arion: Switch to podman

2023-03-16 20:16:06 +01:00 · 2023-03-16 20:16:06 +01:00 · a0a6f45a3a
commit a0a6f45a3a
parent 57a8a2bab7
1 changed files with 32 additions and 24 deletions
--- a/system/nixos/arion.nix
+++ b/system/nixos/arion.nix
@ -3,43 +3,51 @@
 {
  environment.systemPackages = [
    pkgs.arion
+    pkgs.docker-client
  ];

  virtualisation = {
-    docker = {
+    docker.enable = false;
+    # docker = {
+    #   enable = true;
+    #   autoPrune = {
+    #     enable = true;
+    #     flags = [ "--all" ];
+    #   };
+    # };
+
+    podman = {
      enable = true;
-      autoPrune = {
-        enable = true;
-        flags = [ "--all" ];
-      };
+      dockerSocket.enable = true;
+      defaultNetwork.dnsname.enable = true;
    };

    oci-containers = {
      backend = "docker";

-      containers.watchtower = {
-        image = "containrrr/watchtower";
-        environment = {
-          WATCHTOWER_POLL_INTERVAL = "21600";
-          WATCHTOWER_LABEL_ENABLE = "true";
-          WATCHTOWER_NOTIFICATIONS = "shoutrrr";
-          WATCHTOWER_NOTIFICATIONS_HOSTNAME = config.networking.hostName;
-          WATCHTOWER_NOTIFICATION_URL = secret.watchtower.ntfyUrl;
-        };
-        volumes = [
-          "/var/run/docker.sock:/var/run/docker.sock"
-          "/root/.docker/config.json:/config.json:ro"
-        ];
-        extraOptions = [
-          "--label=com.centurylinklabs.watchtower.enable=true"
-        ];
-      };
+      # containers.watchtower = {
+      #   image = "containrrr/watchtower";
+      #   environment = {
+      #     WATCHTOWER_POLL_INTERVAL = "21600";
+      #     WATCHTOWER_LABEL_ENABLE = "true";
+      #     WATCHTOWER_NOTIFICATIONS = "shoutrrr";
+      #     WATCHTOWER_NOTIFICATIONS_HOSTNAME = config.networking.hostName;
+      #     WATCHTOWER_NOTIFICATION_URL = secret.watchtower.ntfyUrl;
+      #   };
+      #   volumes = [
+      #     "/var/run/docker.sock:/var/run/docker.sock"
+      #     "/root/.docker/config.json:/config.json:ro"
+      #   ];
+      #   extraOptions = [
+      #     "--label=com.centurylinklabs.watchtower.enable=true"
+      #   ];
+      # };
    };

    arion = {
-      backend = "docker";
+      backend = "podman";
    };
  };

-  networking.firewall.interfaces."docker0".allowedTCPPorts = [ 443 ];
+  # networking.firewall.interfaces."docker0".allowedTCPPorts = [ 443 ];
 }