From 210768d5382be15730a5789f681ca4888bbc9d1c Mon Sep 17 00:00:00 2001 From: autumn Date: Mon, 8 Dec 2025 12:46:15 -0700 Subject: [PATCH] fixing mealie via compose2nix --- system/hoardfrost/configuration.nix | 6 +- system/services/containerization/mealie-2.nix | 148 ++++++++++++++++++ system/services/podman.nix | 20 +++ 3 files changed, 170 insertions(+), 4 deletions(-) create mode 100644 system/services/containerization/mealie-2.nix create mode 100644 system/services/podman.nix diff --git a/system/hoardfrost/configuration.nix b/system/hoardfrost/configuration.nix index a294a10..e5ed512 100644 --- a/system/hoardfrost/configuration.nix +++ b/system/hoardfrost/configuration.nix @@ -13,12 +13,13 @@ ../services/samba.nix ../services/openssh.nix ../services/endlessh.nix + ../services/podman.nix # ./services/currents.nix #. ./services/tailscale.nix. # ./services/containerization/currents.nix ../services/containerization/docker.nix - ../services/containerization/mealie.nix + ../services/containerization/mealie-2.nix ../services/containerization/transtun.nix ../services/containerization/stirlingpdf.nix ]; @@ -127,9 +128,6 @@ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget ]; - virtualisation.podman = { - enable = true; - }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. diff --git a/system/services/containerization/mealie-2.nix b/system/services/containerization/mealie-2.nix new file mode 100644 index 0000000..596d8b0 --- /dev/null +++ b/system/services/containerization/mealie-2.nix @@ -0,0 +1,148 @@ +# Auto-generated by compose2nix. + +{ pkgs, lib, config, ... }: + +{ + # Containers + virtualisation.oci-containers.containers."mealie" = { + image = "ghcr.io/mealie-recipes/mealie:v3.6.1"; + environment = { + "ALLOW_SIGNUP" = "false"; + "BASE_URL" = "https://mealie.yourdomain.com"; + "DB_ENGINE" = "postgres"; + "PGID" = "1000"; + "POSTGRES_DB" = "mealie"; + "POSTGRES_PASSWORD" = "mealie"; + "POSTGRES_PORT" = "5432"; + "POSTGRES_SERVER" = "postgres"; + "POSTGRES_USER" = "mealie"; + "PUID" = "1000"; + "TZ" = "America/Anchorage"; + }; + volumes = [ + "mealieio_mealie-data:/app/data:rw" + ]; + ports = [ + "9925:9000/tcp" + ]; + dependsOn = [ + "postgres" + ]; + log-driver = "journald"; + extraOptions = [ + "--memory=1048576000b" + "--network-alias=mealie" + "--network=mealieio_default" + ]; + }; + systemd.services."podman-mealie" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + }; + after = [ + "podman-network-mealieio_default.service" + "podman-volume-mealieio_mealie-data.service" + ]; + requires = [ + "podman-network-mealieio_default.service" + "podman-volume-mealieio_mealie-data.service" + ]; + partOf = [ + "podman-compose-mealieio-root.target" + ]; + wantedBy = [ + "podman-compose-mealieio-root.target" + ]; + }; + virtualisation.oci-containers.containers."postgres" = { + image = "postgres:17"; + environment = { + "PGUSER" = "mealie"; + "POSTGRES_DB" = "mealie"; + "POSTGRES_PASSWORD" = "mealie"; + "POSTGRES_USER" = "mealie"; + }; + volumes = [ + "mealieio_mealie-pgdata:/var/lib/postgresql/data:rw" + ]; + log-driver = "journald"; + extraOptions = [ + "--health-cmd=[\"pg_isready\"]" + "--health-interval=30s" + "--health-retries=3" + "--health-timeout=20s" + "--network-alias=postgres" + "--network=mealieio_default" + ]; + }; + systemd.services."podman-postgres" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + }; + after = [ + "podman-network-mealieio_default.service" + "podman-volume-mealieio_mealie-pgdata.service" + ]; + requires = [ + "podman-network-mealieio_default.service" + "podman-volume-mealieio_mealie-pgdata.service" + ]; + partOf = [ + "podman-compose-mealieio-root.target" + ]; + wantedBy = [ + "podman-compose-mealieio-root.target" + ]; + }; + + # Networks + systemd.services."podman-network-mealieio_default" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStop = "podman network rm -f mealieio_default"; + }; + script = '' + podman network inspect mealieio_default || podman network create mealieio_default + ''; + partOf = [ "podman-compose-mealieio-root.target" ]; + wantedBy = [ "podman-compose-mealieio-root.target" ]; + }; + + # Volumes + systemd.services."podman-volume-mealieio_mealie-data" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect mealieio_mealie-data || podman volume create mealieio_mealie-data + ''; + partOf = [ "podman-compose-mealieio-root.target" ]; + wantedBy = [ "podman-compose-mealieio-root.target" ]; + }; + systemd.services."podman-volume-mealieio_mealie-pgdata" = { + path = [ pkgs.podman ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + podman volume inspect mealieio_mealie-pgdata || podman volume create mealieio_mealie-pgdata + ''; + partOf = [ "podman-compose-mealieio-root.target" ]; + wantedBy = [ "podman-compose-mealieio-root.target" ]; + }; + + # Root service + # When started, this will automatically create all resources and start + # the containers. When stopped, this will teardown all resources. + systemd.targets."podman-compose-mealieio-root" = { + unitConfig = { + Description = "Root target generated by compose2nix."; + }; + wantedBy = [ "multi-user.target" ]; + }; +} diff --git a/system/services/podman.nix b/system/services/podman.nix new file mode 100644 index 0000000..a7307f3 --- /dev/null +++ b/system/services/podman.nix @@ -0,0 +1,20 @@ + +{ pkgs, lib, config, ... }: + +{ + # Runtime + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + dockerCompat = true; + }; + + # Enable container name DNS for all Podman networks. + networking.firewall.interfaces = let + matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; + in { + "${matchAll}".allowedUDPPorts = [ 53 ]; + }; + + virtualisation.oci-containers.backend = "podman"; +}