Home

dotnix @main - refs - log -
-
https://git.jolheiser.com/dotnix.git
My nix dotfiles
tree log patch
feat: concourse Signed-off-by: jolheiser <john.olheiser@gmail.com>
Signature
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEgqEQpE3xoo1QwJO/uFOtpdp7v3oFAmaHWSAACgkQuFOtpdp7 v3p3ig/+MkV1SZ+E08/svBzuG1xUhRDuLNhqv5ZTvatMAUDe/wWb7/LlyyzIUIHL 0gUd2z7xjwZX2t5dh34E9N4W+9QEVejEiwr1+XLSRvnYqC+jlVYSqcymW9l62u+g 26GnyMcaGFnfzObZ61pw9XkIlJmNsDSLywUF6/IyNcQgUoPhdp/g+y5txmCXZRUp kxsB/JN+NrUyqG6rBx9E9GHbZ7VW5/+iGfUvqq8RBcrlLw3aJrbwtHEYEds7z8zX 8D/kzuH/FlQxWeYiooUtQzzQVdvCAtTAnw8ro2hVNajj/zaWG4K2qJHQM9yhvG2I Xgamu5iLw33T1DxFMsSTXAByoGIMyYrfmDGg9nhDYiPP2rCzSjNDqTWFQWY33qCx OXjvsp3qDxXTnZeRbbbPj9/eAUvwDE4Rv3TR9IB/CuCTVm16PMvlsS0sZ4F6YoWU SM62VBLrhOJ4Na+3oig+EmNDivOjgpBdvrSq7pD3gIUja6SOhy8wd94lHAxdH3Sg 0JYRgHr6T7WZ+c4Rc6katbD06+iO/KCvmyASWRqvUGoQ5nYr0LTHR/cw2Ze/c48L bpMYwv5ccNK3GU6Ie1GFtqF5OP4N7CU8VQcqC8QCAGil9awuYWBj0/F/0eI/NsCD VQr7JK8G66s3QbRXmdFwmVt53nrk8pCmye75az29nLokt3yVD7Q= =pXVm -----END PGP SIGNATURE-----
jolheiser <john.olheiser@gmail.com>
5 months ago
4 changed files, 159 additions(+), 1 deletions(-)
I machines/dragonwell/concourse/concourse.nix
diff --git a/machines/dragonwell/concourse/concourse.nix b/machines/dragonwell/concourse/concourse.nix
new file mode 100644
index 0000000000000000000000000000000000000000..ea7649760b52526af78fb4153da47a5785b3a097
--- /dev/null
+++ b/machines/dragonwell/concourse/concourse.nix
@@ -0,0 +1,121 @@
+# Auto-generated using compose2nix v0.2.0-pre.
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  # Runtime
+  virtualisation.docker = {
+    enable = true;
+    autoPrune.enable = true;
+  };
+  virtualisation.oci-containers.backend = "docker";
+
+  # Containers
+  virtualisation.oci-containers.containers."concourse-concourse" = {
+    image = "concourse/concourse";
+    environment = {
+      CONCOURSE_ADD_LOCAL_USER = "test:test";
+      CONCOURSE_CLIENT_SECRET = "Y29uY291cnNlLXdlYgo=";
+      CONCOURSE_CLUSTER_NAME = "tutorial";
+      CONCOURSE_CONTENT_SECURITY_POLICY = "*";
+      CONCOURSE_EXTERNAL_URL = "http://localhost:8080";
+      CONCOURSE_MAIN_TEAM_LOCAL_USER = "test";
+      CONCOURSE_POSTGRES_DATABASE = "concourse";
+      CONCOURSE_POSTGRES_HOST = "concourse-db";
+      CONCOURSE_POSTGRES_PASSWORD = "concourse_pass";
+      CONCOURSE_POSTGRES_USER = "concourse_user";
+      CONCOURSE_TSA_CLIENT_SECRET = "Y29uY291cnNlLXdvcmtlcgo=";
+      CONCOURSE_WORKER_BAGGAGECLAIM_DRIVER = "overlay";
+      CONCOURSE_WORKER_CONTAINERD_DNS_SERVER = "8.8.8.8";
+      CONCOURSE_WORKER_RUNTIME = "containerd";
+      CONCOURSE_X_FRAME_OPTIONS = "allow";
+    };
+    ports = [
+      "8080:8080/tcp"
+    ];
+    cmd = ["quickstart"];
+    dependsOn = [
+      "concourse-concourse-db"
+    ];
+    log-driver = "journald";
+    extraOptions = [
+      "--network-alias=concourse"
+      "--network=concourse_default"
+      "--privileged"
+    ];
+  };
+  systemd.services."docker-concourse-concourse" = {
+    serviceConfig = {
+      Restart = lib.mkForce "no";
+    };
+    after = [
+      "docker-network-concourse_default.service"
+    ];
+    requires = [
+      "docker-network-concourse_default.service"
+    ];
+    partOf = [
+      "docker-compose-concourse-root.target"
+    ];
+    wantedBy = [
+      "docker-compose-concourse-root.target"
+    ];
+  };
+  virtualisation.oci-containers.containers."concourse-concourse-db" = {
+    image = "postgres";
+    environment = {
+      PGDATA = "/database";
+      POSTGRES_DB = "concourse";
+      POSTGRES_PASSWORD = "concourse_pass";
+      POSTGRES_USER = "concourse_user";
+    };
+    log-driver = "journald";
+    extraOptions = [
+      "--network-alias=concourse-db"
+      "--network=concourse_default"
+    ];
+  };
+  systemd.services."docker-concourse-concourse-db" = {
+    serviceConfig = {
+      Restart = lib.mkForce "no";
+    };
+    after = [
+      "docker-network-concourse_default.service"
+    ];
+    requires = [
+      "docker-network-concourse_default.service"
+    ];
+    partOf = [
+      "docker-compose-concourse-root.target"
+    ];
+    wantedBy = [
+      "docker-compose-concourse-root.target"
+    ];
+  };
+
+  # Networks
+  systemd.services."docker-network-concourse_default" = {
+    path = [pkgs.docker];
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+      ExecStop = "${pkgs.docker}/bin/docker network rm -f concourse_default";
+    };
+    script = ''
+      docker network inspect concourse_default || docker network create concourse_default
+    '';
+    partOf = ["docker-compose-concourse-root.target"];
+    wantedBy = ["docker-compose-concourse-root.target"];
+  };
+
+  # Root service
+  # When started, this will automatically create all resources and start
+  # the containers. When stopped, this will teardown all resources.
+  systemd.targets."docker-compose-concourse-root" = {
+    unitConfig = {
+      Description = "Root target generated by compose2nix.";
+    };
+    wantedBy = ["multi-user.target"];
+  };
+}
I machines/dragonwell/concourse/concourse.yml
diff --git a/machines/dragonwell/concourse/concourse.yml b/machines/dragonwell/concourse/concourse.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b910d48d9cc31514eaa292f17051cb13ffa494da
--- /dev/null
+++ b/machines/dragonwell/concourse/concourse.yml
@@ -0,0 +1,34 @@
+name: concourse
+services:
+  concourse-db:
+    image: postgres
+    environment:
+      POSTGRES_DB: concourse
+      POSTGRES_PASSWORD: concourse_pass
+      POSTGRES_USER: concourse_user
+      PGDATA: /database
+
+  concourse:
+    image: concourse/concourse
+    command: quickstart
+    privileged: true
+    depends_on: [concourse-db]
+    ports: ["8080:8080"]
+    environment:
+      CONCOURSE_POSTGRES_HOST: concourse-db
+      CONCOURSE_POSTGRES_USER: concourse_user
+      CONCOURSE_POSTGRES_PASSWORD: concourse_pass
+      CONCOURSE_POSTGRES_DATABASE: concourse
+      CONCOURSE_EXTERNAL_URL: https://concourse.serval-vibes.ts.net/
+      CONCOURSE_ADD_LOCAL_USER: test:test
+      CONCOURSE_MAIN_TEAM_LOCAL_USER: test
+      # instead of relying on the default "detect"
+      CONCOURSE_WORKER_BAGGAGECLAIM_DRIVER: overlay
+      CONCOURSE_CLIENT_SECRET: Y29uY291cnNlLXdlYgo=
+      CONCOURSE_TSA_CLIENT_SECRET: Y29uY291cnNlLXdvcmtlcgo=
+      CONCOURSE_X_FRAME_OPTIONS: allow
+      CONCOURSE_CONTENT_SECURITY_POLICY: "*"
+      CONCOURSE_CLUSTER_NAME: concourse
+      CONCOURSE_WORKER_CONTAINERD_DNS_SERVER: "8.8.8.8"
+      # For ARM-based machine, change the Concourse runtime to "houdini"
+      CONCOURSE_WORKER_RUNTIME: "containerd"
I machines/dragonwell/concourse/default.nix
diff --git a/machines/dragonwell/concourse/default.nix b/machines/dragonwell/concourse/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..9b8076e2c213e85d1f5fe7078cf9e45b9db4f57c
--- /dev/null
+++ b/machines/dragonwell/concourse/default.nix
@@ -0,0 +1,3 @@
+{
+  imports = [./concourse.nix];
+}
M machines/dragonwell/default.nix -> machines/dragonwell/default.nix
diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index 9ba27149e6cae14925606122bc2e41141cc05185..6c970dbda199ad7b932ecd16223c86dc9de07249 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -2,7 +2,7 @@ let
   username = "jolheiser";
   key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
 in {
-  imports = [./caddy.nix ./dex.nix ./golink.nix ./gotosocial.nix ./restic.nix ./tandoor.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
+  imports = [./caddy.nix ./concourse ./dex.nix ./golink.nix ./gotosocial.nix ./restic.nix ./tandoor.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
 
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;