home/nixos-servers
home/nixos-servers
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Build tooling around nix-snapshotter

Browse source
This commit is contained in:
Pim Kunis 2024-08-29 06:53:05 +02:00
parent e9899c0d0f
commit 04439a9ee5
6 changed files with 39 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
container-images.nix
View file

File diff suppressed because one or more lines are too long

32
flake-parts/scripts/default.nix
View file

@ -1,4 +1,4 @@
{ flake-utils, pkgs, ... }: flake-utils.lib.eachDefaultSystem (system: { myLib, flake-utils, pkgs, ... }: flake-utils.lib.eachDefaultSystem (system:
let let
createScript = { name, runtimeInputs, scriptPath, extraWrapperFlags ? "", ... }: createScript = { name, runtimeInputs, scriptPath, extraWrapperFlags ? "", ... }:
let let
@ -28,21 +28,9 @@ in
packages.prefetch-container-images = packages.prefetch-container-images =
let let
images = { imagesJSON = builtins.toFile "images.json" (builtins.toJSON myLib.globals.images);
cyberchef = {
name = "mpepping/cyberchef";
tag = "latest";
};
radicale = {
name = "tomsquest/docker-radicale";
tag = "3.2.2.0";
};
};
imagesJSON = builtins.toFile "images.json" (builtins.toJSON images);
in in
pkgs.writers.writePython3Bin "prefetch-container-images" pkgs.writers.writePython3Bin "prefetch-container-images.py"
{ } '' { } ''
import json import json
import subprocess import subprocess
@ -59,11 +47,13 @@ in
with open(images_file_name, 'r') as file: with open(images_file_name, 'r') as file:
data = json.load(file) data = json.load(file)
for image_name, image in data.items(): for image_name, image_ref in data.items():
name = image["name"] [name, tag] = image_ref.split(":", maxsplit=1)
tag = image["tag"] print(f"Prefetching image {image_ref}", file=sys.stderr)
print(f"Prefetching image {name}:{tag}", file=sys.stderr) digest = ""
if "@" in tag:
[tag, digest] = tag.split("@", maxsplit=1)
prefetch_args = [ prefetch_args = [
prefetch_docker_cmd, prefetch_docker_cmd,
@ -74,6 +64,10 @@ in
"--json", "--json",
"--quiet" "--quiet"
] ]
if digest:
prefetch_args.extend(["--image-digest", digest])
result = subprocess.run(prefetch_args, result = subprocess.run(prefetch_args,
check=True, check=True,
capture_output=True, capture_output=True,

4
kubenix-modules/paperless.nix
View file

@ -100,7 +100,7 @@
volumes.data.persistentVolumeClaim.claimName = "redisdata"; volumes.data.persistentVolumeClaim.claimName = "redisdata";
containers.redis = { containers.redis = {
image = myLib.globals.images.paperlessRedis; image = myLib.globals.images.redis7;
ports.redis.containerPort = 6379; ports.redis.containerPort = 6379;
imagePullPolicy = "IfNotPresent"; imagePullPolicy = "IfNotPresent";
@ -141,7 +141,7 @@
spec = { spec = {
containers.postgres = { containers.postgres = {
image = myLib.globals.images.paperlessPostgres; image = myLib.globals.images.postgres15;
ports.postgres.containerPort = 5432; ports.postgres.containerPort = 5432;
imagePullPolicy = "IfNotPresent"; imagePullPolicy = "IfNotPresent";

4
my-lib/default.nix
View file

@ -1,4 +1,6 @@
lib: { lib: rec {
net = import ./net.nix lib; net = import ./net.nix lib;
globals = import ./globals.nix; globals = import ./globals.nix;
imagePath = name: "nix:0${globals.imageDir}/${name}.tar";
} }

25
my-lib/globals.nix
View file

@ -26,6 +26,8 @@
immichIPv4 = "192.168.30.147"; immichIPv4 = "192.168.30.147";
nextcloudIPv4 = "192.168.30.148"; nextcloudIPv4 = "192.168.30.148";
imageDir = "/var/docker_images";
images = { images = {
jellyfin = "jellyfin/jellyfin:10.9.9"; jellyfin = "jellyfin/jellyfin:10.9.9";
deluge = "linuxserver/deluge:2.1.1"; deluge = "linuxserver/deluge:2.1.1";
@ -35,32 +37,29 @@
sonarr = "lscr.io/linuxserver/sonarr:4.0.8"; sonarr = "lscr.io/linuxserver/sonarr:4.0.8";
bazarr = "lscr.io/linuxserver/bazarr:1.4.3"; bazarr = "lscr.io/linuxserver/bazarr:1.4.3";
atuin = "ghcr.io/atuinsh/atuin:18.3.0"; atuin = "ghcr.io/atuinsh/atuin:18.3.0";
atuinPostgres = "postgres:14"; postgres14 = "postgres:14";
kms = "teddysun/kms"; kms = "teddysun/kms:latest";
paperless = "ghcr.io/paperless-ngx/paperless-ngx:2.11.6"; paperless = "ghcr.io/paperless-ngx/paperless-ngx:2.11.6";
paperlessRedis = "docker.io/library/redis:7"; redis7 = "docker.io/library/redis:7";
paperlessPostgres = "postgres:15";
nextcloud = "nextcloud:29.0.5"; nextcloud = "nextcloud:29.0.5";
nextcloudPostgres = "postgres:15"; postgres15 = "postgres:15";
inbucket = "inbucket/inbucket:edge"; inbucket = "inbucket/inbucket:edge";
syncthing = "lscr.io/linuxserver/syncthing:1.27.10"; syncthing = "lscr.io/linuxserver/syncthing:1.27.10";
radicale = "nix:0/var/docker_images/radicale.tar"; radicale = "tomsquest/docker-radicale:3.2.2.0";
ntfy = "binwiederhier/ntfy:v2.11.0"; ntfy = "binwiederhier/ntfy:v2.11.0";
forgejo = "codeberg.org/forgejo/forgejo:8.0.1"; forgejo = "codeberg.org/forgejo/forgejo:8.0.1";
pihole = "pihole/pihole:2024.07.0"; pihole = "pihole/pihole:2024.07.0";
immich = "ghcr.io/immich-app/immich-server:v1.112.1"; immich = "ghcr.io/immich-app/immich-server:v1.112.1";
immichML = "ghcr.io/immich-app/immich-machine-learning:v1.112.1"; immich-machine-learning = "ghcr.io/immich-app/immich-machine-learning:v1.112.1";
immichRedis = "docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e"; immich-redis = "docker.io/redis:6.2-alpine@sha256:e3b17ba9479deec4b7d1eeec1548a253acc5374d68d3b27937fcfe4df8d18c7e";
immichPostgres = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0"; immich-postgres = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0";
kitchenowl = "tombursch/kitchenowl:v0.5.2"; kitchenowl = "tombursch/kitchenowl:v0.5.2";
cyberchef = "nix:0/var/docker_images/cyberchef.tar"; cyberchef = "mpepping/cyberchef:latest";
freshrss = "freshrss/freshrss:1.24.2"; freshrss = "freshrss/freshrss:1.24.2";
bind9 = "ubuntu/bind9:9.18-22.04_beta"; bind9 = "ubuntu/bind9:9.18-22.04_beta";
dnsmasq = "dockurr/dnsmasq:2.90"; dnsmasq = "dockurr/dnsmasq:2.90";
attic = "git.kun.is/home/atticd:fd910d91c2143295e959d2c903e9ea25cf94ba27"; attic = "git.kun.is/home/atticd:fd910d91c2143295e959d2c903e9ea25cf94ba27";
atticPostgres = "postgres:15";
hedgedoc = "quay.io/hedgedoc/hedgedoc:1.9.9"; hedgedoc = "quay.io/hedgedoc/hedgedoc:1.9.9";
hedgedocPostgres = "postgres:15"; minecraft = "itzg/minecraft-server:latest";
minecraft = "itzg/minecraft-server";
}; };
} }

14
nixos-modules/k3s/default.nix
View file

@ -1,4 +1,4 @@
{ self, inputs, pkgs, lib, config, ... }: { self, myLib, inputs, pkgs, lib, config, ... }:
let let
cfg = config.lab.k3s; cfg = config.lab.k3s;
in in
@ -167,12 +167,11 @@ in
docker-images.text = docker-images.text =
let let
imageLinkDir = "/var/docker_images";
imageDefs = import "${self}/container-images.nix"; imageDefs = import "${self}/container-images.nix";
setupCommands = [ setupCommands = [
"rm -rf ${imageLinkDir}" "rm -rf ${myLib.globals.imageDir}"
"mkdir -p ${imageLinkDir}" "mkdir -p ${myLib.globals.imageDir}"
]; ];
getDockerImageConfig = dockerImage: getDockerImageConfig = dockerImage:
@ -196,12 +195,15 @@ in
fromImage = dockerImage; fromImage = dockerImage;
config = getDockerImageConfig dockerImage; config = getDockerImageConfig dockerImage;
}; };
imageLinkPath = "${imageLinkDir}/${name}.tar"; imageLinkPath = "${myLib.globals.imageDir}/${name}.tar";
in in
"ln -sf ${nixSnapshotterImage} ${imageLinkPath}"; "ln -sf ${nixSnapshotterImage} ${imageLinkPath}";
linkCommandList = lib.attrsets.mapAttrsToList imageDefToLinkCommand imageDefs; linkCommandList = lib.attrsets.mapAttrsToList imageDefToLinkCommand imageDefs;
commandList = setupCommands ++ linkCommandList; # TODO: Creating Docker images like this seems to *explode* in size.
# Doing this for every image we currently have is infeasible.
# I should investigate why the size increases like that.
commandList = setupCommands; # ++ linkCommandList;
in in
builtins.concatStringsSep "\n" commandList; builtins.concatStringsSep "\n" commandList;
}; };