1
0
Fork 0

arion: Switch to podman

This commit is contained in:
Daniel Kempkens 2023-03-16 20:16:06 +01:00
parent 57a8a2bab7
commit a0a6f45a3a
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM

View file

@ -3,43 +3,51 @@
{
environment.systemPackages = [
pkgs.arion
pkgs.docker-client
];
virtualisation = {
docker = {
docker.enable = false;
# docker = {
# enable = true;
# autoPrune = {
# enable = true;
# flags = [ "--all" ];
# };
# };
podman = {
enable = true;
autoPrune = {
enable = true;
flags = [ "--all" ];
};
dockerSocket.enable = true;
defaultNetwork.dnsname.enable = true;
};
oci-containers = {
backend = "docker";
containers.watchtower = {
image = "containrrr/watchtower";
environment = {
WATCHTOWER_POLL_INTERVAL = "21600";
WATCHTOWER_LABEL_ENABLE = "true";
WATCHTOWER_NOTIFICATIONS = "shoutrrr";
WATCHTOWER_NOTIFICATIONS_HOSTNAME = config.networking.hostName;
WATCHTOWER_NOTIFICATION_URL = secret.watchtower.ntfyUrl;
};
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"/root/.docker/config.json:/config.json:ro"
];
extraOptions = [
"--label=com.centurylinklabs.watchtower.enable=true"
];
};
# containers.watchtower = {
# image = "containrrr/watchtower";
# environment = {
# WATCHTOWER_POLL_INTERVAL = "21600";
# WATCHTOWER_LABEL_ENABLE = "true";
# WATCHTOWER_NOTIFICATIONS = "shoutrrr";
# WATCHTOWER_NOTIFICATIONS_HOSTNAME = config.networking.hostName;
# WATCHTOWER_NOTIFICATION_URL = secret.watchtower.ntfyUrl;
# };
# volumes = [
# "/var/run/docker.sock:/var/run/docker.sock"
# "/root/.docker/config.json:/config.json:ro"
# ];
# extraOptions = [
# "--label=com.centurylinklabs.watchtower.enable=true"
# ];
# };
};
arion = {
backend = "docker";
backend = "podman";
};
};
networking.firewall.interfaces."docker0".allowedTCPPorts = [ 443 ];
# networking.firewall.interfaces."docker0".allowedTCPPorts = [ 443 ];
}