From 663e5cb739a6df569eb9ec6ea97cefe1c76be48c Mon Sep 17 00:00:00 2001
From: coolneng <akasroua@gmail.com>
Date: Tue, 20 Dec 2022 14:03:09 +0100
Subject: [PATCH] Use ZFS storage driver for containers
---
modules/hardware-configuration.nix | 143 ++++++++++++++---------------
modules/information.nix | 30 +++++-
2 files changed, 96 insertions(+), 77 deletions(-)
diff --git a/modules/hardware-configuration.nix b/modules/hardware-configuration.nix
index a56d17e..4132176 100644
--- a/modules/hardware-configuration.nix
+++ b/modules/hardware-configuration.nix
@@ -23,82 +23,11 @@
fsType = "vfat";
};
- fileSystems."/var/lib/containers/storage/overlay" =
- { device = "/var/lib/containers/storage/overlay";
- fsType = "none";
- options = [ "bind" ];
- };
-
- fileSystems."/var/lib/containers/storage/overlay-containers/dba1864ff1473b3ba5fddd103f9cfff67334fbcc5c99c42b619e8a6d88776061/userdata/shm" =
- { device = "shm";
- fsType = "tmpfs";
- };
-
- fileSystems."/var/lib/containers/storage/overlay/1990fed1fbfbe8dc75ded251c84e8d82700fef0f01e8ead81916cadc5ec2cac1/merged" =
- { device = "overlay";
- fsType = "overlay";
- };
-
fileSystems."/vault" =
{ device = "vault";
fsType = "zfs";
};
- fileSystems."/vault/radicale" =
- { device = "vault/radicale";
- fsType = "zfs";
- };
-
- fileSystems."/vault/syncthing" =
- { device = "vault/syncthing";
- fsType = "zfs";
- };
-
- fileSystems."/vault/backups" =
- { device = "vault/backups";
- fsType = "zfs";
- };
-
- fileSystems."/vault/git" =
- { device = "vault/git";
- fsType = "zfs";
- };
-
- fileSystems."/vault/nextcloud" =
- { device = "vault/nextcloud";
- fsType = "zfs";
- };
-
- fileSystems."/vault/backups/monolith" =
- { device = "vault/backups/monolith";
- fsType = "zfs";
- };
-
- fileSystems."/vault/backups/zion" =
- { device = "vault/backups/zion";
- fsType = "zfs";
- };
-
- fileSystems."/vault/backups/zion/databases" =
- { device = "vault/backups/zion/databases";
- fsType = "zfs";
- };
-
- fileSystems."/var/lib/wallabag" =
- { device = "vault/state_directories/wallabag";
- fsType = "zfs";
- };
-
- fileSystems."/var/lib/gitea" =
- { device = "vault/state_directories/gitea";
- fsType = "zfs";
- };
-
- fileSystems."/var/lib/signald" =
- { device = "vault/state_directories/signald";
- fsType = "zfs";
- };
-
fileSystems."/var/lib/matrix-as-signal" =
{ device = "vault/state_directories/matrix-as-signal";
fsType = "zfs";
@@ -109,11 +38,81 @@
fsType = "zfs";
};
+ fileSystems."/var/lib/gitea" =
+ { device = "vault/state_directories/gitea";
+ fsType = "zfs";
+ };
+
fileSystems."/var/lib/matrix-as-telegram" =
{ device = "vault/state_directories/matrix-as-telegram";
fsType = "zfs";
};
+ fileSystems."/var/lib/signald" =
+ { device = "vault/state_directories/signald";
+ fsType = "zfs";
+ };
+
+ fileSystems."/var/lib/wallabag" =
+ { device = "vault/state_directories/wallabag";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/git" =
+ { device = "vault/git";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/nextcloud" =
+ { device = "vault/nextcloud";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/backups" =
+ { device = "vault/backups";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/radicale" =
+ { device = "vault/radicale";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/backups/zion" =
+ { device = "vault/backups/zion";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/backups/monolith" =
+ { device = "vault/backups/monolith";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/backups/zion/databases" =
+ { device = "vault/backups/zion/databases";
+ fsType = "zfs";
+ };
+
+ fileSystems."/vault/syncthing" =
+ { device = "vault/syncthing";
+ fsType = "zfs";
+ };
+
+ fileSystems."/var/lib/containers" =
+ { device = "vault/containers";
+ fsType = "zfs";
+ };
+
+ fileSystems."/var/lib/containers/storage/zfs-containers/1996d0540bceeb3dea027b3e5ef9e6cd94ea527ce657bf6461286d7b4afa637f/userdata/shm" =
+ { device = "shm";
+ fsType = "tmpfs";
+ };
+
+ fileSystems."/var/lib/containers/storage/zfs/graph/0dc5c84e61d9dccc2f00f9ab164cd1df2ee6e6bf642b99e7d25638ee5e4fe994" =
+ { device = "vault/containers/0dc5c84e61d9dccc2f00f9ab164cd1df2ee6e6bf642b99e7d25638ee5e4fe994";
+ fsType = "zfs";
+ };
+
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -123,7 +122,7 @@
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.cni-podman0.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
- # networking.interfaces.veth65ee03c8.useDHCP = lib.mkDefault true;
+ # networking.interfaces.vethefb4a13e.useDHCP = lib.mkDefault true;
# networking.interfaces.wg0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
diff --git a/modules/information.nix b/modules/information.nix
index 68c454b..7b9f8bb 100644
--- a/modules/information.nix
+++ b/modules/information.nix
@@ -31,11 +31,31 @@
# Set environment variable pointing to wallabag configuration directory
environment.variables.WALLABAG_DATA = "/var/lib/wallabag";
- # Openbooks configuration
- virtualisation.oci-containers.containers = {
- openbooks = {
- image = "evanbuss/openbooks:latest";
- ports = [ "127.0.0.1:9000:80" ];
+ # Podman setup with ZFS
+ virtualisation = {
+ containers.enable = true;
+ containers.storage.settings.storage = {
+ driver = "zfs";
+ graphroot = "/var/lib/containers/storage";
+ runroot = "/run/containers/storage";
+ };
+
+ podman = {
+ enable = true;
+ dockerCompat = true;
+ extraPackages = with pkgs; [ zfs ];
+ };
+
+ # Openbooks configuration
+ oci-containers = {
+ backend = "podman";
+ containers = {
+ openbooks = {
+ image = "evanbuss/openbooks:latest";
+ ports = [ "127.0.0.1:9000:80" ];
+ };
+ };
};
};
+
}