sheran · July 31, 2023 07:33
diff --git a/host.nix b/host.nix
 { config, pkgs, ... }:
 {
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [ 22 80 443 ];
    interfaces.podman1 = {
      allowedUDPPorts = [ 53 ]; # this needs to be there so that containers can look eachother's names up over DNS
    };
  };
    
  # we enable and use podman - very similar to docker
  virtualisation.podman.enable = true;
  virtualisation.oci-containers.backend = "podman";
    
  # we create a systemd service so that we can create a single "pod"
  # for our containers to live inside of. This will mimic how docker compose
  # creates one network for the containers to live inside of
  systemd.services.create-wordpress-network = with config.virtualisation.oci-containers; {
    serviceConfig.Type = "oneshot";
    wantedBy = [ "${backend}-wordpress.service" "${backend}-db.service" ];
    script = ''
      ${pkgs.podman}/bin/podman network exists wp-net || \
      ${pkgs.podman}/bin/podman network create wp-net
      '';
  };


  # here we define the containers for setting up wordpress
  # when using oci-containers systemd will start them off at boot time
  virtualisation.oci-containers.containers = {
    wordpress = {
      image = "wordpress";
      volumes = [ "wordpress:/var/www/html" ];
      autoStart = true;
      ports = [ "80:80" ];
      environment = {
        WORDPRESS_DB_HOST = "db";
        WORDPRESS_DB_USER = "exampleuser";
        WORDPRESS_DB_PASSWORD = "examplepass";
        WORDPRESS_DB_NAME = "exampledb";
      };
      extraOptions = [ "--network=wp-net" ];
    };
    db = {
      image = "mysql:latest";
      volumes = ["db:/var/lib/mysql"];
      autoStart = true;
      environment = {
        MYSQL_DATABASE = "exampledb";
        MYSQL_USER = "exampleuser";
        MYSQL_PASSWORD = "examplepass";
        MYSQL_RANDOM_ROOT_PASSWORD = "1";
      };
      extraOptions = [ "--network=wp-net" ];
    };
  };
 }
	{ config, pkgs, ... }:
	{
	networking.firewall = {
	enable = true;
	allowedTCPPorts = [ 22 80 443 ];
	interfaces.podman1 = {
	allowedUDPPorts = [ 53 ]; # this needs to be there so that containers can look eachother's names up over DNS
	};
	};

	# we enable and use podman - very similar to docker
	virtualisation.podman.enable = true;
	virtualisation.oci-containers.backend = "podman";

	# we create a systemd service so that we can create a single "pod"
	# for our containers to live inside of. This will mimic how docker compose
	# creates one network for the containers to live inside of
	systemd.services.create-wordpress-network = with config.virtualisation.oci-containers; {
	serviceConfig.Type = "oneshot";
	wantedBy = [ "${backend}-wordpress.service" "${backend}-db.service" ];
	script = ''
	${pkgs.podman}/bin/podman network exists wp-net \|\| \
	${pkgs.podman}/bin/podman network create wp-net
	'';
	};


	# here we define the containers for setting up wordpress
	# when using oci-containers systemd will start them off at boot time
	virtualisation.oci-containers.containers = {
	wordpress = {
	image = "wordpress";
	volumes = [ "wordpress:/var/www/html" ];
	autoStart = true;
	ports = [ "80:80" ];
	environment = {
	WORDPRESS_DB_HOST = "db";
	WORDPRESS_DB_USER = "exampleuser";
	WORDPRESS_DB_PASSWORD = "examplepass";
	WORDPRESS_DB_NAME = "exampledb";
	};
	extraOptions = [ "--network=wp-net" ];
	};
	db = {
	image = "mysql:latest";
	volumes = ["db:/var/lib/mysql"];
	autoStart = true;
	environment = {
	MYSQL_DATABASE = "exampledb";
	MYSQL_USER = "exampleuser";
	MYSQL_PASSWORD = "examplepass";
	MYSQL_RANDOM_ROOT_PASSWORD = "1";
	};
	extraOptions = [ "--network=wp-net" ];
	};
	};
	}