,10 @@ services_generation() { echo -e "\n ✅ Writing configuration files for the selected homelab services..." cp -${FILES_COPY_FLAGS} templates/nix-config/configuration.nix final-nix-config/etc/nixos/configuration.nix cp -${FILES_COPY_FLAGS} templates/nix-config/podman/traefik.nix final-nix-config/etc/nixos/podman/traefik.nix + cp -${FILES_COPY_FLAGS} templates/nix-config/podman/pi-hole.nix final-nix-config/etc/nixos/podman/pi-hole.nix envsubst < templates/podman-config/traefik/traefik.yaml > final-nix-config/mnt/config/traefik/traefik.yaml + generate_network "${service}" "0" + export FTLCONF_WEBSERVER_PASSWORD="$(xkcdpass -d "-")" for service in "${SELECTED_SERVICES[@]}"; do # Copy podman container file @@ -511,11 +514,6 @@ services_generation() { envsubst < templates/podman-config/traefik/headers.yaml > final-nix-config/mnt/config/traefik/rules/headers.yaml envsubst < templates/podman-config/traefik/tls.yaml > final-nix-config/mnt/config/traefik/rules/tls.yaml - # Pi-Hole config - elif [[ "${service}" == "pi-hole" ]]; then - generate_network "${service}" "0" - export FTLCONF_WEBSERVER_PASSWORD="$(xkcdpass -d "-")" - # Virtualization config elif [[ "${service}" == "virtualization" ]]; then sed -i "s|# virtualisation.libvirtd.enable = true;| virtualisation.libvirtd.enable = true;|" final-nix-config/etc/nixos/configuration.nix diff --git a/templates/nix-config/configuration.nix b/templates/nix-config/configuration.nix index 6668019..70f9cad 100644 --- a/templates/nix-config/configuration.nix +++ b/templates/nix-config/configuration.nix @@ -132,9 +132,6 @@ # Enable Podman virtualisation.podman.enable = true; virtualisation.podman.defaultNetwork.settings.dns_enabled = true; - virtualisation.containers.containersConf.settings = { - network.default_rootless_network_cmd = "pasta"; - }; # Enable libvirt # virtualisation.libvirtd.enable = true; diff --git a/templates/nix-config/misc/networking.nix b/templates/nix-config/misc/networking.nix index d43c090..e1558c5 100644 --- a/templates/nix-config/misc/networking.nix +++ b/templates/nix-config/misc/networking.nix @@ -26,7 +26,9 @@ }; # Open ports in the firewall - networking.firewall.allowPing = true; - networking.firewall.allowedTCPPorts = [ 53 80 443 ]; - networking.firewall.allowedUDPPorts = [ 53 443 ]; + networking.firewall = { + allowPing = true; + allowedTCPPorts = [ 53 80 443 ]; + allowedUDPPorts = [ 53 443 ]; + }; } \ No newline at end of file diff --git a/templates/nix-config/podman/nextcloud.nix b/templates/nix-config/podman/nextcloud.nix index 101ee2c..9d6139b 100644 --- a/templates/nix-config/podman/nextcloud.nix +++ b/templates/nix-config/podman/nextcloud.nix @@ -23,6 +23,7 @@ in nextcloud_backend: volumes: - nextcloud_data:/var/www/html + - ${data_dir}:/var/www/html/data environment: MYSQL_HOST: nextcloud-database MYSQL_DATABASE: $MYSQL_DATABASE @@ -31,7 +32,6 @@ in REDIS_HOST: nextcloud-redis REDIS_HOST_PASSWORD: $REDIS_HOST_PASSWORD NEXTCLOUD_TRUSTED_DOMAINS: $DOMAIN_NAME - NEXTCLOUD_DATA_DIR: ${data_dir} SMTP_HOST: $SMTP_HOST SMTP_SECURE: tls SMTP_PORT: $SMTP_PORT