From d4e4010aabc556d1337c1205c477adb6f298d97a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= Date: Mon, 16 Feb 2026 10:15:51 +0100 Subject: [PATCH] Misc updates --- deploy.sh | 10 +++++----- templates/nix-config/configuration.nix | 7 +++++++ templates/nix-config/misc/activation.nix | 2 +- templates/nix-config/podman/gitea.nix | 9 ++++++--- templates/nix-config/podman/pi-hole.nix | 2 +- templates/podman-config/traefik/traefik.yaml | 1 - 6 files changed, 20 insertions(+), 11 deletions(-) diff --git a/deploy.sh b/deploy.sh index 9486987..86e18db 100644 --- a/deploy.sh +++ b/deploy.sh @@ -404,24 +404,24 @@ services_generation() { if [[ -z "${NETWORK_NAME_OVERRIDE}" ]]; then NETWORK_ID=$((NETWORK_ID + 1)) - PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${SERVICE}_frontend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${SERVICE}_frontend\""$'\n' + PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${SERVICE}_frontend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"10.89.${NETWORK_ID}.0/24\" --ip-range=\"10.89.${NETWORK_ID}.0/24\" --gateway=\"10.89.${NETWORK_ID}.254\" \"${SERVICE}_frontend\""$'\n' TRAEFIK_NETWORKS+=" ${SERVICE}_frontend:"$'\n' - TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${NETWORK_ID}.253"$'\n' + TRAEFIK_NETWORKS+=" ipv4_address: 10.89.${NETWORK_ID}.253"$'\n' TRAEFIK_REF_NETWORKS+=" ${SERVICE}_frontend:"$'\n' TRAEFIK_REF_NETWORKS+=" external: true"$'\n' if [[ "${HAS_BACKEND}" == "1" ]]; then NETWORK_ID=$((NETWORK_ID + 1)) - PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${SERVICE}_backend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${SERVICE}_backend\""$'\n' + PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${SERVICE}_backend\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"10.89.${NETWORK_ID}.0/24\" --ip-range=\"10.89.${NETWORK_ID}.0/24\" --gateway=\"10.89.${NETWORK_ID}.254\" \"${SERVICE}_backend\""$'\n' SERVICES_NETWORK_IDS+=("$(( ${NETWORK_ID} - 1 )),${NETWORK_ID}:${SERVICE}") else SERVICES_NETWORK_IDS+=("${NETWORK_ID}:${SERVICE}") fi else NETWORK_ID=$((NETWORK_ID + 1)) - PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${NETWORK_NAME_OVERRIDE}\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"172.16.${NETWORK_ID}.0/24\" --ip-range=\"172.16.${NETWORK_ID}.0/24\" --gateway=\"172.16.${NETWORK_ID}.254\" \"${NETWORK_NAME_OVERRIDE}\""$'\n' + PODMAN_NETWORKS+=" sudo -u numbus-admin podman network exists \"${NETWORK_NAME_OVERRIDE}\" || sudo -u numbus-admin podman network create --driver=\"bridge\" --subnet=\"10.89.${NETWORK_ID}.0/24\" --ip-range=\"10.89.${NETWORK_ID}.0/24\" --gateway=\"10.89.${NETWORK_ID}.254\" \"${NETWORK_NAME_OVERRIDE}\""$'\n' TRAEFIK_NETWORKS+=" ${NETWORK_NAME_OVERRIDE}:"$'\n' - TRAEFIK_NETWORKS+=" ipv4_address: 172.16.${NETWORK_ID}.253"$'\n' + TRAEFIK_NETWORKS+=" ipv4_address: 10.89.${NETWORK_ID}.253"$'\n' TRAEFIK_REF_NETWORKS+=" ${NETWORK_NAME_OVERRIDE}:"$'\n' TRAEFIK_REF_NETWORKS+=" external: true"$'\n' SERVICES_NETWORK_IDS+=("${NETWORK_ID}:${SERVICE}") diff --git a/templates/nix-config/configuration.nix b/templates/nix-config/configuration.nix index f291868..caa25e0 100644 --- a/templates/nix-config/configuration.nix +++ b/templates/nix-config/configuration.nix @@ -104,6 +104,10 @@ podman podman-compose podman-tui + passt + slirp4netns + netavark + aardvark-dns snapraid mergerfs mergerfs-tools @@ -127,6 +131,9 @@ # Enable Podman virtualisation.podman.enable = true; virtualisation.podman.defaultNetwork.settings.dns_enabled = true; + virtualisation.containers.containersConf.settings = { + network.default_rootless_network_cmd = "pasta"; + }; # Enable libvirt # virtualisation.libvirtd.enable = true; diff --git a/templates/nix-config/misc/activation.nix b/templates/nix-config/misc/activation.nix index b8bfde6..3153adb 100644 --- a/templates/nix-config/misc/activation.nix +++ b/templates/nix-config/misc/activation.nix @@ -93,7 +93,7 @@ PODMAN_NETWORKS http: use_x_forwarded_for: true - trusted_proxies: 172.16.0.0/16 + trusted_proxies: 10.89.0.0/16 zha: EOF diff --git a/templates/nix-config/podman/gitea.nix b/templates/nix-config/podman/gitea.nix index 849f4e2..0b21a15 100644 --- a/templates/nix-config/podman/gitea.nix +++ b/templates/nix-config/podman/gitea.nix @@ -3,7 +3,6 @@ let container_name = "gitea"; compose_file = "podman/gitea/compose.yaml"; - config_dir = "/mnt/config/gitea"; in { @@ -21,7 +20,7 @@ in gitea_frontend: gitea_backend: volumes: - - ${config_dir}:/data + - gitea_data:/data - /etc/localtime:/etc/localtime:ro environment: - USER_UID=1000 @@ -56,9 +55,13 @@ in networks: gitea_backend: volumes: - - ${config_dir}:/var/lib/postgresql/data + - gitea_database:/var/lib/postgresql/data restart: unless-stopped + volumes: + gitea_data: + gitea_database: + networks: gitea_frontend: external: true diff --git a/templates/nix-config/podman/pi-hole.nix b/templates/nix-config/podman/pi-hole.nix index 54d05da..3fd8833 100644 --- a/templates/nix-config/podman/pi-hole.nix +++ b/templates/nix-config/podman/pi-hole.nix @@ -64,7 +64,7 @@ in systemd.services."${container_name}" = { description = "Podman container : ${container_name}"; - after = [ "network.target" "traefik.service" "pi-hole.service" ]; + after = [ "network.target" "traefik.service" ]; requires = [ "traefik.service" ]; wantedBy = [ "multi-user.target" ]; path = [ pkgs.podman pkgs.coreutils ]; diff --git a/templates/podman-config/traefik/traefik.yaml b/templates/podman-config/traefik/traefik.yaml index addb148..9c7ea26 100644 --- a/templates/podman-config/traefik/traefik.yaml +++ b/templates/podman-config/traefik/traefik.yaml @@ -48,7 +48,6 @@ serversTransport: providers: docker: exposedByDefault: false - network: nextcloud-aio, passbolt_frontend, pihole, hass_frontend, immich_frontend, it-tools, gitrea_frontend file: directory: "/etc/traefik/conf/" watch: true \ No newline at end of file