make ghost work on podman

2024-12-17 02:09:57 -05:00 · 2024-12-17 02:09:57 -05:00 · 4fc952c732
commit 4fc952c732
parent dff837606b
3 changed files with 35 additions and 11 deletions
--- a/hosts/chunk/adguard.nix
+++ b/hosts/chunk/adguard.nix
@ -11,6 +11,13 @@
          password = "$2y$10$BZy2zYJj5z4e8LZCq/GwuuhWUafL/MNFO.YcsAMmpDS.2krPxi7KC";
        }
      ];
+      # do not listen eveywhere cause podman runs it's own DNS
+      dns.bind_hosts = [
+        "127.0.0.1"
+        "::1"
+        "31.59.129.225"
+        "2a0f:85c1:840:2bfb::1"
+      ];
    };
  };
 }
--- a/hosts/chunk/default.nix
+++ b/hosts/chunk/default.nix
@ -172,13 +172,16 @@
  };

  # container stuff
-  virtualisation.container.enable = true;
-  vrtualisation.podman = {
+  virtualisation.containers.enable = true;
+  virtualisation.podman = {
    enable = true;
    # create 'docker' alias for podman, to use as
    # drop-in replacement
    dockerCompat = true;
-    defaultNetwork.settings.dns_enabled = true;
+    defaultNetwork.settings = {
+      dns_enabled = true;
+      ipv6_enabled = true;
+    };
  };
  virtualisation.oci-containers.backend = "podman";
 }
--- a/hosts/chunk/ghost.nix
+++ b/hosts/chunk/ghost.nix
@ -1,9 +1,13 @@
-{...}: {
+{
+  pkgs,
+  config,
+  ...
+}: {
  virtualisation.oci-containers.containers.ghost = {
-    imgage = "ghost:5-alpine";
+    image = "ghost:5-alpine";
    autoStart = true;
    ports = ["127.0.0.1:8084:2368"];
-    pull = "always";
+    pull = "newer";
    environment = {
      database__client = "mysql";
      database__connection__host = "ghost-db";
@ -16,22 +20,32 @@
    volumes = [
      "/opt/ghost/data:/var/lib/ghost/content"
    ];
-    networks = [
-      "ghost-net"
-    ];
+    networks = ["ghost-net"];
+    dependsOn = ["ghost-db"];
  };

  virtualisation.oci-containers.containers.ghost-db = {
    image = "mysql:8.0";
    autoStart = true;
+    pull = "newer";
    environment = {
      MYSQL_ROOT_PASSWORD = "example";
    };
    volumes = [
      "/opt/ghost/db:/var/lib/mysql"
    ];
-    networks = [
-      "ghost-net"
+    networks = ["ghost-net"];
+  };
+
+  systemd.services.create-ghost-net = {
+    serviceConfig.Type = "oneshot";
+    wantedBy = with config.virtualisation.oci-containers; [
+      "${backend}-ghost.service"
+      "${backend}-ghost-db.service"
    ];
+    script = ''
+      ${pkgs.podman}/bin/podman network exists ghost-net || \
+      ${pkgs.podman}/bin/podman network create ghost-net
+    '';
  };
 }