ugit

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127


diff --git a/machines/dragonwell/concourse/concourse.nix b/machines/dragonwell/concourse/concourse.nix
new file mode 100644
index 0000000000000000000000000000000000000000..ea7649760b52526af78fb4153da47a5785b3a097
--- /dev/null
+++ b/machines/dragonwell/concourse/concourse.nix
@@ -0,0 +1,121 @@
+# Auto-generated using compose2nix v0.2.0-pre.
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  # Runtime
+  virtualisation.docker = {
+    enable = true;
+    autoPrune.enable = true;
+  };
+  virtualisation.oci-containers.backend = "docker";
+
+  # Containers
+  virtualisation.oci-containers.containers."concourse-concourse" = {
+    image = "concourse/concourse";
+    environment = {
+      CONCOURSE_ADD_LOCAL_USER = "test:test";
+      CONCOURSE_CLIENT_SECRET = "Y29uY291cnNlLXdlYgo=";
+      CONCOURSE_CLUSTER_NAME = "tutorial";
+      CONCOURSE_CONTENT_SECURITY_POLICY = "*";
+      CONCOURSE_EXTERNAL_URL = "http://localhost:8080";
+      CONCOURSE_MAIN_TEAM_LOCAL_USER = "test";
+      CONCOURSE_POSTGRES_DATABASE = "concourse";
+      CONCOURSE_POSTGRES_HOST = "concourse-db";
+      CONCOURSE_POSTGRES_PASSWORD = "concourse_pass";
+      CONCOURSE_POSTGRES_USER = "concourse_user";
+      CONCOURSE_TSA_CLIENT_SECRET = "Y29uY291cnNlLXdvcmtlcgo=";
+      CONCOURSE_WORKER_BAGGAGECLAIM_DRIVER = "overlay";
+      CONCOURSE_WORKER_CONTAINERD_DNS_SERVER = "8.8.8.8";
+      CONCOURSE_WORKER_RUNTIME = "containerd";
+      CONCOURSE_X_FRAME_OPTIONS = "allow";
+    };
+    ports = [
+      "8080:8080/tcp"
+    ];
+    cmd = ["quickstart"];
+    dependsOn = [
+      "concourse-concourse-db"
+    ];
+    log-driver = "journald";
+    extraOptions = [
+      "--network-alias=concourse"
+      "--network=concourse_default"
+      "--privileged"
+    ];
+  };
+  systemd.services."docker-concourse-concourse" = {
+    serviceConfig = {
+      Restart = lib.mkForce "no";
+    };
+    after = [
+      "docker-network-concourse_default.service"
+    ];
+    requires = [
+      "docker-network-concourse_default.service"
+    ];
+    partOf = [
+      "docker-compose-concourse-root.target"
+    ];
+    wantedBy = [
+      "docker-compose-concourse-root.target"
+    ];
+  };
+  virtualisation.oci-containers.containers."concourse-concourse-db" = {
+    image = "postgres";
+    environment = {
+      PGDATA = "/database";
+      POSTGRES_DB = "concourse";
+      POSTGRES_PASSWORD = "concourse_pass";
+      POSTGRES_USER = "concourse_user";
+    };
+    log-driver = "journald";
+    extraOptions = [
+      "--network-alias=concourse-db"
+      "--network=concourse_default"
+    ];
+  };
+  systemd.services."docker-concourse-concourse-db" = {
+    serviceConfig = {
+      Restart = lib.mkForce "no";
+    };
+    after = [
+      "docker-network-concourse_default.service"
+    ];
+    requires = [
+      "docker-network-concourse_default.service"
+    ];
+    partOf = [
+      "docker-compose-concourse-root.target"
+    ];
+    wantedBy = [
+      "docker-compose-concourse-root.target"
+    ];
+  };
+
+  # Networks
+  systemd.services."docker-network-concourse_default" = {
+    path = [pkgs.docker];
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+      ExecStop = "${pkgs.docker}/bin/docker network rm -f concourse_default";
+    };
+    script = ''
+      docker network inspect concourse_default || docker network create concourse_default
+    '';
+    partOf = ["docker-compose-concourse-root.target"];
+    wantedBy = ["docker-compose-concourse-root.target"];
+  };
+
+  # Root service
+  # When started, this will automatically create all resources and start
+  # the containers. When stopped, this will teardown all resources.
+  systemd.targets."docker-compose-concourse-root" = {
+    unitConfig = {
+      Description = "Root target generated by compose2nix.";
+    };
+    wantedBy = ["multi-user.target"];
+  };
+}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40


diff --git a/machines/dragonwell/concourse/concourse.yml b/machines/dragonwell/concourse/concourse.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b910d48d9cc31514eaa292f17051cb13ffa494da
--- /dev/null
+++ b/machines/dragonwell/concourse/concourse.yml
@@ -0,0 +1,34 @@
+name: concourse
+services:
+  concourse-db:
+    image: postgres
+    environment:
+      POSTGRES_DB: concourse
+      POSTGRES_PASSWORD: concourse_pass
+      POSTGRES_USER: concourse_user
+      PGDATA: /database
+
+  concourse:
+    image: concourse/concourse
+    command: quickstart
+    privileged: true
+    depends_on: [concourse-db]
+    ports: ["8080:8080"]
+    environment:
+      CONCOURSE_POSTGRES_HOST: concourse-db
+      CONCOURSE_POSTGRES_USER: concourse_user
+      CONCOURSE_POSTGRES_PASSWORD: concourse_pass
+      CONCOURSE_POSTGRES_DATABASE: concourse
+      CONCOURSE_EXTERNAL_URL: https://concourse.serval-vibes.ts.net/
+      CONCOURSE_ADD_LOCAL_USER: test:test
+      CONCOURSE_MAIN_TEAM_LOCAL_USER: test
+      # instead of relying on the default "detect"
+      CONCOURSE_WORKER_BAGGAGECLAIM_DRIVER: overlay
+      CONCOURSE_CLIENT_SECRET: Y29uY291cnNlLXdlYgo=
+      CONCOURSE_TSA_CLIENT_SECRET: Y29uY291cnNlLXdvcmtlcgo=
+      CONCOURSE_X_FRAME_OPTIONS: allow
+      CONCOURSE_CONTENT_SECURITY_POLICY: "*"
+      CONCOURSE_CLUSTER_NAME: concourse
+      CONCOURSE_WORKER_CONTAINERD_DNS_SERVER: "8.8.8.8"
+      # For ARM-based machine, change the Concourse runtime to "houdini"
+      CONCOURSE_WORKER_RUNTIME: "containerd"

1
2
3
4
5
6
7
8
9


diff --git a/machines/dragonwell/concourse/default.nix b/machines/dragonwell/concourse/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..9b8076e2c213e85d1f5fe7078cf9e45b9db4f57c
--- /dev/null
+++ b/machines/dragonwell/concourse/default.nix
@@ -0,0 +1,3 @@
+{
+  imports = [./concourse.nix];
+}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13


diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index 9ba27149e6cae14925606122bc2e41141cc05185..6c970dbda199ad7b932ecd16223c86dc9de07249 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -2,7 +2,7 @@ let
   username = "jolheiser";
   key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
 in {
-  imports = [./caddy.nix ./dex.nix ./golink.nix ./gotosocial.nix ./restic.nix ./tandoor.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
+  imports = [./caddy.nix ./concourse ./dex.nix ./golink.nix ./gotosocial.nix ./restic.nix ./tandoor.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
 
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;

Home