diff --git a/hosts/franz/arion/dashboard/arion-compose.nix b/hosts/franz/arion/dashboard/arion-compose.nix new file mode 100644 index 0000000..afaa54d --- /dev/null +++ b/hosts/franz/arion/dashboard/arion-compose.nix @@ -0,0 +1,30 @@ +{pkgs, ...}: { + project.name = "dashboard"; + + networks.dmz = { + name = "dmz"; + external = true; + }; + + services = { + homarr.service = { + image = "ghcr.io/ajnart/homarr:latest"; + container_name = "homarr"; + labels = { + "traefik.enable" = "true"; + "traefik.http.routers.homarr.entrypoints" = "websecure"; + "traefik.http.routers.homarr.rule" = "Host(`dashboard.ghoscht.com`)"; + "traefik.http.routers.homarr.tls" = "true"; + "traefik.http.routers.homarr.tls.certresolver" = "letsencrypt"; + }; + volumes = [ + "/home/ghoscht/.docker/dashboard/homarr_data:/app/data/configs" + "/home/ghoscht/.docker/dashboard/homarr_icons:/app/public/imgs" + ]; + restart = "always"; + networks = [ + "dmz" + ]; + }; + }; +} diff --git a/hosts/franz/arion/dashboard/arion-pkgs.nix b/hosts/franz/arion/dashboard/arion-pkgs.nix new file mode 100644 index 0000000..69aad13 --- /dev/null +++ b/hosts/franz/arion/dashboard/arion-pkgs.nix @@ -0,0 +1,6 @@ +# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH +import { + # We specify the architecture explicitly. Use a Linux remote builder when + # calling arion from other platforms. + system = "x86_64-linux"; +} diff --git a/hosts/franz/arion/dashboard/default.nix b/hosts/franz/arion/dashboard/default.nix new file mode 100644 index 0000000..ba15b1c --- /dev/null +++ b/hosts/franz/arion/dashboard/default.nix @@ -0,0 +1,7 @@ +{config, ...}: { + virtualisation.arion = { + projects.dashboard.settings = { + imports = [./arion-compose.nix]; + }; + }; +} diff --git a/hosts/franz/arion/default.nix b/hosts/franz/arion/default.nix index 8f15e33..0f07302 100644 --- a/hosts/franz/arion/default.nix +++ b/hosts/franz/arion/default.nix @@ -14,6 +14,7 @@ ./git ./passwords ./media + ./dashboard ]; environment.systemPackages = with pkgs; [arion];