infrastructure/hosts/lime/services/penpot/docker-compose.nix

# Auto-generated using compose2nix v0.1.9.
{ pkgs, lib, ... }:

{
  # Runtime
  virtualisation.podman = {
    enable = true;
    autoPrune.enable = true;
    defaultNetwork.settings = {
      # Required for container networking to be able to use names.
      dns_enabled = true;
    };
  };
  virtualisation.oci-containers.backend = "podman";

  # Containers
  virtualisation.oci-containers.containers."docker-compose-penpot-backend" = {
    image = "penpotapp/backend:latest";
    environment = {
      PENPOT_ASSETS_STORAGE_BACKEND = "assets-fs";
      PENPOT_DATABASE_PASSWORD = "penpot";
      PENPOT_DATABASE_URI = "postgresql://penpot-postgres/penpot";
      PENPOT_DATABASE_USERNAME = "penpot";
      PENPOT_FLAGS = "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server";
      PENPOT_PUBLIC_URI = "https://penpot.4o1x5.dev";
      PENPOT_REDIS_URI = "redis://penpot-redis/0";
      PENPOT_SMTP_DEFAULT_FROM = "no-reply@example.com";
      PENPOT_SMTP_DEFAULT_REPLY_TO = "no-reply@example.com";
      PENPOT_SMTP_HOST = "penpot-mailcatch";
      PENPOT_SMTP_PASSWORD = "";
      PENPOT_SMTP_PORT = "1025";
      PENPOT_SMTP_SSL = "false";
      PENPOT_SMTP_TLS = "false";
      PENPOT_SMTP_USERNAME = "";
      PENPOT_STORAGE_ASSETS_FS_DIRECTORY = "/opt/data/assets";
      PENPOT_TELEMETRY_ENABLED = "false";
    };
    volumes = [
      "penpot_assets:/opt/data/assets:rw"
    ];
    dependsOn = [
      "docker-compose-penpot-postgres"
      "docker-compose-penpot-redis"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network-alias=penpot-backend"
      "--network=docker-compose_penpot"
    ];
  };
  systemd.services."podman-docker-compose-penpot-backend" = {
    serviceConfig = {
      Restart = lib.mkOverride 500 "always";
    };
    after = [
      "podman-network-docker-compose_penpot.service"
      "podman-volume-docker-compose_penpot_assets.service"
    ];
    requires = [
      "podman-network-docker-compose_penpot.service"
      "podman-volume-docker-compose_penpot_assets.service"
    ];
    partOf = [
      "podman-compose-docker-compose-root.target"
    ];
    wantedBy = [
      "podman-compose-docker-compose-root.target"
    ];
  };
  virtualisation.oci-containers.containers."docker-compose-penpot-exporter" = {
    image = "penpotapp/exporter:latest";
    environment = {
      PENPOT_PUBLIC_URI = "http://penpot-frontend";
      PENPOT_REDIS_URI = "redis://penpot-redis/0";
    };
    log-driver = "journald";
    extraOptions = [
      "--network-alias=penpot-exporter"
      "--network=docker-compose_penpot"
    ];
  };
  systemd.services."podman-docker-compose-penpot-exporter" = {
    serviceConfig = {
      Restart = lib.mkOverride 500 "always";
    };
    after = [
      "podman-network-docker-compose_penpot.service"
    ];
    requires = [
      "podman-network-docker-compose_penpot.service"
    ];
    partOf = [
      "podman-compose-docker-compose-root.target"
    ];
    wantedBy = [
      "podman-compose-docker-compose-root.target"
    ];
  };
  virtualisation.oci-containers.containers."docker-compose-penpot-frontend" = {
    image = "penpotapp/frontend:latest";
    environment = {
      PENPOT_FLAGS = "enable-registration enable-login-with-password";
    };
    volumes = [
      "penpot_assets:/opt/data/assets:rw"
    ];
    ports = [
      "9032:80/tcp"
    ];
    labels = {
      "traefik.enable" = "true";
    };
    dependsOn = [
      "docker-compose-penpot-backend"
      "docker-compose-penpot-exporter"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network-alias=penpot-frontend"
      "--network=docker-compose_penpot"
    ];
  };
  systemd.services."podman-docker-compose-penpot-frontend" = {
    serviceConfig = {
      Restart = lib.mkOverride 500 "always";
    };
    after = [
      "podman-network-docker-compose_penpot.service"
      "podman-volume-docker-compose_penpot_assets.service"
    ];
    requires = [
      "podman-network-docker-compose_penpot.service"
      "podman-volume-docker-compose_penpot_assets.service"
    ];
    partOf = [
      "podman-compose-docker-compose-root.target"
    ];
    wantedBy = [
      "podman-compose-docker-compose-root.target"
    ];
  };
  virtualisation.oci-containers.containers."docker-compose-penpot-mailcatch" = {
    image = "sj26/mailcatcher:latest";
    ports = [
      "1080:1080/tcp"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network-alias=penpot-mailcatch"
      "--network=docker-compose_penpot"
    ];
  };
  systemd.services."podman-docker-compose-penpot-mailcatch" = {
    serviceConfig = {
      Restart = lib.mkOverride 500 "always";
    };
    after = [
      "podman-network-docker-compose_penpot.service"
    ];
    requires = [
      "podman-network-docker-compose_penpot.service"
    ];
    partOf = [
      "podman-compose-docker-compose-root.target"
    ];
    wantedBy = [
      "podman-compose-docker-compose-root.target"
    ];
  };
  virtualisation.oci-containers.containers."docker-compose-penpot-postgres" = {
    image = "postgres:15";
    environment = {
      POSTGRES_DB = "penpot";
      POSTGRES_INITDB_ARGS = "--data-checksums";
      POSTGRES_PASSWORD = "penpot";
      POSTGRES_USER = "penpot";
    };
    volumes = [
      "penpot_postgres_v15:/var/lib/postgresql/data:rw"
    ];
    log-driver = "journald";
    extraOptions = [
      "--network-alias=penpot-postgres"
      "--network=docker-compose_penpot"
    ];
  };
  systemd.services."podman-docker-compose-penpot-postgres" = {
    serviceConfig = {
      Restart = lib.mkOverride 500 "always";
    };
    after = [
      "podman-network-docker-compose_penpot.service"
      "podman-volume-docker-compose_penpot_postgres_v15.service"
    ];
    requires = [
      "podman-network-docker-compose_penpot.service"
      "podman-volume-docker-compose_penpot_postgres_v15.service"
    ];
    partOf = [
      "podman-compose-docker-compose-root.target"
    ];
    wantedBy = [
      "podman-compose-docker-compose-root.target"
    ];
  };
  virtualisation.oci-containers.containers."docker-compose-penpot-redis" = {
    image = "redis:7";
    log-driver = "journald";
    extraOptions = [
      "--network-alias=penpot-redis"
      "--network=docker-compose_penpot"
    ];
  };
  systemd.services."podman-docker-compose-penpot-redis" = {
    serviceConfig = {
      Restart = lib.mkOverride 500 "always";
    };
    after = [
      "podman-network-docker-compose_penpot.service"
    ];
    requires = [
      "podman-network-docker-compose_penpot.service"
    ];
    partOf = [
      "podman-compose-docker-compose-root.target"
    ];
    wantedBy = [
      "podman-compose-docker-compose-root.target"
    ];
  };

  # Networks
  systemd.services."podman-network-docker-compose_penpot" = {
    path = [ pkgs.podman ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
      ExecStop = "${pkgs.podman}/bin/podman network rm -f docker-compose_penpot";
    };
    script = ''
      podman network inspect docker-compose_penpot || podman network create docker-compose_penpot
    '';
    partOf = [ "podman-compose-docker-compose-root.target" ];
    wantedBy = [ "podman-compose-docker-compose-root.target" ];
  };

  # Volumes
  systemd.services."podman-volume-docker-compose_penpot_assets" = {
    path = [ pkgs.podman ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      podman volume inspect docker-compose_penpot_assets || podman volume create docker-compose_penpot_assets
    '';
    partOf = [ "podman-compose-docker-compose-root.target" ];
    wantedBy = [ "podman-compose-docker-compose-root.target" ];
  };
  systemd.services."podman-volume-docker-compose_penpot_postgres_v15" = {
    path = [ pkgs.podman ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = ''
      podman volume inspect docker-compose_penpot_postgres_v15 || podman volume create docker-compose_penpot_postgres_v15
    '';
    partOf = [ "podman-compose-docker-compose-root.target" ];
    wantedBy = [ "podman-compose-docker-compose-root.target" ];
  };

  # Root service
  # When started, this will automatically create all resources and start
  # the containers. When stopped, this will teardown all resources.
  systemd.targets."podman-compose-docker-compose-root" = {
    unitConfig = {
      Description = "Root target generated by compose2nix.";
    };
    wantedBy = [ "multi-user.target" ];
  };
}
🚀 big update: added logging to all nginx routes added loki, promtail to scrape nginx logs turned i2pd back on, updated my websites version upgraded all hosts to 24.05 forgejo added bigger limit to upload limit due to docker images privacy frontends: added priviblur libreddit -> redlib added biblioreads ddns-updater, changed credentials but there is a bug with porkbun added penpot brought back anonymousoverflow added readme privacy respecting frontends 2024-06-03 02:05:38 +02:00			`# Auto-generated using compose2nix v0.1.9.`
			`{ pkgs, lib, ... }:`

			`{`
			`# Runtime`
			`virtualisation.podman = {`
			`enable = true;`
			`autoPrune.enable = true;`
			`defaultNetwork.settings = {`
			`# Required for container networking to be able to use names.`
			`dns_enabled = true;`
			`};`
			`};`
			`virtualisation.oci-containers.backend = "podman";`

			`# Containers`
			`virtualisation.oci-containers.containers."docker-compose-penpot-backend" = {`
			`image = "penpotapp/backend:latest";`
			`environment = {`
			`PENPOT_ASSETS_STORAGE_BACKEND = "assets-fs";`
			`PENPOT_DATABASE_PASSWORD = "penpot";`
			`PENPOT_DATABASE_URI = "postgresql://penpot-postgres/penpot";`
			`PENPOT_DATABASE_USERNAME = "penpot";`
			`PENPOT_FLAGS = "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server";`
			`PENPOT_PUBLIC_URI = "https://penpot.4o1x5.dev";`
			`PENPOT_REDIS_URI = "redis://penpot-redis/0";`
			`PENPOT_SMTP_DEFAULT_FROM = "no-reply@example.com";`
			`PENPOT_SMTP_DEFAULT_REPLY_TO = "no-reply@example.com";`
			`PENPOT_SMTP_HOST = "penpot-mailcatch";`
			`PENPOT_SMTP_PASSWORD = "";`
			`PENPOT_SMTP_PORT = "1025";`
			`PENPOT_SMTP_SSL = "false";`
			`PENPOT_SMTP_TLS = "false";`
			`PENPOT_SMTP_USERNAME = "";`
			`PENPOT_STORAGE_ASSETS_FS_DIRECTORY = "/opt/data/assets";`
			`PENPOT_TELEMETRY_ENABLED = "false";`
			`};`
			`volumes = [`
			`"penpot_assets:/opt/data/assets:rw"`
			`];`
			`dependsOn = [`
			`"docker-compose-penpot-postgres"`
			`"docker-compose-penpot-redis"`
			`];`
			`log-driver = "journald";`
			`extraOptions = [`
			`"--network-alias=penpot-backend"`
			`"--network=docker-compose_penpot"`
			`];`
			`};`
			`systemd.services."podman-docker-compose-penpot-backend" = {`
			`serviceConfig = {`
			`Restart = lib.mkOverride 500 "always";`
			`};`
			`after = [`
			`"podman-network-docker-compose_penpot.service"`
			`"podman-volume-docker-compose_penpot_assets.service"`
			`];`
			`requires = [`
			`"podman-network-docker-compose_penpot.service"`
			`"podman-volume-docker-compose_penpot_assets.service"`
			`];`
			`partOf = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`wantedBy = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`};`
			`virtualisation.oci-containers.containers."docker-compose-penpot-exporter" = {`
			`image = "penpotapp/exporter:latest";`
			`environment = {`
			`PENPOT_PUBLIC_URI = "http://penpot-frontend";`
			`PENPOT_REDIS_URI = "redis://penpot-redis/0";`
			`};`
			`log-driver = "journald";`
			`extraOptions = [`
			`"--network-alias=penpot-exporter"`
			`"--network=docker-compose_penpot"`
			`];`
			`};`
			`systemd.services."podman-docker-compose-penpot-exporter" = {`
			`serviceConfig = {`
			`Restart = lib.mkOverride 500 "always";`
			`};`
			`after = [`
			`"podman-network-docker-compose_penpot.service"`
			`];`
			`requires = [`
			`"podman-network-docker-compose_penpot.service"`
			`];`
			`partOf = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`wantedBy = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`};`
			`virtualisation.oci-containers.containers."docker-compose-penpot-frontend" = {`
			`image = "penpotapp/frontend:latest";`
			`environment = {`
			`PENPOT_FLAGS = "enable-registration enable-login-with-password";`
			`};`
			`volumes = [`
			`"penpot_assets:/opt/data/assets:rw"`
			`];`
			`ports = [`
			`"9032:80/tcp"`
			`];`
			`labels = {`
			`"traefik.enable" = "true";`
			`};`
			`dependsOn = [`
			`"docker-compose-penpot-backend"`
			`"docker-compose-penpot-exporter"`
			`];`
			`log-driver = "journald";`
			`extraOptions = [`
			`"--network-alias=penpot-frontend"`
			`"--network=docker-compose_penpot"`
			`];`
			`};`
			`systemd.services."podman-docker-compose-penpot-frontend" = {`
			`serviceConfig = {`
			`Restart = lib.mkOverride 500 "always";`
			`};`
			`after = [`
			`"podman-network-docker-compose_penpot.service"`
			`"podman-volume-docker-compose_penpot_assets.service"`
			`];`
			`requires = [`
			`"podman-network-docker-compose_penpot.service"`
			`"podman-volume-docker-compose_penpot_assets.service"`
			`];`
			`partOf = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`wantedBy = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`};`
			`virtualisation.oci-containers.containers."docker-compose-penpot-mailcatch" = {`
			`image = "sj26/mailcatcher:latest";`
			`ports = [`
			`"1080:1080/tcp"`
			`];`
			`log-driver = "journald";`
			`extraOptions = [`
			`"--network-alias=penpot-mailcatch"`
			`"--network=docker-compose_penpot"`
			`];`
			`};`
			`systemd.services."podman-docker-compose-penpot-mailcatch" = {`
			`serviceConfig = {`
			`Restart = lib.mkOverride 500 "always";`
			`};`
			`after = [`
			`"podman-network-docker-compose_penpot.service"`
			`];`
			`requires = [`
			`"podman-network-docker-compose_penpot.service"`
			`];`
			`partOf = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`wantedBy = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`};`
			`virtualisation.oci-containers.containers."docker-compose-penpot-postgres" = {`
			`image = "postgres:15";`
			`environment = {`
			`POSTGRES_DB = "penpot";`
			`POSTGRES_INITDB_ARGS = "--data-checksums";`
			`POSTGRES_PASSWORD = "penpot";`
			`POSTGRES_USER = "penpot";`
			`};`
			`volumes = [`
			`"penpot_postgres_v15:/var/lib/postgresql/data:rw"`
			`];`
			`log-driver = "journald";`
			`extraOptions = [`
			`"--network-alias=penpot-postgres"`
			`"--network=docker-compose_penpot"`
			`];`
			`};`
			`systemd.services."podman-docker-compose-penpot-postgres" = {`
			`serviceConfig = {`
			`Restart = lib.mkOverride 500 "always";`
			`};`
			`after = [`
			`"podman-network-docker-compose_penpot.service"`
			`"podman-volume-docker-compose_penpot_postgres_v15.service"`
			`];`
			`requires = [`
			`"podman-network-docker-compose_penpot.service"`
			`"podman-volume-docker-compose_penpot_postgres_v15.service"`
			`];`
			`partOf = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`wantedBy = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`};`
			`virtualisation.oci-containers.containers."docker-compose-penpot-redis" = {`
			`image = "redis:7";`
			`log-driver = "journald";`
			`extraOptions = [`
			`"--network-alias=penpot-redis"`
			`"--network=docker-compose_penpot"`
			`];`
			`};`
			`systemd.services."podman-docker-compose-penpot-redis" = {`
			`serviceConfig = {`
			`Restart = lib.mkOverride 500 "always";`
			`};`
			`after = [`
			`"podman-network-docker-compose_penpot.service"`
			`];`
			`requires = [`
			`"podman-network-docker-compose_penpot.service"`
			`];`
			`partOf = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`wantedBy = [`
			`"podman-compose-docker-compose-root.target"`
			`];`
			`};`

			`# Networks`
			`systemd.services."podman-network-docker-compose_penpot" = {`
			`path = [ pkgs.podman ];`
			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = true;`
			`ExecStop = "${pkgs.podman}/bin/podman network rm -f docker-compose_penpot";`
			`};`
			`script = ''`
			`podman network inspect docker-compose_penpot \|\| podman network create docker-compose_penpot`
			`'';`
			`partOf = [ "podman-compose-docker-compose-root.target" ];`
			`wantedBy = [ "podman-compose-docker-compose-root.target" ];`
			`};`

			`# Volumes`
			`systemd.services."podman-volume-docker-compose_penpot_assets" = {`
			`path = [ pkgs.podman ];`
			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = true;`
			`};`
			`script = ''`
			`podman volume inspect docker-compose_penpot_assets \|\| podman volume create docker-compose_penpot_assets`
			`'';`
			`partOf = [ "podman-compose-docker-compose-root.target" ];`
			`wantedBy = [ "podman-compose-docker-compose-root.target" ];`
			`};`
			`systemd.services."podman-volume-docker-compose_penpot_postgres_v15" = {`
			`path = [ pkgs.podman ];`
			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = true;`
			`};`
			`script = ''`
			`podman volume inspect docker-compose_penpot_postgres_v15 \|\| podman volume create docker-compose_penpot_postgres_v15`
			`'';`
			`partOf = [ "podman-compose-docker-compose-root.target" ];`
			`wantedBy = [ "podman-compose-docker-compose-root.target" ];`
			`};`

			`# Root service`
			`# When started, this will automatically create all resources and start`
			`# the containers. When stopped, this will teardown all resources.`
			`systemd.targets."podman-compose-docker-compose-root" = {`
			`unitConfig = {`
			`Description = "Root target generated by compose2nix.";`
			`};`
			`wantedBy = [ "multi-user.target" ];`
			`};`
			`}`