{ config, lib, pkgs, ... }: { # Podman setup virtualisation = { containers.enable = true; podman = { enable = true; dockerCompat = true; extraPackages = with pkgs; [ zfs ]; }; oci-containers = { backend = "podman"; containers = { # Openbooks configuration openbooks = { image = "evanbuss/openbooks@sha256:16609c3da954715f8f98b5de6c838146914ae700b2a700b4d9aad8b23c9217da"; ports = [ "127.0.0.1:9000:80" ]; cmd = [ "--name" "bradar" "--searchbot" "searchook" "--persist" "--tls" "false" ]; }; # Prometheus MQTT integration mqtt2prometheus = { image = "hikhvar/mqtt2prometheus@sha256:ad133b8cef2d82c5573864598b1c8361753adc7e4ac53da28bc9b6afdf05aeaf"; ports = [ "127.0.0.1:9641:9641" ]; volumes = [ "/vault/mqtt2prometheus/config.yaml:/config.yaml" ]; }; # CGM repository nightscout = { image = "nightscout/cgm-remote-monitor@sha256:ce522a9fe9b1373f576329e48349a622c8a9b6177c93dc2771152df36dd90876"; environmentFiles = [ config.age.secrets.nightscout.path ]; extraOptions = [ "--pod=cgm-repo" ]; dependsOn = [ "mongodb" ]; }; # CGM repository database mongodb = { image = "mongo:4.4.9@sha256:0837a92d01bcc8c750a8d692ed4df33f0befd07ef261b23e7d9feda04bacd3eb"; volumes = [ "/vault/mongodb:/data/db" ]; extraOptions = [ "--pod=cgm-repo" ]; }; }; }; }; # Allow networking between Cgm-Repo and MongoDB systemd.services.create-cgm-repo-pod = { serviceConfig.Type = "oneshot"; wantedBy = [ "podman-mongodb.service" ]; script = with pkgs; '' ${podman}/bin/podman pod exists cgm-repo || ${podman}/bin/podman pod create -n cgm-repo -p '127.0.0.1:1337:1337' ''; }; # Start services after ZFS mount systemd.services.podman-mongodb.unitConfig.RequiresMountsFor = [ /vault/mongodb ]; systemd.services.podman-mqtt2prometheus.unitConfig.RequiresMountsFor = [ /vault/mqtt2prometheus ]; systemd.services.podman-mqtt2prometheus.unitConfig.RequiresMountsFor = [ /vault/mqtt2prometheus ]; }