feat(kitchenowl): add to container options

hosts/shan/configuration.nix

@@ -19,27 +19,36 @@
     efiInstallAsRemovable = true;
   };
 
-  modules.server.paperless = {
+  modules = {
-    enable = true;
+    container.kitchenowl = {
-    openPort = true;
+      enable = true;
-    settings = {
+      openFirewall = true;
-      PAPERLESS_URL = "https://paperless.ccnlc.eu";
     };
-  };
 
-  modules.server.navidrome = {
+    server = {
-    enable = true;
+      paperless = {
-    library = {
+        enable = true;
-      path = "/mnt/music";
+        openPort = true;
-      type = "nfs";
+        settings = {
-      source = {
+          PAPERLESS_URL = "https://paperless.ccnlc.eu";
-        ip = "192.168.178.21";
+        };
-        path = "/mnt/Fort/data/music";
+      };
+
+      navidrome = {
+        enable = true;
+        library = {
+          path = "/mnt/music";
+          type = "nfs";
+          source = {
+            ip = "192.168.178.21";
+            path = "/mnt/Fort/data/music";
+          };
+        };
+        settings = {
+          Address = "0.0.0.0";
+          Port = 4533;
+        };
       };
-    };
-    settings = {
-      Address = "0.0.0.0";
-      Port = 4533;
     };
   };
 

options/container/default.nix

@@ -4,6 +4,8 @@ let
   inherit (lib) mkIf mkEnableOption;
 in
 {
+  imports = [ ./kitchenowl ];
+
   options.modules.container = {
     enable = mkEnableOption "container support";
   };

options/container/kitchenowl/default.nix

@@ -0,0 +1,138 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+let
+  inherit (lib) mkIf mkOption mkEnableOption;
+  inherit (lib.types) port bool;
+  cfg = config.modules.container.kitchenowl;
+in
+{
+  options.modules.container.kitchenowl = {
+    enable = mkEnableOption "Whether to enable the kitchenowl container";
+    port = mkOption {
+      type = port;
+      default = 82;
+    };
+    openFirewall = mkOption {
+      type = bool;
+      default = false;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    modules.container.enable = true;
+
+    networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
+
+    # Containers
+    virtualisation.oci-containers.containers."kitchenowl-back" = {
+      image = "tombursch/kitchenowl:latest";
+      environment = {
+        "JWT_SECRET_KEY" = "PLEASE_CHANGE_ME";
+      };
+      volumes = [
+        "kitchenowl_kitchenowl_data:/data:rw"
+      ];
+      log-driver = "journald";
+      extraOptions = [
+        "--network-alias=back"
+        "--network=kitchenowl_default"
+      ];
+    };
+    virtualisation.oci-containers.containers."kitchenowl-front" = {
+      image = "tombursch/kitchenowl-web:latest";
+      ports = [
+        "${toString cfg.port}:80/tcp"
+      ];
+      dependsOn = [
+        "kitchenowl-back"
+      ];
+      log-driver = "journald";
+      extraOptions = [
+        "--hostname=kitchenowl"
+        "--network-alias=front"
+        "--network=kitchenowl_default"
+      ];
+    };
+
+    systemd.services."podman-kitchenowl-back" = {
+      serviceConfig = {
+        Restart = lib.mkOverride 500 "always";
+      };
+      after = [
+        "podman-network-kitchenowl_default.service"
+        "podman-volume-kitchenowl_kitchenowl_data.service"
+      ];
+      requires = [
+        "podman-network-kitchenowl_default.service"
+        "podman-volume-kitchenowl_kitchenowl_data.service"
+      ];
+      partOf = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+      wantedBy = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+    };
+
+    systemd.services."podman-kitchenowl-front" = {
+      serviceConfig = {
+        Restart = lib.mkOverride 500 "always";
+      };
+      after = [
+        "podman-network-kitchenowl_default.service"
+      ];
+      requires = [
+        "podman-network-kitchenowl_default.service"
+      ];
+      partOf = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+      wantedBy = [
+        "podman-compose-kitchenowl-root.target"
+      ];
+    };
+
+    # Networks
+    systemd.services."podman-network-kitchenowl_default" = {
+      path = [ pkgs.podman ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+        ExecStop = "podman network rm -f kitchenowl_default";
+      };
+      script = ''
+        podman network inspect kitchenowl_default || podman network create kitchenowl_default
+      '';
+      partOf = [ "podman-compose-kitchenowl-root.target" ];
+      wantedBy = [ "podman-compose-kitchenowl-root.target" ];
+    };
+
+    # Volumes
+    systemd.services."podman-volume-kitchenowl_kitchenowl_data" = {
+      path = [ pkgs.podman ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      script = ''
+        podman volume inspect kitchenowl_kitchenowl_data || podman volume create kitchenowl_kitchenowl_data
+      '';
+      partOf = [ "podman-compose-kitchenowl-root.target" ];
+      wantedBy = [ "podman-compose-kitchenowl-root.target" ];
+    };
+
+    # Root service
+    # When started, this will automatically create all resources and start
+    # the containers. When stopped, this will teardown all resources.
+    systemd.targets."podman-compose-kitchenowl-root" = {
+      unitConfig = {
+        Description = "Root target generated by compose2nix.";
+      };
+      wantedBy = [ "multi-user.target" ];
+    };
+  };
+}