nixos-config/modules/lancache.nix

{ config, lib, ... }:
let
  cfg = import ./vars.nix;
  lancacheip = "192.168.178.53";
  #name = "XXX";
  #dbport = cfg.XXX.dbport;
  #db_host = cfg.podman.hostIP;
  #port = cfg.XXX.port;
  #domain = cfg.XXX.domain;
in
{
  #imports = [
  #  #./podman.nix
  #  #./podman-postgresql.nix # for the database
  #  #./nginx.nix             # for the webserver
  #];

  #sops.secrets."${name}/db" = {};
  #sops.secrets."${name}/env" = {};

  #services.podman-postgresql."${name}" = {
  #  enable = true;
  #  image = "docker.io/library/postgres:16-alpine";
  #  port = (lib.strings.toInt dbport);
  #  passwordFile = config.sops.secrets."${name}/db".path;
  #};

  networking.firewall.allowedUDPPorts = [ 53 ];

  virtualisation.oci-containers.containers.lancache = {
    image = "docker.io/lancachenet/monolithic";
    environment = {
      TZ = "Europe/Berlin";
      UPSTREAM_DNS = "192.168.178.1";
    };
    #environmentFiles = [ config.sops.secrets."${name}/env".path ];
    ports = [
      "${lancacheip}:80:80"
      "${lancacheip}:443:443"
    ];
    volumes = [
      "/mnt/cache/lancache:/data/cache"
      "/var/log/lancache:/data/logs"
    ];
    extraOptions = cfg.podman.extraOptions;
    autoStart = false;
  };

  virtualisation.oci-containers.containers.lancache-dns = {
    image = "docker.io/lancachenet/lancache-dns";
    environment = {
      TZ = "Europe/Berlin";
      UPSTREAM_DNS = "192.168.178.1";
      USE_GENERIC_CACHE = "true";
      LANCACHE_IP = lancacheip;
    };
    #environmentFiles = [ config.sops.secrets."${name}/env".path ];
    ports = [
      "${lancacheip}:53:53/udp"
      "127.0.0.1:53:53/udp"
    ];
    volumes = [
      "/mnt/cache/lancache:/data/cache"
      "/var/log/lancache:/data/logs"
    ];
    extraOptions = cfg.podman.extraOptions;
  };

  #services.nginx.virtualHosts.${domain} = {
  #  forceSSL = true;
  #  enableACME = true;
  #  locations."/" = {
  #    proxyPass = "http://localhost:${port}";
  #    proxyWebsockets = true;
  #  };
  #  extraConfig = ''
  #    access_log  /var/log/nginx/${domain}_access.log;
  #    error_log   /var/log/nginx/${domain}_error.log;
  #  '';
  #};

}
# vim: set et ts=2 sw=2 ai:
added lancache 2025-11-10 14:35:06 +01:00			`{ config, lib, ... }:`
			`let`
			`cfg = import ./vars.nix;`
			`lancacheip = "192.168.178.53";`
			`#name = "XXX";`
			`#dbport = cfg.XXX.dbport;`
			`#db_host = cfg.podman.hostIP;`
			`#port = cfg.XXX.port;`
			`#domain = cfg.XXX.domain;`
			`in`
			`{`
			`#imports = [`
			`# #./podman.nix`
			`# #./podman-postgresql.nix # for the database`
			`# #./nginx.nix # for the webserver`
			`#];`

			`#sops.secrets."${name}/db" = {};`
			`#sops.secrets."${name}/env" = {};`

			`#services.podman-postgresql."${name}" = {`
			`# enable = true;`
			`# image = "docker.io/library/postgres:16-alpine";`
			`# port = (lib.strings.toInt dbport);`
			`# passwordFile = config.sops.secrets."${name}/db".path;`
			`#};`

			`networking.firewall.allowedUDPPorts = [ 53 ];`

			`virtualisation.oci-containers.containers.lancache = {`
			`image = "docker.io/lancachenet/monolithic";`
			`environment = {`
			`TZ = "Europe/Berlin";`
			`UPSTREAM_DNS = "192.168.178.1";`
			`};`
			`#environmentFiles = [ config.sops.secrets."${name}/env".path ];`
			`ports = [`
			`"${lancacheip}:80:80"`
			`"${lancacheip}:443:443"`
			`];`
			`volumes = [`
			`"/mnt/cache/lancache:/data/cache"`
			`"/var/log/lancache:/data/logs"`
			`];`
			`extraOptions = cfg.podman.extraOptions;`
			`autoStart = false;`
			`};`

			`virtualisation.oci-containers.containers.lancache-dns = {`
			`image = "docker.io/lancachenet/lancache-dns";`
			`environment = {`
			`TZ = "Europe/Berlin";`
			`UPSTREAM_DNS = "192.168.178.1";`
			`USE_GENERIC_CACHE = "true";`
			`LANCACHE_IP = lancacheip;`
			`};`
			`#environmentFiles = [ config.sops.secrets."${name}/env".path ];`
			`ports = [`
			`"${lancacheip}:53:53/udp"`
			`"127.0.0.1:53:53/udp"`
			`];`
			`volumes = [`
			`"/mnt/cache/lancache:/data/cache"`
			`"/var/log/lancache:/data/logs"`
			`];`
			`extraOptions = cfg.podman.extraOptions;`
			`};`

			`#services.nginx.virtualHosts.${domain} = {`
			`# forceSSL = true;`
			`# enableACME = true;`
			`# locations."/" = {`
			`# proxyPass = "http://localhost:${port}";`
			`# proxyWebsockets = true;`
			`# };`
			`# extraConfig = ''`
			`# access_log /var/log/nginx/${domain}_access.log;`
			`# error_log /var/log/nginx/${domain}_error.log;`
			`# '';`
			`#};`

			`}`
			`# vim: set et ts=2 sw=2 ai:`