Static network IP subnet assignments
This commit is contained in:
Raphaël Numbus
@@ -390,30 +390,9 @@ services_generation() {
|
||||
cp -avu templates/nix-config/configuration.nix final-nix-config/etc/nixos/configuration.nix
|
||||
envsubst < templates/podman-config/traefik/traefik.yaml > final-nix-config/mnt/config/traefik/traefik.yaml
|
||||
|
||||
local j=0
|
||||
|
||||
for service in "${SELECTED_SERVICES[@]}"; do
|
||||
if [[ "${service}" != "virtualization" ]]; then
|
||||
if [[ "${service}" == "nextcloud" ]]; then
|
||||
j=$((j + 1))
|
||||
cp templates/nix-config/podman/${service}.nix final-nix-config/etc/nixos/podman/${service}.nix
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"nextcloud-aio\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.${j}0.0/24\" --ip-range=\"172.16.${j}0.0/24\" --gateway=\"172.16.${j}0.254\" \"nextcloud-aio\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" nextcloud-aio:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${j}0.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" nextcloud-aio:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
elif [[ "${service}" == "frigate" ]]; then
|
||||
cp templates/nix-config/podman/${service}.nix final-nix-config/etc/nixos/podman/${service}.nix
|
||||
else
|
||||
j=$((j + 1))
|
||||
cp templates/nix-config/podman/${service}.nix final-nix-config/etc/nixos/podman/${service}.nix
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"${service}_backend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.${j}.0/24\" --ip-range=\"172.16.${j}.0/24\" --gateway=\"172.16.${j}.254\" \"${service}_backend\""$'\n'
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"${service}_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.${j}0.0/24\" --ip-range=\"172.16.${j}0.0/24\" --gateway=\"172.16.${j}0.254\" \"${service}_frontend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" ${service}_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${j}0.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" ${service}_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "${service}" == "frigate" ]]; then
|
||||
local FRIGATE_DEVICES_BLOCK=""
|
||||
[[ "${TARGET_GRAPHICS_RENDERER}" == "true" ]] && FRIGATE_DEVICES_BLOCK+=" - /dev/dri:/dev/dri\n"
|
||||
@@ -427,8 +406,16 @@ services_generation() {
|
||||
local REPLACEMENT="devices:\n${FRIGATE_DEVICES_BLOCK%\\n}"
|
||||
sed -i "s|# --- frigate devices --- #|$REPLACEMENT|" final-nix-config/etc/nixos/podman/frigate.nix
|
||||
fi
|
||||
|
||||
elif [[ "${service}" == "gitea" ]]; then
|
||||
generate_db_creds "GITEA"
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"gitea_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.10.0/24\" --ip-range=\"172.16.10.0/24\" --gateway=\"172.16.10.254\" \"gitea_frontend\""$'\n'
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"gitea_backend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.1.0/24\" --ip-range=\"172.16.1.0/24\" --gateway=\"172.16.1.254\" \"gitea_backend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" gitea_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.10.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" gitea_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "home-assistant" ]]; then
|
||||
if [[ -n "${TARGET_ZIGBEE_DEVICE}" ]]; then
|
||||
local REPLACEMENT="devices:\n - /dev/serial/by-id/${TARGET_ZIGBEE_DEVICE}:/dev/ttyUSB0"
|
||||
@@ -441,6 +428,13 @@ services_generation() {
|
||||
touch final-nix-config/mnt/config/mqtt/password.txt
|
||||
chmod 0700 final-nix-config/mnt/config/mqtt/password.txt
|
||||
mosquitto_passwd -b final-nix-config/mnt/config/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD"
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"home-assistant_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.20.0/24\" --ip-range=\"172.16.20.0/24\" --gateway=\"172.16.20.254\" \"home-assistant_frontend\""$'\n'
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"home-assistant_backend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.2.0/24\" --ip-range=\"172.16.2.0/24\" --gateway=\"172.16.2.254\" \"home-assistant_backend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" home-assistant_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.20.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" home-assistant_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "immich" ]]; then
|
||||
local IMMICH_DEVICES_BLOCK=""
|
||||
if [[ "$TARGET_GRAPHICS_RENDERER" == "true" ]]; then
|
||||
@@ -451,19 +445,53 @@ services_generation() {
|
||||
sed -i "s|# --- immich devices --- #|$REPLACEMENT|" final-nix-config/etc/nixos/podman/immich.nix
|
||||
fi
|
||||
generate_db_creds "IMMICH"
|
||||
# elif [[ "${service}" == "it-tools" ]]; then
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"immich_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.30.0/24\" --ip-range=\"172.16.30.0/24\" --gateway=\"172.16.30.254\" \"immich_frontend\""$'\n'
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"immich_backend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.3.0/24\" --ip-range=\"172.16.3.0/24\" --gateway=\"172.16.3.254\" \"immich_backend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" immich_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.30.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" immich_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "it-tools" ]]; then
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"it-tools_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.40.0/24\" --ip-range=\"172.16.40.0/24\" --gateway=\"172.16.40.254\" \"it-tools_frontend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" it-tools_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.40.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" it-tools_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "nextcloud" ]]; then
|
||||
envsubst < templates/podman-config/traefik/nextcloud.yaml > final-nix-config/mnt/config/traefik/rules/nextcloud.yaml
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"nextcloud-aio\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.50.0/24\" --ip-range=\"172.16.50.0/24\" --gateway=\"172.16.50.254\" \"nextcloud-aio\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" nextcloud-aio:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.50.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" nextcloud-aio:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "passbolt" ]]; then
|
||||
generate_db_creds "PASSBOLT"
|
||||
envsubst < templates/podman-config/traefik/headers.yaml > final-nix-config/mnt/config/traefik/rules/headers.yaml
|
||||
envsubst < templates/podman-config/traefik/tls.yaml > final-nix-config/mnt/config/traefik/rules/tls.yaml
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"passbolt_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.60.0/24\" --ip-range=\"172.16.60.0/24\" --gateway=\"172.16.60.254\" \"passbolt_frontend\""$'\n'
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"passbolt_backend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.6.0/24\" --ip-range=\"172.16.6.0/24\" --gateway=\"172.16.6.254\" \"passbolt_backend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" passbolt_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.60.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" passbolt_frontend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "pi-hole" ]]; then
|
||||
export FTLCONF_WEBSERVER_PASSWORD="$(xkcdpass -d "-")"
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"pi-hole_frontend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.70.0/24\" --ip-range=\"172.16.70.0/24\" --gateway=\"172.16.70.254\" \"pi-hole_frontend\""$'\n'
|
||||
PODMAN_NETWORKS+=" \${pkgs.podman}/bin/podman network exists \"pi-hole_backend\" || \${pkgs.podman}/bin/podman network create --driver=\"bridge\" --subnet=\"172.16.7.0/24\" --ip-range=\"172.16.7.0/24\" --gateway=\"172.16.7.254\" \"pi-hole_backend\""$'\n'
|
||||
TRAEFIK_NETWORKS+=" pi-hole_frontend:"$'\n'
|
||||
TRAEFIK_NETWORKS+=" ipv4_address: 172.16.70.253"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" pi-hole_backend:"$'\n'
|
||||
TRAEFIK_REF_NETWORKS+=" external: true"$'\n'
|
||||
|
||||
elif [[ "${service}" == "virtualization" ]]; then
|
||||
sed -i "s|# virtualisation.libvirtd.enable = true;| virtualisation.libvirtd.enable = true;|" final-nix-config/etc/nixos/configuration.nix
|
||||
sed -i "s|# programs.virt-manager.enable = true;| programs.virt-manager.enable = true;|" final-nix-config/etc/nixos/configuration.nix
|
||||
sed -i 's|extraGroups = \[ "wheel" \];|extraGroups = [ "wheel" "libvirtd" ];|' final-nix-config/etc/nixos/configuration.nix
|
||||
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
Reference in New Issue
Block a user