Remove init containers
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
		| @@ -159,38 +159,14 @@ in | |||||||
|       }; |       }; | ||||||
|  |  | ||||||
|       containers = { |       containers = { | ||||||
|         authelia-init = { |  | ||||||
|           containerConfig = { |  | ||||||
|             image = "docker-archive:${selfPkgs.docker-yq}"; |  | ||||||
|             volumes = |  | ||||||
|               let |  | ||||||
|                 entrypoint = pkgs.writeTextFile { |  | ||||||
|                   name = "entrypoint.sh"; |  | ||||||
|                   executable = true; |  | ||||||
|                   text = builtins.readFile ./init-entrypoint.sh; |  | ||||||
|                 }; |  | ||||||
|               in |  | ||||||
|               [ |  | ||||||
|                 "${volumes.authelia.ref}:/etc/authelia" |  | ||||||
|                 "${hmConfig.sops.templates.authelia-users.path}:/etc/authelia/users.yaml.default:ro" |  | ||||||
|                 "${hmConfig.sops.templates.authelia.path}:/etc/authelia/conf.d/authelia.yaml:ro" |  | ||||||
|                 "${entrypoint}:/entrypoint.sh:ro" |  | ||||||
|               ]; |  | ||||||
|             entrypoint = "/entrypoint.sh"; |  | ||||||
|           }; |  | ||||||
|  |  | ||||||
|           serviceConfig = { |  | ||||||
|             Type = "oneshot"; |  | ||||||
|             Restart = "on-failure"; |  | ||||||
|           }; |  | ||||||
|  |  | ||||||
|           unitConfig.After = [ "sops-nix.service" ]; |  | ||||||
|         }; |  | ||||||
|  |  | ||||||
|         authelia = { |         authelia = { | ||||||
|           containerConfig = { |           containerConfig = { | ||||||
|             image = "docker-archive:${selfPkgs.docker-authelia}"; |             image = "docker-archive:${selfPkgs.docker-authelia}"; | ||||||
|             volumes = [ "${volumes.authelia.ref}:/etc/authelia" ]; |             volumes = [ | ||||||
|  |               "${volumes.authelia.ref}:/etc/authelia" | ||||||
|  |               "${hmConfig.sops.templates.authelia-users.path}:/etc/authelia/users.yaml.default:ro" | ||||||
|  |               "${hmConfig.sops.templates.authelia.path}:/etc/authelia/conf.d/authelia.yaml:ro" | ||||||
|  |             ]; | ||||||
|             networks = [ |             networks = [ | ||||||
|               networks.authelia.ref |               networks.authelia.ref | ||||||
|               networks.traefik.ref |               networks.traefik.ref | ||||||
| @@ -207,7 +183,6 @@ in | |||||||
|           }; |           }; | ||||||
|  |  | ||||||
|           unitConfig.After = [ |           unitConfig.After = [ | ||||||
|             "${containers.authelia-init._serviceName}.service" |  | ||||||
|             "${containers.authelia-postgresql._serviceName}.service" |             "${containers.authelia-postgresql._serviceName}.service" | ||||||
|             "${containers.authelia-redis._serviceName}.service" |             "${containers.authelia-redis._serviceName}.service" | ||||||
|             "sops-nix.service" |             "sops-nix.service" | ||||||
| @@ -236,7 +211,7 @@ in | |||||||
|           exec = [ "--save 60 1" ]; |           exec = [ "--save 60 1" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         prometheus-init.containerConfig.volumes = |         prometheus.containerConfig.volumes = | ||||||
|           let |           let | ||||||
|             autheliaConfig = (pkgs.formats.yaml { }).generate "authelia.yaml" { |             autheliaConfig = (pkgs.formats.yaml { }).generate "authelia.yaml" { | ||||||
|               scrape_configs = |               scrape_configs = | ||||||
|   | |||||||
| @@ -1,10 +0,0 @@ | |||||||
| #!/bin/sh |  | ||||||
|  |  | ||||||
| set -o errexit |  | ||||||
| set -o nounset |  | ||||||
|  |  | ||||||
| touch /etc/authelia/users.yaml |  | ||||||
| # shellcheck disable=SC2016 |  | ||||||
| yq eval-all '. as $item ireduce ({}; . * $item)' /etc/authelia/users.yaml /etc/authelia/users.yaml.default -i |  | ||||||
| # shellcheck disable=SC2016 |  | ||||||
| yq eval-all '. as $item ireduce ({}; . *+ $item)' /etc/authelia/conf.d/*.yaml > /etc/authelia/configuration.yaml |  | ||||||
| @@ -258,7 +258,7 @@ in | |||||||
|             unitConfig.After = [ "sops-nix.service" ]; |             unitConfig.After = [ "sops-nix.service" ]; | ||||||
|           }; |           }; | ||||||
|  |  | ||||||
|           authelia-init.containerConfig.volumes = [ |           authelia.containerConfig.volumes = [ | ||||||
|             "${hmConfig.sops.templates.authelia-gitea.path}:/etc/authelia/conf.d/gitea.yaml:ro" |             "${hmConfig.sops.templates.authelia-gitea.path}:/etc/authelia/conf.d/gitea.yaml:ro" | ||||||
|           ]; |           ]; | ||||||
|         }; |         }; | ||||||
|   | |||||||
| @@ -147,7 +147,7 @@ in | |||||||
|           networks = [ networks.grafana.ref ]; |           networks = [ networks.grafana.ref ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = [ |         authelia.containerConfig.volumes = [ | ||||||
|           "${hmConfig.sops.templates.authelia-grafana.path}:/etc/authelia/conf.d/grafana.yaml:ro" |           "${hmConfig.sops.templates.authelia-grafana.path}:/etc/authelia/conf.d/grafana.yaml:ro" | ||||||
|         ]; |         ]; | ||||||
|       }; |       }; | ||||||
|   | |||||||
| @@ -123,7 +123,7 @@ in | |||||||
|           unitConfig.After = [ "sops-nix.service" ]; |           unitConfig.After = [ "sops-nix.service" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = [ |         authelia.containerConfig.volumes = [ | ||||||
|           "${hmConfig.sops.templates.authelia-jellyfin.path}:/etc/authelia/conf.d/jellyfin.yaml:ro" |           "${hmConfig.sops.templates.authelia-jellyfin.path}:/etc/authelia/conf.d/jellyfin.yaml:ro" | ||||||
|         ]; |         ]; | ||||||
|       }; |       }; | ||||||
|   | |||||||
| @@ -222,7 +222,7 @@ in | |||||||
|           unitConfig.After = [ "sops-nix.service" ]; |           unitConfig.After = [ "sops-nix.service" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = [ |         authelia.containerConfig.volumes = [ | ||||||
|           "${hmConfig.sops.templates.authelia-nextcloud.path}:/etc/authelia/conf.d/nextcloud.yaml:ro" |           "${hmConfig.sops.templates.authelia-nextcloud.path}:/etc/authelia/conf.d/nextcloud.yaml:ro" | ||||||
|         ]; |         ]; | ||||||
|       }; |       }; | ||||||
|   | |||||||
| @@ -122,7 +122,7 @@ in | |||||||
|           unitConfig.After = [ "sops-nix.service" ]; |           unitConfig.After = [ "sops-nix.service" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         prometheus-init.containerConfig.volumes = |         prometheus.containerConfig.volumes = | ||||||
|           let |           let | ||||||
|             ntfyConfig = (pkgs.formats.yaml { }).generate "ntfy.yaml" { |             ntfyConfig = (pkgs.formats.yaml { }).generate "ntfy.yaml" { | ||||||
|               scrape_configs = |               scrape_configs = | ||||||
|   | |||||||
| @@ -160,7 +160,7 @@ in | |||||||
|           exec = [ "--save 60 1" ]; |           exec = [ "--save 60 1" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = [ |         authelia.containerConfig.volumes = [ | ||||||
|           "${hmConfig.sops.templates.authelia-outline.path}:/etc/authelia/conf.d/outline.yaml:ro" |           "${hmConfig.sops.templates.authelia-outline.path}:/etc/authelia/conf.d/outline.yaml:ro" | ||||||
|         ]; |         ]; | ||||||
|       }; |       }; | ||||||
|   | |||||||
| @@ -80,7 +80,7 @@ in | |||||||
|  |  | ||||||
|   home-manager.users.${user} = |   home-manager.users.${user} = | ||||||
|     let |     let | ||||||
|       inherit (hmConfig.virtualisation.quadlet) volumes containers networks; |       inherit (hmConfig.virtualisation.quadlet) volumes networks; | ||||||
|     in |     in | ||||||
|     { |     { | ||||||
|       virtualisation.quadlet = { |       virtualisation.quadlet = { | ||||||
| @@ -119,165 +119,140 @@ in | |||||||
|             exec = [ "--collector.enable-all" ]; |             exec = [ "--collector.enable-all" ]; | ||||||
|           }; |           }; | ||||||
|  |  | ||||||
|           prometheus-init = |           prometheus.containerConfig = { | ||||||
|             let |             image = "docker-archive:${selfPkgs.docker-prometheus}"; | ||||||
|               prometheusConfig = (pkgs.formats.yaml { }).generate "prometheus.yaml" { |             volumes = | ||||||
|                 global.scrape_interval = "15s"; |               let | ||||||
|  |                 prometheusConfig = (pkgs.formats.yaml { }).generate "prometheus.yaml" { | ||||||
|  |                   global.scrape_interval = "15s"; | ||||||
|  |  | ||||||
|                 scrape_configs = |                   scrape_configs = | ||||||
|                   let |                     let | ||||||
|                     hostname = config.networking.hostName; |                       hostname = config.networking.hostName; | ||||||
|                     jupiterVpsHostname = jupiterVpsConfig.networking.hostName; |                       jupiterVpsHostname = jupiterVpsConfig.networking.hostName; | ||||||
|                   in |                     in | ||||||
|                   [ |                     [ | ||||||
|                     { |                       { | ||||||
|                       job_name = "${hostname}-node-exporter"; |                         job_name = "${hostname}-node-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "host.containers.internal:9100" ]; |                             targets = [ "host.containers.internal:9100" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "node-exporter"; |                               app = "node-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             inherit hostname; |                               inherit hostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                         { |                           { | ||||||
|                           targets = [ "prometheus-node-exporter:9100" ]; |                             targets = [ "prometheus-node-exporter:9100" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "node-exporter"; |                               app = "node-exporter"; | ||||||
|                             inherit user hostname; |                               inherit user hostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                     { |                       { | ||||||
|                       job_name = "${hostname}-podman-exporter"; |                         job_name = "${hostname}-podman-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "host.containers.internal:9882" ]; |                             targets = [ "host.containers.internal:9882" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "podman-exporter"; |                               app = "podman-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             inherit hostname; |                               inherit hostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                         { |                           { | ||||||
|                           targets = [ "prometheus-podman-exporter:9882" ]; |                             targets = [ "prometheus-podman-exporter:9882" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "podman-exporter"; |                               app = "podman-exporter"; | ||||||
|                             inherit user hostname; |                               inherit user hostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                     { |                       { | ||||||
|                       job_name = "${hostname}-fail2ban-exporter"; |                         job_name = "${hostname}-fail2ban-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "host.containers.internal:9191" ]; |                             targets = [ "host.containers.internal:9191" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "fail2ban-exporter"; |                               app = "fail2ban-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             inherit hostname; |                               inherit hostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                     { |                       { | ||||||
|                       job_name = "${hostname}-smartctl-exporter"; |                         job_name = "${hostname}-smartctl-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "host.containers.internal:9633" ]; |                             targets = [ "host.containers.internal:9633" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "smartctl-exporter"; |                               app = "smartctl-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             inherit hostname; |                               inherit hostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                     { |                       { | ||||||
|                       job_name = "${jupiterVpsHostname}-node-exporter"; |                         job_name = "${jupiterVpsHostname}-node-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "10.0.0.1:9100" ]; |                             targets = [ "10.0.0.1:9100" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "node-exporter"; |                               app = "node-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             hostname = jupiterVpsHostname; |                               hostname = jupiterVpsHostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                     { |                       { | ||||||
|                       job_name = "${jupiterVpsHostname}-podman-exporter"; |                         job_name = "${jupiterVpsHostname}-podman-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "10.0.0.1:9882" ]; |                             targets = [ "10.0.0.1:9882" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "podman-exporter"; |                               app = "podman-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             hostname = jupiterVpsHostname; |                               hostname = jupiterVpsHostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                     { |                       { | ||||||
|                       job_name = "${jupiterVpsHostname}-fail2ban-exporter"; |                         job_name = "${jupiterVpsHostname}-fail2ban-exporter"; | ||||||
|                       static_configs = [ |                         static_configs = [ | ||||||
|                         { |                           { | ||||||
|                           targets = [ "10.0.0.1:9191" ]; |                             targets = [ "10.0.0.1:9191" ]; | ||||||
|                           labels = { |                             labels = { | ||||||
|                             app = "fail2ban-exporter"; |                               app = "fail2ban-exporter"; | ||||||
|                             user = "root"; |                               user = "root"; | ||||||
|                             hostname = jupiterVpsHostname; |                               hostname = jupiterVpsHostname; | ||||||
|                           }; |                             }; | ||||||
|                         } |                           } | ||||||
|                       ]; |                         ]; | ||||||
|                     } |                       } | ||||||
|                   ]; |                     ]; | ||||||
|               }; |                 }; | ||||||
|             in |               in | ||||||
|             { |               [ | ||||||
|               containerConfig = { |                 "${prometheusConfig}:/etc/prometheus/conf.d/prometheus.yaml" | ||||||
|                 image = "docker-archive:${selfPkgs.docker-yq}"; |  | ||||||
|                 volumes = [ |  | ||||||
|                   "${volumes.prometheus-config.ref}:/etc/prometheus" |  | ||||||
|                   "${prometheusConfig}:/etc/prometheus/conf.d/prometheus.yaml" |  | ||||||
|                 ]; |  | ||||||
|                 entrypoint = "/bin/bash"; |  | ||||||
|                 exec = [ |  | ||||||
|                   "-c" |  | ||||||
|                   "yq eval-all '. as $item ireduce ({}; . *+ $item)' /etc/prometheus/conf.d/*.yaml > /etc/prometheus/prometheus.yaml" |  | ||||||
|                 ]; |  | ||||||
|               }; |  | ||||||
|  |  | ||||||
|               serviceConfig = { |  | ||||||
|                 Type = "oneshot"; |  | ||||||
|                 Restart = "on-failure"; |  | ||||||
|               }; |  | ||||||
|             }; |  | ||||||
|  |  | ||||||
|           prometheus = { |  | ||||||
|             containerConfig = { |  | ||||||
|               image = "docker-archive:${selfPkgs.docker-prometheus}"; |  | ||||||
|               volumes = [ |  | ||||||
|                 "${volumes.prometheus-config.ref}:/etc/prometheus" |                 "${volumes.prometheus-config.ref}:/etc/prometheus" | ||||||
|                 "${volumes.prometheus-data.ref}:/var/lib/prometheus" |                 "${volumes.prometheus-data.ref}:/var/lib/prometheus" | ||||||
|               ]; |               ]; | ||||||
|               networks = [ |             networks = [ | ||||||
|                 networks.prometheus.ref |               networks.prometheus.ref | ||||||
|                 networks.grafana.ref |               networks.grafana.ref | ||||||
|               ]; |             ]; | ||||||
|               exec = [ |             exec = [ | ||||||
|                 "--log.level=warn" |               "--log.level=warn" | ||||||
|                 "--config.file=/etc/prometheus/prometheus.yaml" |               "--storage.tsdb.retention.time=1y" | ||||||
|                 "--storage.tsdb.path=/var/lib/prometheus" |             ]; | ||||||
|                 "--storage.tsdb.retention.time=1y" |  | ||||||
|               ]; |  | ||||||
|             }; |  | ||||||
|  |  | ||||||
|             unitConfig.After = [ "${containers.prometheus-init._serviceName}.service" ]; |  | ||||||
|           }; |           }; | ||||||
|  |  | ||||||
|           grafana.containerConfig.volumes = |           grafana.containerConfig.volumes = | ||||||
|   | |||||||
| @@ -122,7 +122,7 @@ in | |||||||
|           unitConfig.After = [ "sops-nix.service" ]; |           unitConfig.After = [ "sops-nix.service" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = |         authelia.containerConfig.volumes = | ||||||
|           let |           let | ||||||
|             config = (pkgs.formats.yaml { }).generate "shlink.yaml" { |             config = (pkgs.formats.yaml { }).generate "shlink.yaml" { | ||||||
|               access_control.rules = [ |               access_control.rules = [ | ||||||
|   | |||||||
| @@ -133,7 +133,7 @@ in | |||||||
|           }; |           }; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = |         authelia.containerConfig.volumes = | ||||||
|           let |           let | ||||||
|             config = (pkgs.formats.yaml { }).generate "traefik.yaml" { |             config = (pkgs.formats.yaml { }).generate "traefik.yaml" { | ||||||
|               access_control.rules = [ |               access_control.rules = [ | ||||||
| @@ -147,7 +147,7 @@ in | |||||||
|           in |           in | ||||||
|           [ "${config}:/etc/authelia/conf.d/traefik.yaml:ro" ]; |           [ "${config}:/etc/authelia/conf.d/traefik.yaml:ro" ]; | ||||||
|  |  | ||||||
|         prometheus-init.containerConfig.volumes = |         prometheus.containerConfig.volumes = | ||||||
|           let |           let | ||||||
|             traefikConfig = (pkgs.formats.yaml { }).generate "traefik.yaml" { |             traefikConfig = (pkgs.formats.yaml { }).generate "traefik.yaml" { | ||||||
|               scrape_configs = |               scrape_configs = | ||||||
|   | |||||||
| @@ -63,7 +63,7 @@ in | |||||||
|           unitConfig.After = [ "sops-nix.service" ]; |           unitConfig.After = [ "sops-nix.service" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = |         authelia.containerConfig.volumes = | ||||||
|           let |           let | ||||||
|             config = (pkgs.formats.yaml { }).generate "transmission.yaml" { |             config = (pkgs.formats.yaml { }).generate "transmission.yaml" { | ||||||
|               access_control.rules = [ |               access_control.rules = [ | ||||||
|   | |||||||
| @@ -144,7 +144,7 @@ in | |||||||
|           unitConfig.After = [ "sops-nix.service" ]; |           unitConfig.After = [ "sops-nix.service" ]; | ||||||
|         }; |         }; | ||||||
|  |  | ||||||
|         authelia-init.containerConfig.volumes = [ |         authelia.containerConfig.volumes = [ | ||||||
|           "${hmConfig.sops.templates.authelia-vaultwarden.path}:/etc/authelia/conf.d/vaultwarden.yaml:ro" |           "${hmConfig.sops.templates.authelia-vaultwarden.path}:/etc/authelia/conf.d/vaultwarden.yaml:ro" | ||||||
|         ]; |         ]; | ||||||
|       }; |       }; | ||||||
|   | |||||||
| @@ -39,7 +39,6 @@ | |||||||
|   docker-traefik = import ./docker/traefik { inherit pkgs; }; |   docker-traefik = import ./docker/traefik { inherit pkgs; }; | ||||||
|   docker-transmission-protonvpn = import ./docker/transmission-protonvpn { inherit pkgs; }; |   docker-transmission-protonvpn = import ./docker/transmission-protonvpn { inherit pkgs; }; | ||||||
|   docker-whoami = import ./docker/whoami { inherit pkgs; }; |   docker-whoami = import ./docker/whoami { inherit pkgs; }; | ||||||
|   docker-yq = import ./docker/yq { inherit pkgs; }; |  | ||||||
|  |  | ||||||
|   jellyfin-plugin-bookshelf = import ./jellyfin/plugins/bookshelf { inherit pkgs; }; |   jellyfin-plugin-bookshelf = import ./jellyfin/plugins/bookshelf { inherit pkgs; }; | ||||||
|   jellyfin-plugin-intro-skipper = import ./jellyfin/plugins/intro-skipper { inherit pkgs; }; |   jellyfin-plugin-intro-skipper = import ./jellyfin/plugins/intro-skipper { inherit pkgs; }; | ||||||
|   | |||||||
| @@ -1,20 +1,28 @@ | |||||||
| { pkgs, ... }: | { pkgs, ... }: | ||||||
|  | let | ||||||
|  |   entrypoint = pkgs.writeTextFile { | ||||||
|  |     name = "entrypoint"; | ||||||
|  |     executable = true; | ||||||
|  |     destination = "/bin/entrypoint"; | ||||||
|  |     text = builtins.readFile ./entrypoint.sh; | ||||||
|  |   }; | ||||||
|  | in | ||||||
| pkgs.dockerTools.buildImage { | pkgs.dockerTools.buildImage { | ||||||
|   name = "authelia"; |   name = "authelia"; | ||||||
|   fromImage = import ../base { inherit pkgs; }; |   fromImage = import ../base { inherit pkgs; }; | ||||||
|  |  | ||||||
|   copyToRoot = pkgs.buildEnv { |   copyToRoot = pkgs.buildEnv { | ||||||
|     name = "root"; |     name = "root"; | ||||||
|     paths = with pkgs; [ authelia ]; |     paths = with pkgs; [ | ||||||
|  |       entrypoint | ||||||
|  |       authelia | ||||||
|  |       yq-go | ||||||
|  |     ]; | ||||||
|     pathsToLink = [ "/bin" ]; |     pathsToLink = [ "/bin" ]; | ||||||
|   }; |   }; | ||||||
|  |  | ||||||
|   config = { |   config = { | ||||||
|     Entrypoint = [ "authelia" ]; |     Entrypoint = [ "entrypoint" ]; | ||||||
|     Cmd = [ |  | ||||||
|       "--config" |  | ||||||
|       "/etc/authelia/configuration.yaml" |  | ||||||
|     ]; |  | ||||||
|     ExposedPorts = { |     ExposedPorts = { | ||||||
|       "9091/tcp" = { }; |       "9091/tcp" = { }; | ||||||
|     }; |     }; | ||||||
|   | |||||||
							
								
								
									
										19
									
								
								packages/docker/authelia/entrypoint.sh
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								packages/docker/authelia/entrypoint.sh
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | #!/usr/bin/env sh | ||||||
|  |  | ||||||
|  | set -o errexit | ||||||
|  | set -o nounset | ||||||
|  |  | ||||||
|  | if [ -f /etc/authelia/users.yaml.default ]; then | ||||||
|  |   touch /etc/authelia/users.yaml | ||||||
|  |   # shellcheck disable=SC2016 | ||||||
|  |   yq eval-all '. as $item ireduce ({}; . * $item)' /etc/authelia/users.yaml /etc/authelia/users.yaml.default -i | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | if [ -d /etc/authelia/conf.d ]; then | ||||||
|  |   # shellcheck disable=SC2016 | ||||||
|  |   yq eval-all '. as $item ireduce ({}; . *+ $item)' /etc/authelia/conf.d/*.yaml > /etc/authelia/configuration.yaml | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | exec authelia \ | ||||||
|  |   --config /etc/authelia/configuration.yaml \ | ||||||
|  |   "$@" | ||||||
| @@ -1,21 +1,34 @@ | |||||||
| { pkgs, ... }: | { pkgs, ... }: | ||||||
|  | let | ||||||
|  |   entrypoint = pkgs.writeTextFile { | ||||||
|  |     name = "entrypoint"; | ||||||
|  |     executable = true; | ||||||
|  |     destination = "/bin/entrypoint"; | ||||||
|  |     text = builtins.readFile ./entrypoint.sh; | ||||||
|  |   }; | ||||||
|  | in | ||||||
| pkgs.dockerTools.buildImage { | pkgs.dockerTools.buildImage { | ||||||
|   name = "prometheus"; |   name = "prometheus"; | ||||||
|   fromImage = import ../base { inherit pkgs; }; |   fromImage = import ../base { inherit pkgs; }; | ||||||
|  |  | ||||||
|   copyToRoot = pkgs.buildEnv { |   copyToRoot = pkgs.buildEnv { | ||||||
|     name = "root"; |     name = "root"; | ||||||
|     paths = with pkgs; [ prometheus ]; |     paths = with pkgs; [ | ||||||
|  |       entrypoint | ||||||
|  |       prometheus | ||||||
|  |       yq-go | ||||||
|  |     ]; | ||||||
|     pathsToLink = [ "/bin" ]; |     pathsToLink = [ "/bin" ]; | ||||||
|   }; |   }; | ||||||
|  |  | ||||||
|   config = { |   config = { | ||||||
|     Entrypoint = [ "prometheus" ]; |     Entrypoint = [ "entrypoint" ]; | ||||||
|     ExposedPorts = { |     ExposedPorts = { | ||||||
|       "9090/tcp" = { }; |       "9090/tcp" = { }; | ||||||
|     }; |     }; | ||||||
|     WorkingDir = "/var/lib/prometheus"; |     WorkingDir = "/var/lib/prometheus"; | ||||||
|     Volumes = { |     Volumes = { | ||||||
|  |       "/etc/prometheus" = { }; | ||||||
|       "/var/lib/prometheus" = { }; |       "/var/lib/prometheus" = { }; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|   | |||||||
							
								
								
									
										14
									
								
								packages/docker/prometheus/entrypoint.sh
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								packages/docker/prometheus/entrypoint.sh
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,14 @@ | |||||||
|  | #!/usr/bin/env sh | ||||||
|  |  | ||||||
|  | set -o errexit | ||||||
|  | set -o nounset | ||||||
|  |  | ||||||
|  | if [ -d /etc/prometheus/conf.d ]; then | ||||||
|  |   # shellcheck disable=SC2016 | ||||||
|  |   yq eval-all '. as $item ireduce ({}; . *+ $item)' /etc/prometheus/conf.d/*.yaml > /etc/prometheus/prometheus.yaml | ||||||
|  | fi | ||||||
|  |  | ||||||
|  | exec prometheus \ | ||||||
|  |   --config.file=/etc/prometheus/prometheus.yaml \ | ||||||
|  |   --storage.tsdb.path=/var/lib/prometheus \ | ||||||
|  |   "$@" | ||||||
| @@ -1,15 +0,0 @@ | |||||||
| { pkgs, ... }: |  | ||||||
| pkgs.dockerTools.buildImage { |  | ||||||
|   name = "yq"; |  | ||||||
|   fromImage = import ../base { inherit pkgs; }; |  | ||||||
|  |  | ||||||
|   copyToRoot = pkgs.buildEnv { |  | ||||||
|     name = "root"; |  | ||||||
|     paths = with pkgs; [ yq-go ]; |  | ||||||
|     pathsToLink = [ "/bin" ]; |  | ||||||
|   }; |  | ||||||
|  |  | ||||||
|   config = { |  | ||||||
|     Entrypoint = [ "yq" ]; |  | ||||||
|   }; |  | ||||||
| } |  | ||||||
		Reference in New Issue
	
	Block a user