numbus/numbus-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Get podman containers as services working. Added verbosity for the postrun_action to debug

Browse Source
This commit is contained in:
Raphaël Numbus
2026-01-09 15:57:29 +01:00
parent 92fa21df1f
commit 491c56909e
10 changed files with 30 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy.sh
+3 -2
View File
@@ -736,6 +736,7 @@ postrun_action() {
while FOUND="false"; do while FOUND="false"; do
if ping -c1 -W1 $HOME_SERVER_IP >/dev/null 2>&1; then if ping -c1 -W1 $HOME_SERVER_IP >/dev/null 2>&1; then
FOUND="true" FOUND="true"
echo -e "\n✅ Ping ${HOME_SERVER_IP} successful ! Continuing..."
else else
(i++) (i++)
if [[ "\${i}" -gt 150 ]]; then if [[ "\${i}" -gt 150 ]]; then
@@ -747,8 +748,7 @@ postrun_action() {
done done
ssh_to_host 'bash -s' << EOF ssh_to_host 'bash -s' << EOF
sed -i "s|# ./disks/pcr-check.nix| ./disks/pcr-check.nix|" /etc/nixos/configuration.nix echo "Enrolling boot disk key to TPM..."
if [[ ${#BOOT_DISKS_ID[@]} -eq 1 ]]; then if [[ ${#BOOT_DISKS_ID[@]} -eq 1 ]]; then
echo $REMOTE_PASS | sudo -S systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --unlock-key-file=/etc/secrets/disks/boot-1 /dev/${BOOT_DISKS_1_NAME} echo $REMOTE_PASS | sudo -S systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --unlock-key-file=/etc/secrets/disks/boot-1 /dev/${BOOT_DISKS_1_NAME}
elif [[ ${#BOOT_DISKS_ID[@]} -eq 2 ]]; then elif [[ ${#BOOT_DISKS_ID[@]} -eq 2 ]]; then
@@ -756,6 +756,7 @@ elif [[ ${#BOOT_DISKS_ID[@]} -eq 2 ]]; then
echo $REMOTE_PASS | sudo -S systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --unlock-key-file=/etc/secrets/disks/boot-2 /dev/${BOOT_DISKS_2_NAME} echo $REMOTE_PASS | sudo -S systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --unlock-key-file=/etc/secrets/disks/boot-2 /dev/${BOOT_DISKS_2_NAME}
fi fi
echo "Getting PCRS 15 hash..."
PCR_HASH=\$(echo $REMOTE_PASS | sudo -S systemd-analyze pcrs 15 --json=short) PCR_HASH=\$(echo $REMOTE_PASS | sudo -S systemd-analyze pcrs 15 --json=short)
sed -i "s|# systemIdentity.enable = true;| systemIdentity.enable = true;|" /etc/nixos/configuration.nix sed -i "s|# systemIdentity.enable = true;| systemIdentity.enable = true;|" /etc/nixos/configuration.nix
templates/nix-config/podman/frigate.nix
+3 -1
View File
@@ -55,8 +55,10 @@ in
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/gitea.nix
+3 -1
View File
@@ -68,8 +68,10 @@ in
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/home-assistant.nix
+3 -1
View File
@@ -54,8 +54,10 @@ in
''; '';
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/immich.nix
+3 -1
View File
@@ -91,8 +91,10 @@ in
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/it-tools.nix
+3 -1
View File
@@ -34,8 +34,10 @@ in
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/nextcloud.nix
+3 -1
View File
@@ -57,8 +57,10 @@ in
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/passbolt.nix
+3 -1
View File
@@ -86,8 +86,10 @@ in
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/pi-hole.nix
+3 -1
View File
@@ -62,8 +62,10 @@ in
''; '';
systemd.services.${container_name} = { systemd.services.${container_name} = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "traefik.service" ]; after = [ "network.target" ];
requires = [ "traefik.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";
templates/nix-config/podman/traefik.nix
+3 -1
View File
@@ -44,8 +44,10 @@ TRAEFIK_REF_NETWORKS
systemd.services.traefik = { systemd.services.traefik = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "numbus-activation-networked.service" "numbus-activation-chowned.service" ]; after = [ "network.target" ];
requires = [ "numbus-activation-networked.service" "numbus-activation-chowned.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.podman ];
serviceConfig = { serviceConfig = {
User = "numbus-admin"; User = "numbus-admin";