From 663e5cb739a6df569eb9ec6ea97cefe1c76be48c Mon Sep 17 00:00:00 2001 From: coolneng Date: Tue, 20 Dec 2022 14:03:09 +0100 Subject: [PATCH] Use ZFS storage driver for containers --- modules/hardware-configuration.nix | 143 ++++++++++++++--------------- modules/information.nix | 30 +++++- 2 files changed, 96 insertions(+), 77 deletions(-) diff --git a/modules/hardware-configuration.nix b/modules/hardware-configuration.nix index a56d17e..4132176 100644 --- a/modules/hardware-configuration.nix +++ b/modules/hardware-configuration.nix @@ -23,82 +23,11 @@ fsType = "vfat"; }; - fileSystems."/var/lib/containers/storage/overlay" = - { device = "/var/lib/containers/storage/overlay"; - fsType = "none"; - options = [ "bind" ]; - }; - - fileSystems."/var/lib/containers/storage/overlay-containers/dba1864ff1473b3ba5fddd103f9cfff67334fbcc5c99c42b619e8a6d88776061/userdata/shm" = - { device = "shm"; - fsType = "tmpfs"; - }; - - fileSystems."/var/lib/containers/storage/overlay/1990fed1fbfbe8dc75ded251c84e8d82700fef0f01e8ead81916cadc5ec2cac1/merged" = - { device = "overlay"; - fsType = "overlay"; - }; - fileSystems."/vault" = { device = "vault"; fsType = "zfs"; }; - fileSystems."/vault/radicale" = - { device = "vault/radicale"; - fsType = "zfs"; - }; - - fileSystems."/vault/syncthing" = - { device = "vault/syncthing"; - fsType = "zfs"; - }; - - fileSystems."/vault/backups" = - { device = "vault/backups"; - fsType = "zfs"; - }; - - fileSystems."/vault/git" = - { device = "vault/git"; - fsType = "zfs"; - }; - - fileSystems."/vault/nextcloud" = - { device = "vault/nextcloud"; - fsType = "zfs"; - }; - - fileSystems."/vault/backups/monolith" = - { device = "vault/backups/monolith"; - fsType = "zfs"; - }; - - fileSystems."/vault/backups/zion" = - { device = "vault/backups/zion"; - fsType = "zfs"; - }; - - fileSystems."/vault/backups/zion/databases" = - { device = "vault/backups/zion/databases"; - fsType = "zfs"; - }; - - fileSystems."/var/lib/wallabag" = - { device = "vault/state_directories/wallabag"; - fsType = "zfs"; - }; - - fileSystems."/var/lib/gitea" = - { device = "vault/state_directories/gitea"; - fsType = "zfs"; - }; - - fileSystems."/var/lib/signald" = - { device = "vault/state_directories/signald"; - fsType = "zfs"; - }; - fileSystems."/var/lib/matrix-as-signal" = { device = "vault/state_directories/matrix-as-signal"; fsType = "zfs"; @@ -109,11 +38,81 @@ fsType = "zfs"; }; + fileSystems."/var/lib/gitea" = + { device = "vault/state_directories/gitea"; + fsType = "zfs"; + }; + fileSystems."/var/lib/matrix-as-telegram" = { device = "vault/state_directories/matrix-as-telegram"; fsType = "zfs"; }; + fileSystems."/var/lib/signald" = + { device = "vault/state_directories/signald"; + fsType = "zfs"; + }; + + fileSystems."/var/lib/wallabag" = + { device = "vault/state_directories/wallabag"; + fsType = "zfs"; + }; + + fileSystems."/vault/git" = + { device = "vault/git"; + fsType = "zfs"; + }; + + fileSystems."/vault/nextcloud" = + { device = "vault/nextcloud"; + fsType = "zfs"; + }; + + fileSystems."/vault/backups" = + { device = "vault/backups"; + fsType = "zfs"; + }; + + fileSystems."/vault/radicale" = + { device = "vault/radicale"; + fsType = "zfs"; + }; + + fileSystems."/vault/backups/zion" = + { device = "vault/backups/zion"; + fsType = "zfs"; + }; + + fileSystems."/vault/backups/monolith" = + { device = "vault/backups/monolith"; + fsType = "zfs"; + }; + + fileSystems."/vault/backups/zion/databases" = + { device = "vault/backups/zion/databases"; + fsType = "zfs"; + }; + + fileSystems."/vault/syncthing" = + { device = "vault/syncthing"; + fsType = "zfs"; + }; + + fileSystems."/var/lib/containers" = + { device = "vault/containers"; + fsType = "zfs"; + }; + + fileSystems."/var/lib/containers/storage/zfs-containers/1996d0540bceeb3dea027b3e5ef9e6cd94ea527ce657bf6461286d7b4afa637f/userdata/shm" = + { device = "shm"; + fsType = "tmpfs"; + }; + + fileSystems."/var/lib/containers/storage/zfs/graph/0dc5c84e61d9dccc2f00f9ab164cd1df2ee6e6bf642b99e7d25638ee5e4fe994" = + { device = "vault/containers/0dc5c84e61d9dccc2f00f9ab164cd1df2ee6e6bf642b99e7d25638ee5e4fe994"; + fsType = "zfs"; + }; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking @@ -123,7 +122,7 @@ networking.useDHCP = lib.mkDefault true; # networking.interfaces.cni-podman0.useDHCP = lib.mkDefault true; # networking.interfaces.eth0.useDHCP = lib.mkDefault true; - # networking.interfaces.veth65ee03c8.useDHCP = lib.mkDefault true; + # networking.interfaces.vethefb4a13e.useDHCP = lib.mkDefault true; # networking.interfaces.wg0.useDHCP = lib.mkDefault true; # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; diff --git a/modules/information.nix b/modules/information.nix index 68c454b..7b9f8bb 100644 --- a/modules/information.nix +++ b/modules/information.nix @@ -31,11 +31,31 @@ # Set environment variable pointing to wallabag configuration directory environment.variables.WALLABAG_DATA = "/var/lib/wallabag"; - # Openbooks configuration - virtualisation.oci-containers.containers = { - openbooks = { - image = "evanbuss/openbooks:latest"; - ports = [ "127.0.0.1:9000:80" ]; + # Podman setup with ZFS + virtualisation = { + containers.enable = true; + containers.storage.settings.storage = { + driver = "zfs"; + graphroot = "/var/lib/containers/storage"; + runroot = "/run/containers/storage"; + }; + + podman = { + enable = true; + dockerCompat = true; + extraPackages = with pkgs; [ zfs ]; + }; + + # Openbooks configuration + oci-containers = { + backend = "podman"; + containers = { + openbooks = { + image = "evanbuss/openbooks:latest"; + ports = [ "127.0.0.1:9000:80" ]; + }; + }; }; }; + }