Migrated Flame as a docker container

2026-04-11 22:31:18 +02:00
parent 2b88cf3794
commit 5a3ca7f27c
5 changed files with 40 additions and 117 deletions
--- a/nixos/roles/frontpage/frontpage.nix
+++ b/nixos/roles/frontpage/frontpage.nix
@@ -1,78 +1,40 @@
-# frontpage/frontpage.nix
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, lib, ... }:

 let
  address = config.systemd.network.networks."10-ethernet".networkConfig.Address;
  ip = builtins.elemAt (lib.splitString "/" address) 0;
-  port = 15005;
-
-  catppuccinFlavor = "mocha";
-  logo = if catppuccinFlavor == "latte" then "assets/light_circle.png" else "assets/dark_circle.png";
-  faviconZip = if catppuccinFlavor == "latte" then "light_favicon.zip" else "dark_favicon.zip";
-
-  catppuccinHomer = pkgs.fetchFromGitHub {
-    owner = "mrpbennett";
-    repo = "catppuccin-homer";
-    rev = "main";
-    sha256 = "1a4fchqffgxj4xpgfsv26pwg7a0dr4qgqz6f7rxnqlvz3mj63faw";
-  };
-
-  mainConfig = pkgs.writeText "config.yml" ''
-    title: "Dashboard"
-    subtitle: ""
-    header: true
-    footer: false
-    logo: "${logo}"
-    stylesheet:
-      - "assets/catppuccin-${catppuccinFlavor}.css"
-    defaults:
-      colorTheme: dark
-    services:
-      - name: "Services"
-        items:
-          - name: "Vaultwarden"
-            url: "https://${ip}:8222"
-          - name: "SearXNG"
-            url: "http://${ip}:11080"
-  '';
-
-  mainRoot =
-    pkgs.runCommand "homer-main"
-      {
-        nativeBuildInputs = [ pkgs.unzip ];
-      }
-      ''
-        cp -r ${pkgs.homer}/. $out
-        chmod -R u+w $out
-        cp ${mainConfig} $out/config.yml
-        mkdir -p $out/assets/icons
-        cp ${catppuccinHomer}/flavours/catppuccin-${catppuccinFlavor}.css $out/assets/catppuccin-${catppuccinFlavor}.css
-        cp ${catppuccinHomer}/assets/logos/dark_circle.png $out/assets/dark_circle.png
-        cp ${catppuccinHomer}/assets/logos/light_circle.png $out/assets/light_circle.png
-        unzip ${catppuccinHomer}/assets/favicons/${faviconZip} -d $out/assets/icons/
-      '';
 in
 {
-  services.nginx = {
-    enable = true;
-    virtualHosts."homer-main" = {
-      listen = [
-        {
-          inherit port;
-          addr = "0.0.0.0";
-        }
-      ];
-      root = "${mainRoot}";
-      locations."/" = {
-        index = "index.html";
-        tryFiles = "$uri $uri/ /index.html";
+  sops.secrets.flame_password = { };
+  sops.secrets.flame_calvin_password = { };
+
+  virtualisation = {
+    docker.enable = true;
+    oci-containers = {
+      backend = "docker";
+      containers = {
+        flame = {
+          image = "pawelmalak/flame:latest";
+          ports = [ "15005:5005" ];
+          volumes = [
+            "/var/lib/flame:/app/data"
+            "/var/run/docker.sock:/var/run/docker.sock"
+          ];
+          environmentFiles = [ config.sops.secrets.flame_password.path ];
+        };
+        flame-calvin = {
+          image = "pawelmalak/flame:latest";
+          ports = [ "15006:5005" ];
+          volumes = [ "/var/lib/flame-calvin:/app/data" ];
+          environmentFiles = [ config.sops.secrets.flame_calvin_password.path ];
+        };
      };
    };
  };
-  networking.firewall.allowedTCPPorts = [ port ];
+
+  networking.firewall.allowedTCPPorts = [
+    15005
+    15006
+  ];
+
 }