diff --git a/config/_ids.nix b/config/_ids.nix index 2fe6985..90f3575 100644 --- a/config/_ids.nix +++ b/config/_ids.nix @@ -19,5 +19,6 @@ dns = 1042; z2m = 1016; papers = 1032; + mail = 1033; }; } diff --git a/containers/db.nix b/containers/db.nix index b2f046b..08fd733 100644 --- a/containers/db.nix +++ b/containers/db.nix @@ -36,6 +36,7 @@ }; private = true; auth = true; + group = "Système"; description = "Base de données PostgreSQL."; icon = "https://wiki.postgresql.org/images/3/30/PostgreSQL_logo.3colors.120x120.png"; otherDomains = [ diff --git a/containers/dns.nix b/containers/dns.nix index e6458e6..a7f85a6 100644 --- a/containers/dns.nix +++ b/containers/dns.nix @@ -35,6 +35,7 @@ }; private = true; auth = true; + group = "Système"; description = "Serveur DNS & DHCP fourni par AdGuardHome & Unbound."; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/adguard-home.png"; }; diff --git a/containers/finances.nix b/containers/finances.nix index 2d0e3be..9764706 100644 --- a/containers/finances.nix +++ b/containers/finances.nix @@ -37,6 +37,7 @@ in }; private = true; auth = true; + group = "Outils"; description = "Suivi des finances via Firefly-III."; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/firefly-iii.png"; }; diff --git a/containers/frigate.nix b/containers/frigate.nix index cefe0a8..f6e259d 100644 --- a/containers/frigate.nix +++ b/containers/frigate.nix @@ -6,6 +6,7 @@ memory = 2048; disk = "15G"; swap = 1024; + onboot = false; }; system = { port = 80; diff --git a/containers/mail.nix b/containers/mail.nix new file mode 100644 index 0000000..ebc4d84 --- /dev/null +++ b/containers/mail.nix @@ -0,0 +1,34 @@ +{ ... }: +let + db_pass = import ../config/_passwords.nix; +in +{ + my-lxc.mail = { + container = { + cores = 1; + memory = 512; + disk = "4G"; + swap = 512; + }; + system = { + port = 80; + additionalPorts = [ + 25 # smtp + 465 # smtps + ]; + services.postfix = { + enable = true; + enableSubmission = true; + enableSubmissions = true; + mailname = "mail.m0rel.eu"; + domain = "plg.m0rel.eu"; + }; + }; + logging = { + enable = true; + metricsEnable = true; + }; + private = true; # available only on private lan + auth = false; # auth overlay + }; +} diff --git a/containers/media.nix b/containers/media.nix index 06a29d8..f7c8e6b 100644 --- a/containers/media.nix +++ b/containers/media.nix @@ -29,6 +29,7 @@ in }; private = true; auth = false; + group = "Médias"; description = "Serveur média avec Jellyfin / jellyseer (?)."; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/jellyfin.png"; }; diff --git a/containers/metrics.nix b/containers/metrics.nix index 2106de5..6aa3a49 100644 --- a/containers/metrics.nix +++ b/containers/metrics.nix @@ -22,6 +22,7 @@ }; private = true; auth = true; # unused anyway + group = "Système"; description = "Serveur de métriques fourni par Prometheus."; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/prometheus.png"; }; diff --git a/containers/monitoring.nix b/containers/monitoring.nix index f8afc8f..d7d2fe1 100644 --- a/containers/monitoring.nix +++ b/containers/monitoring.nix @@ -31,6 +31,7 @@ in }; private = true; auth = true; + group = "Système"; description = "Interface de monitoring via Grafana."; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/grafana.png"; }; diff --git a/containers/mqtt.nix b/containers/mqtt.nix index c2331db..4c035f4 100644 --- a/containers/mqtt.nix +++ b/containers/mqtt.nix @@ -46,6 +46,7 @@ in private = true; # available only on private lan auth = true; # auth overlay description = "Serveur MQTT"; + group = "Système"; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/mqtt.png"; }; } diff --git a/containers/papers.nix b/containers/papers.nix index 2ced0ae..a1f2040 100644 --- a/containers/papers.nix +++ b/containers/papers.nix @@ -26,6 +26,7 @@ in }; private = true; auth = true; + group = "Outils"; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/paperless-ngx.png"; }; diff --git a/containers/power.nix b/containers/power.nix index b2973de..a50142d 100644 --- a/containers/power.nix +++ b/containers/power.nix @@ -7,6 +7,7 @@ memory = 512; disk = "5G"; swap = 512; + onboot = false; }; system = { port = 80; @@ -20,6 +21,7 @@ }; private = true; auth = true; + group = "Système"; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/ups.png"; }; diff --git a/containers/proxy.nix b/containers/proxy.nix index 1d2e0aa..cec1f45 100644 --- a/containers/proxy.nix +++ b/containers/proxy.nix @@ -50,6 +50,7 @@ }; private = true; auth = true; + group = "Système"; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/traefik.png"; }; diff --git a/containers/yarrr.nix b/containers/yarrr.nix index 543c395..ed5f266 100644 --- a/containers/yarrr.nix +++ b/containers/yarrr.nix @@ -62,5 +62,6 @@ in port = 9696; } ]; + group = "Médias"; }; } diff --git a/containers/z2m.nix b/containers/z2m.nix index 09b31d7..646ba22 100644 --- a/containers/z2m.nix +++ b/containers/z2m.nix @@ -6,6 +6,7 @@ memory = 512; disk = "6G"; swap = 512; + onboot = false; }; system = { additionalPorts = [ 80 ]; @@ -19,6 +20,7 @@ }; private = true; # available only on private lan auth = true; # auth overlay + group = "Système"; icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/zigbee2mqtt-light.png"; }; } diff --git a/modules/containers-terraform-authentik.nix b/modules/containers-terraform-authentik.nix index 05474c1..0c3a5c3 100644 --- a/modules/containers-terraform-authentik.nix +++ b/modules/containers-terraform-authentik.nix @@ -35,6 +35,7 @@ in protocol_provider = "\${resource.authentik_provider_proxy.${containerName}.id}"; meta_description = def.description; meta_icon = def.icon; + group = def.group; } ) cfg ) @@ -44,42 +45,49 @@ in slug = "home_assistant"; protocol_provider = "\${resource.authentik_provider_oauth2.home_assistant.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/home-assistant.png"; + group = "Médias"; }; matrix = { name = "matrix"; slug = "matrix"; protocol_provider = "\${resource.authentik_provider_oauth2.matrix.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/matrix-light.png"; + group = "Outils"; }; vaultwarden = { name = "vaultwarden"; slug = "vaultwarden"; protocol_provider = "\${resource.authentik_provider_oauth2.vaultwarden.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/vaultwarden-light.png"; + group = "Outils"; }; gitea = { name = "gitea"; slug = "gitea"; protocol_provider = "\${resource.authentik_provider_oauth2.gitea.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/gitea.png"; + group = "Outils"; }; nas = { name = "nas"; slug = "nas"; protocol_provider = "\${resource.authentik_provider_oauth2.nas.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/synology-light.png"; + group = "Médias"; }; jellyfin = { name = "jellyfin"; slug = "jellyfin"; protocol_provider = "\${resource.authentik_provider_oauth2.jellyfin.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/jellyfin.png"; + group = "Médias"; }; proxmox = { name = "proxmox"; slug = "proxmox"; protocol_provider = "\${resource.authentik_provider_oauth2.proxmox.id}"; meta_icon = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/png/proxmox-light.png"; + group = "Système"; }; }; diff --git a/modules/containers-terraform-proxmox.nix b/modules/containers-terraform-proxmox.nix index 6f28842..3608fbd 100644 --- a/modules/containers-terraform-proxmox.nix +++ b/modules/containers-terraform-proxmox.nix @@ -30,7 +30,7 @@ in type = "veth"; }; protection = c.protection; - onboot = true; + onboot = c.onboot; rootfs = { storage = "local-lvm"; size = c.disk; diff --git a/modules/containers.nix b/modules/containers.nix index 7b58309..11ebf21 100644 --- a/modules/containers.nix +++ b/modules/containers.nix @@ -65,6 +65,11 @@ in description = "Overrides to the Proxmox LXC Terraform resource"; default = { }; }; + onboot = mkOption { + type = bool; + default = true; + description = "Boot at Proxmox's startup"; + }; protection = mkOption { type = bool; description = "Whether container should be protected against changes."; @@ -174,6 +179,11 @@ in description = "Possible description for the service"; default = null; }; + group = mkOption { + type = nullOr str; + description = "Group for the service (on Authentik)"; + default = null; + }; icon = mkOption { type = nullOr str; description = "URL for a logo for the service"; diff --git a/modules/terraform-base.nix b/modules/terraform-base.nix index 598453e..647f9ae 100644 --- a/modules/terraform-base.nix +++ b/modules/terraform-base.nix @@ -3,7 +3,7 @@ terraform.required_providers = { proxmox = { source = "Telmate/proxmox"; - version = "~> 2.9.11"; + version = "= 3.0.2-rc07"; }; postgresql = {