{ config, lib, ... }: let cfg = import ./vars.nix; lancacheip = "192.168.178.53"; #name = "XXX"; #dbport = cfg.XXX.dbport; #db_host = cfg.podman.hostIP; #port = cfg.XXX.port; #domain = cfg.XXX.domain; in { #imports = [ # #./podman.nix # #./podman-postgresql.nix # for the database # #./nginx.nix # for the webserver #]; #sops.secrets."${name}/db" = {}; #sops.secrets."${name}/env" = {}; #services.podman-postgresql."${name}" = { # enable = true; # image = "docker.io/library/postgres:16-alpine"; # port = (lib.strings.toInt dbport); # passwordFile = config.sops.secrets."${name}/db".path; #}; networking.firewall.allowedUDPPorts = [ 53 ]; virtualisation.oci-containers.containers.lancache = { image = "docker.io/lancachenet/monolithic"; environment = { TZ = "Europe/Berlin"; UPSTREAM_DNS = "192.168.178.1"; }; #environmentFiles = [ config.sops.secrets."${name}/env".path ]; ports = [ "${lancacheip}:80:80" "${lancacheip}:443:443" ]; volumes = [ "/mnt/cache/lancache:/data/cache" "/var/log/lancache:/data/logs" ]; extraOptions = cfg.podman.extraOptions; autoStart = false; }; virtualisation.oci-containers.containers.lancache-dns = { image = "docker.io/lancachenet/lancache-dns"; environment = { TZ = "Europe/Berlin"; UPSTREAM_DNS = "192.168.178.1"; USE_GENERIC_CACHE = "true"; LANCACHE_IP = lancacheip; }; #environmentFiles = [ config.sops.secrets."${name}/env".path ]; ports = [ "${lancacheip}:53:53/udp" "127.0.0.1:53:53/udp" ]; volumes = [ "/mnt/cache/lancache:/data/cache" "/var/log/lancache:/data/logs" ]; extraOptions = cfg.podman.extraOptions; }; #services.nginx.virtualHosts.${domain} = { # forceSSL = true; # enableACME = true; # locations."/" = { # proxyPass = "http://localhost:${port}"; # proxyWebsockets = true; # }; # extraConfig = '' # access_log /var/log/nginx/${domain}_access.log; # error_log /var/log/nginx/${domain}_error.log; # ''; #}; } # vim: set et ts=2 sw=2 ai: