AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: use quadlet instead of oci on vps

Browse Source
This commit is contained in:
Dmitriy Kholkin 2025-08-21 04:36:11 +03:00
parent 3f7f608aba
commit e26263fb2b
Signed by: AtaraxiaDev
GPG Key ID: FD266B810DF48DF2
3 changed files with 47 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
hosts/blueshift/services.nix
View File

@ -37,12 +37,12 @@ in
let
nginx = {
sopsFile = secretsDir + /blueshift/nginx.yaml;
restartUnits = [ "podman-nginx.service" ];
restartUnits = [ "nginx.service" ];
};
marzban = {
format = "dotenv";
sopsFile = secretsDir + /blueshift/marzban.env;
restartUnits = [ "podman-marzban.service" ];
restartUnits = [ "marzban.service" ];
};
in
{
@ -52,27 +52,31 @@ in
inherit marzban;
};
virtualisation.oci-containers.containers = {
virtualisation.quadlet.containers = {
marzban = {
autoStart = true;
# Tags: v0.8.4
image = "ghcr.io/gozargah/marzban@sha256:8e422c21997e5d2e3fa231eeff73c0a19193c20fc02fa4958e9368abb9623b8d";
environmentFiles = [ marzban-env ];
extraOptions = [ "--network=host" ];
volumes = [
"/srv/marzban:/var/lib/marzban"
];
containerConfig = {
# Tags: v0.8.4
image = "ghcr.io/gozargah/marzban@sha256:8e422c21997e5d2e3fa231eeff73c0a19193c20fc02fa4958e9368abb9623b8d";
environmentFiles = [ marzban-env ];
networks = [ "host" ];
volumes = [
"/srv/marzban:/var/lib/marzban"
];
};
};
nginx = {
autoStart = true;
# Tags: mainline-alpine3.21, mainline-alpine, alpine3.21
image = "docker.io/nginx@sha256:e4efffc3236305ae53fb54e5cd76c9ccac0cebf7a23d436a8f91bce6402c2665";
extraOptions = [ "--network=host" ];
volumes = [
"${cert-key}:/etc/ssl/certs/cf-cert.key:ro"
"${cert-pem}:/etc/ssl/certs/cf-cert.pem:ro"
"${nginx-conf}:/etc/nginx/nginx.conf:ro"
];
containerConfig = {
# Tags: mainline-alpine3.21, mainline-alpine, alpine3.21
image = "docker.io/nginx@sha256:e4efffc3236305ae53fb54e5cd76c9ccac0cebf7a23d436a8f91bce6402c2665";
networks = [ "host" ];
volumes = [
"${cert-key}:/etc/ssl/certs/cf-cert.key:ro"
"${cert-pem}:/etc/ssl/certs/cf-cert.pem:ro"
"${nginx-conf}:/etc/nginx/nginx.conf:ro"
];
};
};
};

40
hosts/redshift/services.nix
View File

@ -38,12 +38,12 @@ in
let
nginx = {
sopsFile = secretsDir + /redshift/nginx.yaml;
restartUnits = [ "podman-nginx.service" ];
restartUnits = [ "nginx.service" ];
};
marzban = {
format = "dotenv";
sopsFile = secretsDir + /redshift/marzban.env;
restartUnits = [ "podman-marzban.service" ];
restartUnits = [ "marzban.service" ];
};
in
{
@ -53,27 +53,31 @@ in
inherit marzban;
};
virtualisation.oci-containers.containers = {
virtualisation.quadlet.containers = {
marzban = {
autoStart = true;
# Tags: v0.8.4
image = "ghcr.io/gozargah/marzban@sha256:8e422c21997e5d2e3fa231eeff73c0a19193c20fc02fa4958e9368abb9623b8d";
environmentFiles = [ marzban-env ];
extraOptions = [ "--network=host" ];
volumes = [
"/srv/marzban:/var/lib/marzban"
];
containerConfig = {
# Tags: v0.8.4
image = "ghcr.io/gozargah/marzban@sha256:8e422c21997e5d2e3fa231eeff73c0a19193c20fc02fa4958e9368abb9623b8d";
environmentFiles = [ marzban-env ];
networks = [ "host" ];
volumes = [
"/srv/marzban:/var/lib/marzban"
];
};
};
nginx = {
autoStart = true;
# Tags: mainline-alpine3.21, mainline-alpine, alpine3.21
image = "docker.io/nginx@sha256:e4efffc3236305ae53fb54e5cd76c9ccac0cebf7a23d436a8f91bce6402c2665";
extraOptions = [ "--network=host" ];
volumes = [
"${cert-key}:/etc/ssl/certs/cf-cert.key:ro"
"${cert-pem}:/etc/ssl/certs/cf-cert.pem:ro"
"${nginx-conf}:/etc/nginx/nginx.conf:ro"
];
containerConfig = {
# Tags: mainline-alpine3.21, mainline-alpine, alpine3.21
image = "docker.io/nginx@sha256:e4efffc3236305ae53fb54e5cd76c9ccac0cebf7a23d436a8f91bce6402c2665";
networks = [ "host" ];
volumes = [
"${cert-key}:/etc/ssl/certs/cf-cert.key:ro"
"${cert-pem}:/etc/ssl/certs/cf-cert.pem:ro"
"${nginx-conf}:/etc/nginx/nginx.conf:ro"
];
};
};
};

6
secrets/blueshift/nginx.yaml
View File

File diff suppressed because one or more lines are too long