From 663e5cb739a6df569eb9ec6ea97cefe1c76be48c Mon Sep 17 00:00:00 2001
From: coolneng <akasroua@gmail.com>
Date: Tue, 20 Dec 2022 14:03:09 +0100
Subject: [PATCH] Use ZFS storage driver for containers

---
 modules/hardware-configuration.nix | 143 ++++++++++++++---------------
 modules/information.nix            |  30 +++++-
 2 files changed, 96 insertions(+), 77 deletions(-)

diff --git a/modules/hardware-configuration.nix b/modules/hardware-configuration.nix
index a56d17e..4132176 100644
--- a/modules/hardware-configuration.nix
+++ b/modules/hardware-configuration.nix
@@ -23,82 +23,11 @@
       fsType = "vfat";
     };
 
-  fileSystems."/var/lib/containers/storage/overlay" =
-    { device = "/var/lib/containers/storage/overlay";
-      fsType = "none";
-      options = [ "bind" ];
-    };
-
-  fileSystems."/var/lib/containers/storage/overlay-containers/dba1864ff1473b3ba5fddd103f9cfff67334fbcc5c99c42b619e8a6d88776061/userdata/shm" =
-    { device = "shm";
-      fsType = "tmpfs";
-    };
-
-  fileSystems."/var/lib/containers/storage/overlay/1990fed1fbfbe8dc75ded251c84e8d82700fef0f01e8ead81916cadc5ec2cac1/merged" =
-    { device = "overlay";
-      fsType = "overlay";
-    };
-
   fileSystems."/vault" =
     { device = "vault";
       fsType = "zfs";
     };
 
-  fileSystems."/vault/radicale" =
-    { device = "vault/radicale";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/syncthing" =
-    { device = "vault/syncthing";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/backups" =
-    { device = "vault/backups";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/git" =
-    { device = "vault/git";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/nextcloud" =
-    { device = "vault/nextcloud";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/backups/monolith" =
-    { device = "vault/backups/monolith";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/backups/zion" =
-    { device = "vault/backups/zion";
-      fsType = "zfs";
-    };
-
-  fileSystems."/vault/backups/zion/databases" =
-    { device = "vault/backups/zion/databases";
-      fsType = "zfs";
-    };
-
-  fileSystems."/var/lib/wallabag" =
-    { device = "vault/state_directories/wallabag";
-      fsType = "zfs";
-    };
-
-  fileSystems."/var/lib/gitea" =
-    { device = "vault/state_directories/gitea";
-      fsType = "zfs";
-    };
-
-  fileSystems."/var/lib/signald" =
-    { device = "vault/state_directories/signald";
-      fsType = "zfs";
-    };
-
   fileSystems."/var/lib/matrix-as-signal" =
     { device = "vault/state_directories/matrix-as-signal";
       fsType = "zfs";
@@ -109,11 +38,81 @@
       fsType = "zfs";
     };
 
+  fileSystems."/var/lib/gitea" =
+    { device = "vault/state_directories/gitea";
+      fsType = "zfs";
+    };
+
   fileSystems."/var/lib/matrix-as-telegram" =
     { device = "vault/state_directories/matrix-as-telegram";
       fsType = "zfs";
     };
 
+  fileSystems."/var/lib/signald" =
+    { device = "vault/state_directories/signald";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var/lib/wallabag" =
+    { device = "vault/state_directories/wallabag";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/git" =
+    { device = "vault/git";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/nextcloud" =
+    { device = "vault/nextcloud";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/backups" =
+    { device = "vault/backups";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/radicale" =
+    { device = "vault/radicale";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/backups/zion" =
+    { device = "vault/backups/zion";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/backups/monolith" =
+    { device = "vault/backups/monolith";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/backups/zion/databases" =
+    { device = "vault/backups/zion/databases";
+      fsType = "zfs";
+    };
+
+  fileSystems."/vault/syncthing" =
+    { device = "vault/syncthing";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var/lib/containers" =
+    { device = "vault/containers";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var/lib/containers/storage/zfs-containers/1996d0540bceeb3dea027b3e5ef9e6cd94ea527ce657bf6461286d7b4afa637f/userdata/shm" =
+    { device = "shm";
+      fsType = "tmpfs";
+    };
+
+  fileSystems."/var/lib/containers/storage/zfs/graph/0dc5c84e61d9dccc2f00f9ab164cd1df2ee6e6bf642b99e7d25638ee5e4fe994" =
+    { device = "vault/containers/0dc5c84e61d9dccc2f00f9ab164cd1df2ee6e6bf642b99e7d25638ee5e4fe994";
+      fsType = "zfs";
+    };
+
   swapDevices = [ ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -123,7 +122,7 @@
   networking.useDHCP = lib.mkDefault true;
   # networking.interfaces.cni-podman0.useDHCP = lib.mkDefault true;
   # networking.interfaces.eth0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.veth65ee03c8.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vethefb4a13e.useDHCP = lib.mkDefault true;
   # networking.interfaces.wg0.useDHCP = lib.mkDefault true;
   # networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
 
diff --git a/modules/information.nix b/modules/information.nix
index 68c454b..7b9f8bb 100644
--- a/modules/information.nix
+++ b/modules/information.nix
@@ -31,11 +31,31 @@
   # Set environment variable pointing to wallabag configuration directory
   environment.variables.WALLABAG_DATA = "/var/lib/wallabag";
 
-  # Openbooks configuration
-  virtualisation.oci-containers.containers = {
-    openbooks = {
-      image = "evanbuss/openbooks:latest";
-      ports = [ "127.0.0.1:9000:80" ];
+  # Podman setup with ZFS
+  virtualisation = {
+    containers.enable = true;
+    containers.storage.settings.storage = {
+      driver = "zfs";
+      graphroot = "/var/lib/containers/storage";
+      runroot = "/run/containers/storage";
+    };
+
+    podman = {
+      enable = true;
+      dockerCompat = true;
+      extraPackages = with pkgs; [ zfs ];
+    };
+
+    # Openbooks configuration
+    oci-containers = {
+      backend = "podman";
+      containers = {
+        openbooks = {
+          image = "evanbuss/openbooks:latest";
+          ports = [ "127.0.0.1:9000:80" ];
+        };
+      };
     };
   };
+
 }