53 lines
1.6 KiB
Nix
53 lines
1.6 KiB
Nix
{ config, lib, ... }: {
|
|
|
|
options.sysconfig.docker.portainer.enable = with lib; mkOption {
|
|
type = with types; bool;
|
|
default = true;
|
|
};
|
|
|
|
config = lib.mkIf (config.sysconfig.docker.portainer.enable && config.sysconfig.docker.enable) {
|
|
|
|
networking.firewall.interfaces = {
|
|
"ve-traefik" = {
|
|
allowedTCPPorts = [ 9000 ];
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.portainer = {
|
|
image = "portainer/portainer-ce:latest";
|
|
|
|
# unstable, waiting for 26.05
|
|
#pull = "newer";
|
|
|
|
hostname = "portainer.esotericbytes.com";
|
|
|
|
networks = [
|
|
"docker-main"
|
|
];
|
|
|
|
labels = {
|
|
"traefik.http.routers.portainer.entrypoints" = "localsecure";
|
|
"traefik.http.routers.portainer.rule" = "Host(`prtnr.esotericbytes.com`) || Host(`portainer.esotericbytes.com`)";
|
|
"traefik.http.routers.portainer.service" = "portainer";
|
|
"traefik.http.routers.portainer.tls.certResolver" = "cloudflare";
|
|
|
|
"traefik.http.services.portainer.loadbalancer.server.url" = "http://192.168.100.10:9000";
|
|
};
|
|
|
|
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
|
|
"--ip=192.168.101.2"
|
|
];
|
|
|
|
ports = [
|
|
"127.0.0.1:8000:8000"
|
|
"9000:9000"
|
|
];
|
|
|
|
volumes = [
|
|
"vol_portainer:/data"
|
|
"/run/docker.sock:/var/run/docker.sock"
|
|
];
|
|
};
|
|
};
|
|
}
|