94 lines
3.1 KiB
Nix
94 lines
3.1 KiB
Nix
{
|
|
config,
|
|
inputs,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib; let
|
|
cfg = config.custom.containers.netbox;
|
|
in {
|
|
options.custom.containers.netbox.enable = mkOption {default = false;};
|
|
|
|
config = mkIf cfg.enable {
|
|
age.secrets = let
|
|
secret = filename: {
|
|
file = "${inputs.self}/secrets/${filename}";
|
|
};
|
|
in {
|
|
"${config.custom.profile}/netbox/.env" = secret "${config.custom.profile}/netbox/.env";
|
|
"${config.custom.profile}/netbox/cache.env" = secret "${config.custom.profile}/netbox/cache.env";
|
|
"${config.custom.profile}/netbox/db.env" = secret "${config.custom.profile}/netbox/db.env";
|
|
};
|
|
|
|
#?? arion-netbox pull
|
|
environment.shellAliases.arion-netbox = "sudo arion --prebuilt-file ${config.virtualisation.arion.projects.netbox.settings.out.dockerComposeYaml}";
|
|
|
|
# https://github.com/netbox-community/netbox-docker
|
|
# https://github.com/netbox-community/netbox-docker/blob/release/docker-compose.yml
|
|
virtualisation.arion.projects.netbox.settings.services = let
|
|
netbox = {
|
|
container_name = "netbox";
|
|
depends_on = ["cache" "db"];
|
|
env_file = [config.age.secrets."${config.custom.profile}/netbox/.env".path];
|
|
image = "localhost/netbox"; # Built image
|
|
restart = "unless-stopped";
|
|
user = "unit:root";
|
|
volumes = ["${config.custom.containers.directory}/netbox/media:/opt/netbox/netbox/media"];
|
|
};
|
|
in {
|
|
netbox.service =
|
|
netbox
|
|
// {
|
|
ports = ["8585:8080"];
|
|
|
|
# https://github.com/netbox-community/netbox-docker/wiki/Using-Netbox-Plugins
|
|
#!! Context modifications require a rebuild
|
|
#?? arion-netbox build --no-cache
|
|
build.context = "${./.}";
|
|
};
|
|
|
|
housekeeping.service =
|
|
netbox
|
|
// {
|
|
container_name = "netbox-housekeeping";
|
|
command = ["/opt/netbox/housekeeping.sh"];
|
|
depends_on = ["netbox"];
|
|
};
|
|
|
|
worker.service =
|
|
netbox
|
|
// {
|
|
container_name = "netbox-worker";
|
|
command = ["/opt/netbox/venv/bin/python" "/opt/netbox/netbox/manage.py" "rqworker"];
|
|
depends_on = ["netbox"];
|
|
};
|
|
|
|
cache.service = {
|
|
container_name = "netbox-cache";
|
|
command = ["sh" "-c" "valkey-server --requirepass $$REDIS_PASSWORD"];
|
|
env_file = [config.age.secrets."${config.custom.profile}/netbox/cache.env".path];
|
|
image = "docker.io/valkey/valkey:8.0";
|
|
restart = "unless-stopped";
|
|
};
|
|
|
|
db.service = {
|
|
container_name = "netbox-db";
|
|
env_file = [config.age.secrets."${config.custom.profile}/netbox/db.env".path];
|
|
image = "docker.io/postgres:16";
|
|
restart = "unless-stopped";
|
|
volumes = ["${config.custom.containers.directory}/netbox/db:/var/lib/postgresql/data"];
|
|
};
|
|
};
|
|
|
|
#!! Required for correct volume permissions
|
|
systemd.tmpfiles.settings."10-netbox" = {
|
|
"${config.custom.containers.directory}/netbox/media" = {
|
|
z = {
|
|
mode = "0770";
|
|
user = "999"; # unit
|
|
group = "root";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|