From de8bd2cf4dbe206a9c2a58a3c9af67f91d0b3cc5 Mon Sep 17 00:00:00 2001
From: Nydragon <contact@ccnlc.eu>
Date: Wed, 2 Oct 2024 03:08:27 +0200
Subject: [PATCH] feat(kitchenowl): add to container options

---
 hosts/shan/configuration.nix             |  45 +++++---
 options/container/default.nix            |   2 +
 options/container/kitchenowl/default.nix | 138 +++++++++++++++++++++++
 3 files changed, 167 insertions(+), 18 deletions(-)
 create mode 100644 options/container/kitchenowl/default.nix

diff --git a/hosts/shan/configuration.nix b/hosts/shan/configuration.nix
index c7c56c4..60946a3 100644
--- a/hosts/shan/configuration.nix
+++ b/hosts/shan/configuration.nix
@@ -19,27 +19,36 @@
     efiInstallAsRemovable = true;
   };
 
-  modules.server.paperless = {
-    enable = true;
-    openPort = true;
-    settings = {
-      PAPERLESS_URL = "https://paperless.ccnlc.eu";
+  modules = {
+    container.kitchenowl = {
+      enable = true;
+      openFirewall = true;
     };
-  };
 
-  modules.server.navidrome = {
-    enable = true;
-    library = {
-      path = "/mnt/music";
-      type = "nfs";
-      source = {
-        ip = "192.168.178.21";
-        path = "/mnt/Fort/data/music";
+    server = {
+      paperless = {
+        enable = true;
+        openPort = true;
+        settings = {
+          PAPERLESS_URL = "https://paperless.ccnlc.eu";
+        };
+      };
+
+      navidrome = {
+        enable = true;
+        library = {
+          path = "/mnt/music";
+          type = "nfs";
+          source = {
+            ip = "192.168.178.21";
+            path = "/mnt/Fort/data/music";
+          };
+        };
+        settings = {
+          Address = "0.0.0.0";
+          Port = 4533;
+        };
       };
-    };
-    settings = {
-      Address = "0.0.0.0";
-      Port = 4533;
     };
   };
 
diff --git a/options/container/default.nix b/options/container/default.nix
index a08a6ab..97a1c8d 100644
--- a/options/container/default.nix
+++ b/options/container/default.nix
@@ -4,6 +4,8 @@ let
   inherit (lib) mkIf mkEnableOption;
 in
 {
+  imports = [ ./kitchenowl ];
+
   options.modules.container = {
     enable = mkEnableOption "container support";
   };
diff --git a/options/container/kitchenowl/default.nix b/options/container/kitchenowl/default.nix
new file mode 100644
index 0000000..afcc04b
--- /dev/null
+++ b/options/container/kitchenowl/default.nix
@@ -0,0 +1,138 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+let
+  inherit (lib) mkIf mkOption mkEnableOption;
+  inherit (lib.types) port bool;
+  cfg = config.modules.container.kitchenowl;
+in
+{
+  options.modules.container.kitchenowl = {
+    enable = mkEnableOption "Whether to enable the kitchenowl container";
+    port = mkOption {
+      type = port;
+      default = 82;
+    };
+    openFirewall = mkOption {
+      type = bool;
+      default = false;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    modules.container.enable = true;
+
+    networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
+
+    # Containers
+    virtualisation.oci-containers.containers."kitchenowl-back" = {
+      image = "tombursch/kitchenowl:latest";
+      environment = {
+        "JWT_SECRET_KEY" = "PLEASE_CHANGE_ME";
+      };
+      volumes = [
+        "kitchenowl_kitchenowl_data:/data:rw"
+      ];
+      log-driver = "journald";
+      extraOptions = [
+        "--network-alias=back"
+        "--network=kitchenowl_default"
+      ];
+    };
+    virtualisation.oci-containers.containers."kitchenowl-front" = {
+      image = "tombursch/kitchenowl-web:latest";
+      ports = [
+        "${toString cfg.port}:80/tcp"
+      ];
+      dependsOn = [
+        "kitchenowl-back"
+      ];
+      log-driver = "journald";
+      extraOptions = [
+        "--hostname=kitchenowl"
+        "--network-alias=front"
+        "--network=kitchenowl_default"
+      ];
+    };
+
+    systemd.services."podman-kitchenowl-back" = {
+      serviceConfig = {
+        Restart = lib.mkOverride 500 "always";
+      };
+      after = [
+        "podman-network-kitchenowl_default.service"
+        "podman-volume-kitchenowl_kitchenowl_data.service"
+      ];
+      requires = [
+        "podman-network-kitchenowl_default.service"
+        "podman-volume-kitchenowl_kitchenowl_data.service"
+      ];
+      partOf = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+      wantedBy = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+    };
+
+    systemd.services."podman-kitchenowl-front" = {
+      serviceConfig = {
+        Restart = lib.mkOverride 500 "always";
+      };
+      after = [
+        "podman-network-kitchenowl_default.service"
+      ];
+      requires = [
+        "podman-network-kitchenowl_default.service"
+      ];
+      partOf = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+      wantedBy = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+    };
+
+    # Networks
+    systemd.services."podman-network-kitchenowl_default" = {
+      path = [ pkgs.podman ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+        ExecStop = "podman network rm -f kitchenowl_default";
+      };
+      script = ''
+        podman network inspect kitchenowl_default || podman network create kitchenowl_default
+      '';
+      partOf = [ "podman-compose-kitchenowl-root.target" ];
+      wantedBy = [ "podman-compose-kitchenowl-root.target" ];
+    };
+
+    # Volumes
+    systemd.services."podman-volume-kitchenowl_kitchenowl_data" = {
+      path = [ pkgs.podman ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      script = ''
+        podman volume inspect kitchenowl_kitchenowl_data || podman volume create kitchenowl_kitchenowl_data
+      '';
+      partOf = [ "podman-compose-kitchenowl-root.target" ];
+      wantedBy = [ "podman-compose-kitchenowl-root.target" ];
+    };
+
+    # Root service
+    # When started, this will automatically create all resources and start
+    # the containers. When stopped, this will teardown all resources.
+    systemd.targets."podman-compose-kitchenowl-root" = {
+      unitConfig = {
+        Description = "Root target generated by compose2nix.";
+      };
+      wantedBy = [ "multi-user.target" ];
+    };
+  };
+}