fern/flock
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add docker module

Browse source
This commit is contained in:
Fern Garden 2025-09-15 12:37:51 +08:00
parent 7cbf708ecf
commit a8f637704a
9 changed files with 68 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

4
flake.nix
View file

@ -65,7 +65,6 @@
# Raspberry Pi 4B.
(mkHost "weebill" {
suite = "server";
docker = true;
platform = "aarch64-linux";
hostModules = [
nixos-hardware.nixosModules.raspberry-pi-4
@ -75,19 +74,16 @@
# VM running docker containers.
(mkHost "docker" {
suite = "server/vm";
docker = true;
})
# VM running a Minecraft server.
(mkHost "minecraft" {
suite = "server/vm";
docker = true;
})
# VM running a Musicbrainz mirror + lidarr metadata server.
(mkHost "musicbrainz" {
suite = "server/vm";
docker = true;
})
# VM for managing flock.

2
helpers.nix
View file

@ -10,7 +10,6 @@ with inputs.nixpkgs.lib; {
mkHost = hostname: {
platform ? "x86_64-linux",
suite ? "",
docker ? false,
hostModules ? [],
}: let
# Secrets directory.
@ -97,7 +96,6 @@ with inputs.nixpkgs.lib; {
}
]
++ hostModules # Host-specific modules.
++ optionals (docker == true) [./suites/server/docker] # Enable docker if required.
++ (filesystem.listFilesRecursive ./modules); # Custom modules.
};
}

5
hosts/docker/default.nix
View file

@ -34,4 +34,9 @@
};
users.users.fern.extraGroups = ["media"];
flock.docker = {
enable = true;
dockerMount = true;
};
}

4
hosts/minecraft/default.nix
View file

@ -1,2 +1,6 @@
{
flock.docker = {
enable = true;
dockerMount = true;
};
}

5
hosts/musicbrainz/default.nix
View file

@ -20,4 +20,9 @@
User = "fern";
};
};
flock.docker = {
enable = true;
dockerMount = true;
};
}

4
hosts/muskduck/default.nix
View file

@ -66,4 +66,8 @@ with lib; {
enable = true;
openFirewall = true;
};
flock.docker = {
enable = true;
};
}

4
hosts/weebill/default.nix
View file

@ -118,4 +118,8 @@
allowedUDPPorts = [53 67]; # DHCP server.
allowedTCPPorts = [8080 548 80 7125]; # WebOne, Netatalk, nginx, moonraker.
};
flock.docker = {
enable = true;
};
}

46
modules/docker/default.nix Normal file
View file

@ -0,0 +1,46 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.flock.docker;
in {
options = {
flock.docker = {
enable = mkEnableOption "Enable Docker";
dockerMount = mkEnableOption "Mount disk as Docker directory";
};
};
config =
mkIf cfg.enable
{
# Add user to docker group.
users.users.fern = {
extraGroups = ["docker"];
};
# Enable docker.
virtualisation.docker = {
enable = true;
autoPrune.enable = true;
liveRestore = true;
daemon.settings = {
data-root = "/home/fern/docker/daemon";
default-address-pools = [
{
base = "172.20.0.0/12";
size = 24;
}
];
};
};
# Docker data directory
fileSystems."/home/fern/docker" = mkIf (cfg.dockerMount) {
device = "/dev/disk/by-label/docker";
fsType = "ext4";
};
};
}

28
suites/server/docker/default.nix
View file

@ -1,28 +0,0 @@
{
# Docker data directory
fileSystems."/home/fern/docker" = {
device = "/dev/disk/by-label/docker";
fsType = "ext4";
};
# Add user to docker group.
users.users.fern = {
extraGroups = ["docker"];
};
# Enable docker.
virtualisation.docker = {
enable = true;
autoPrune.enable = true;
liveRestore = true;
daemon.settings = {
data-root = "/home/fern/docker/daemon";
default-address-pools = [
{
base = "172.20.0.0/12";
size = 24;
}
];
};
};
}