daniel/dotfiles
1
0
Fork 0
Code Activity Actions

webserver: Remove ipv6nat

Browse source
This commit is contained in:
Daniel Kempkens 2022-11-27 17:51:03 +01:00
parent 0fbb7ea273
commit e48f2e4661
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
1 changed files with 1 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
container/webserver/default.nix
View file

@ -5,33 +5,11 @@ in
{ {
virtualisation.arion.projects.webserver.settings = { virtualisation.arion.projects.webserver.settings = {
services = { services = {
ipv6nat = {
service = {
image = "robbertkl/ipv6nat:latest";
container_name = "ipv6nat";
restart = "unless-stopped";
capabilities = {
ALL = false;
NET_ADMIN = true;
NET_RAW = true;
};
network_mode = "host";
volumes = [
"/var/run/docker.sock:/var/run/docker.sock:ro"
];
labels = {
"com.centurylinklabs.watchtower.enable" = "true";
};
};
};
mosquitto = { mosquitto = {
service = { service = {
image = "eclipse-mosquitto:2"; image = "eclipse-mosquitto:2";
container_name = "mosquitto"; container_name = "mosquitto";
restart = "unless-stopped"; restart = "unless-stopped";
depends_on = [ "ipv6nat" ];
networks = [ "webserver" ];
ports = [ "1883:1883" ]; ports = [ "1883:1883" ];
user = "nobody"; user = "nobody";
volumes = [ volumes = [
@ -48,7 +26,6 @@ in
image = "cloudflare/cloudflared:latest"; image = "cloudflare/cloudflared:latest";
container_name = "cloudflared"; container_name = "cloudflared";
restart = "unless-stopped"; restart = "unless-stopped";
networks = [ "webserver" ];
command = [ "tunnel" "--no-autoupdate" "run" "--token" secret.container.webserver.cloudflared.config.token ]; command = [ "tunnel" "--no-autoupdate" "run" "--token" secret.container.webserver.cloudflared.config.token ];
labels = { labels = {
"com.centurylinklabs.watchtower.enable" = "true"; "com.centurylinklabs.watchtower.enable" = "true";
@ -61,8 +38,6 @@ in
image = "ghcr.io/nifoc/nifoc.pw-docs:master"; image = "ghcr.io/nifoc/nifoc.pw-docs:master";
container_name = "nifoc-pw-docs"; container_name = "nifoc-pw-docs";
restart = "unless-stopped"; restart = "unless-stopped";
depends_on = [ "ipv6nat" ];
networks = [ "webserver" ];
labels = { labels = {
"com.centurylinklabs.watchtower.enable" = "true"; "com.centurylinklabs.watchtower.enable" = "true";
}; };
@ -74,11 +49,7 @@ in
image = "ghcr.io/nifoc/weewx-docker:master"; image = "ghcr.io/nifoc/weewx-docker:master";
container_name = "weewx"; container_name = "weewx";
restart = "unless-stopped"; restart = "unless-stopped";
depends_on = [ depends_on = [ "mosquitto" ];
"ipv6nat"
"mosquitto"
];
networks = [ "webserver" ];
environment = { environment = {
"TZ" = "Europe/Berlin"; "TZ" = "Europe/Berlin";
}; };
@ -185,18 +156,5 @@ in
# }; # };
# }; # };
}; };
networks.webserver = {
driver = "bridge";
enable_ipv6 = true;
ipam = {
driver = "default";
config = [
{
subnet = "fd00:dead:beef::/48";
}
];
};
};
}; };
} // custom-config } // custom-config