54 lines
1.2 KiB
Nix
54 lines
1.2 KiB
Nix
{ config, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.settings.containers.beszel;
|
|
in {
|
|
options = {
|
|
settings.containers.beszel.enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
description = ''
|
|
Enable Beszel container
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
settings.services.sops.enable = true;
|
|
|
|
services.podman.containers.beszel = {
|
|
image = "henrygd/beszel:latest";
|
|
network = "proxy";
|
|
volumes = [
|
|
"%h/containers/beszel/data:/beszel_data"
|
|
"%h/containers/beszel/socket:/beszel_socket"
|
|
];
|
|
environment = {
|
|
DISABLE_PASSWORD_AUTH = false;
|
|
USER_CREATION = true;
|
|
};
|
|
};
|
|
|
|
services.podman.containers.beszel-agent = {
|
|
image = "henrygd/beszel-agent:latest";
|
|
network = "proxy";
|
|
volumes = [
|
|
"%h/containers/beszel/socket:/beszel_socket"
|
|
"/run/user/1000/podman/podman.sock:/var/run/podman.sock:ro"
|
|
|
|
"${config.sops.secrets."containers/beszel/key".path}:/run/secrets/key"
|
|
];
|
|
environment = {
|
|
LISTEN = "/beszel_socket/beszel.sock";
|
|
KEY_FILE = "/run/secrets/key";
|
|
};
|
|
};
|
|
|
|
sops.secrets = {
|
|
"containers/beszel/key" = { };
|
|
};
|
|
};
|
|
}
|