JakeHillion/nixos
1
0
Fork 0
Code Issues 9 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

oci-containers: move version pinning to JSON file
All checks were successful
flake / flake (push) Successful in 2m2s
Details

Browse Source 
Container version pinning is currently ad-hoc and spread through various `.nix`
files. Centralise the versions as they should be updated regularly and this
keeps track better. Move it to a `.json` file instead of `.nix` as the fixed
structure will make it easier to manage in future with Renovate.

Test Plan:
```
$ nix eval '.#nixosConfigurations."phoenix.st.ts.hillion.co.uk".config.virtualisation.oci-containers.containers.chia.image'
"ghcr.io/chia-network/chia:2.4.3"
$ nix eval '.#nixosConfigurations."sodium.pop.ts.hillion.co.uk".config.virtualisation.oci-containers.containers.isponsorblocktv.image'
"ghcr.io/dmunozv04/isponsorblocktv:v2.2.1"
```
This commit is contained in:
Jake Hillion 2024-11-23 15:01:59 +00:00
parent a5a4af2d02
commit 123d0323bd
5 changed files with 44 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
modules/chia.nix
View File

@ -45,22 +45,27 @@ in
uid = config.ids.uids.chia;
};
virtualisation.oci-containers.containers.chia = {
image = "ghcr.io/chia-network/chia:2.4.3";
ports = [ "8444" ];
extraOptions = [
"--uidmap=0:${toString config.users.users.chia.uid}:1"
"--gidmap=0:${toString config.users.groups.chia.gid}:1"
];
volumes = [
"${cfg.keyFile}:/run/keyfile"
"${cfg.path}/.chia:/root/.chia"
] ++ lib.lists.imap0 (i: v: "${v}:/plots${toString i}") cfg.plotDirectories;
environment = {
keys = "/run/keyfile";
plots_dir = lib.strings.concatImapStringsSep ":" (i: v: "/plots${toString i}") cfg.plotDirectories;
virtualisation.oci-containers.containers.chia =
let
imageName = "ghcr.io/chia-network/chia";
ver = config.custom.oci-containers.versions."${imageName}";
in
{
image = "${imageName}:${ver}";
ports = [ "8444" ];
extraOptions = [
"--uidmap=0:${toString config.users.users.chia.uid}:1"
"--gidmap=0:${toString config.users.groups.chia.gid}:1"
];
volumes = [
"${cfg.keyFile}:/run/keyfile"
"${cfg.path}/.chia:/root/.chia"
] ++ lib.lists.imap0 (i: v: "${v}:/plots${toString i}") cfg.plotDirectories;
environment = {
keys = "/run/keyfile";
plots_dir = lib.strings.concatImapStringsSep ":" (i: v: "/plots${toString i}") cfg.plotDirectories;
};
};
};
systemd.tmpfiles.rules = [
"d ${cfg.path} 0700 chia chia - -"

1
modules/default.nix
View File

@ -13,6 +13,7 @@
./ids.nix
./impermanence.nix
./locations.nix
./oci-containers/default.nix
./prometheus/default.nix
./resilio.nix
./sched_ext.nix

14
modules/oci-containers/default.nix Normal file
View File

@ -0,0 +1,14 @@
{ config, pkgs, lib, ... }:
{
options.custom.oci-containers = {
versions = lib.mkOption {
description = "oci container versions";
readOnly = true;
};
};
config = {
custom.oci-containers.versions = builtins.fromJSON (builtins.readFile ./versions.json);
};
}

4
modules/oci-containers/versions.json Normal file
View File

@ -0,0 +1,4 @@
{
"ghcr.io/dmunozv04/isponsorblocktv": "v2.2.1",
"ghcr.io/chia-network/chia": "2.4.3"
}

8
modules/services/isponsorblocktv.nix
View File

@ -2,7 +2,9 @@
let
cfg = config.custom.services.isponsorblocktv;
ver = "v2.2.1";
imageName = "ghcr.io/dmunozv04/isponsorblocktv";
ver = config.custom.oci-containers.versions."${imageName}";
ctl = pkgs.writeScriptBin "isponsorblocktv-config" ''
#! ${pkgs.runtimeShell}
@ -15,7 +17,7 @@ let
--uidmap=0:${toString config.users.users.isponsorblocktv.uid}:1 \
--gidmap=0:${toString config.users.groups.isponsorblocktv.gid}:1 \
-v ${cfg.dataDir}:/app/data \
ghcr.io/dmunozv04/isponsorblocktv:${ver} \
${imageName}:${ver} \
--setup-cli
sudo systemctl start podman-isponsorblocktv
@ -46,7 +48,7 @@ in
};
virtualisation.oci-containers.containers.isponsorblocktv = {
image = "ghcr.io/dmunozv04/isponsorblocktv:${ver}";
image = "${imageName}:${ver}";
extraOptions = [
"--uidmap=0:${toString config.users.users.isponsorblocktv.uid}:1"
"--gidmap=0:${toString config.users.groups.isponsorblocktv.gid}:1"