From ac410d3628989ecc6aadb38fddb34dca0d330050 Mon Sep 17 00:00:00 2001 From: Chris Toph Date: Sat, 11 Jan 2025 03:52:58 -0500 Subject: [PATCH] Working Komodo setup with Docker stacks not moved yet --- host/komodo/default.nix | 62 ++-- host/komodo/modules/komodo/compose.yaml | 111 +++---- host/komodo/modules/komodo/default.nix | 383 +++++++++++++++++++----- 3 files changed, 396 insertions(+), 160 deletions(-) diff --git a/host/komodo/default.nix b/host/komodo/default.nix index 680c62f..ad152a0 100644 --- a/host/komodo/default.nix +++ b/host/komodo/default.nix @@ -1,44 +1,39 @@ -{ modulesPath, config, pkgs, hostName, ... }: +{ + modulesPath, + config, + pkgs, + hostName, + ... +}: { ## MODULES & IMPORTS ## - imports = [ - # Common Modules - ../../common/lxc - ../../common/ssh + imports = [ + # Common Modules + ../../common/lxc + ../../common/ssh + + # Import hardware configuration. + ./hardware.nix + + # Local Modules + ./modules/frp + ./modules/komodo + ]; - # Import hardware configuration. - ./hardware.nix - - # Local Modules - ./modules/frp - ./modules/komodo - ]; - ## NETWORKING ## networking.firewall = { - allowedTCPPorts = [ 22 80 443 9120 ]; - allowedUDPPorts = [ ]; - interfaces.podman1 = { - # so that containers find eachother's names - allowedUDPPorts = [ 53 ]; - }; - }; - - systemd.services.create-wordpress-network = with config.virtualisation.oci-containers; { - serviceConfig.Type = "oneshot"; - wantedBy = [ - "${backend}-komodo.service" - "${backend}-mongo.service" - "${backend}-periphery.service" + allowedTCPPorts = [ + 22 + 80 + 443 + 9120 ]; - script = '' - ${pkgs.podman}/bin/podman network exists komodo-net || \ - ${pkgs.podman}/bin/podman network create komodo-net - ''; + allowedUDPPorts = [ ]; }; ## ENVIORMENT & PACKAGES ## environment.systemPackages = with pkgs; [ + compose2nix git micro openssh @@ -50,9 +45,6 @@ environment.variables = { HOSTNAME = hostName; }; - + ## PROGRAMS & SERVICES ## - # Enable podman - virtualisation.podman.enable = true; - virtualisation.oci-containers.backend = "podman"; } diff --git a/host/komodo/modules/komodo/compose.yaml b/host/komodo/modules/komodo/compose.yaml index 57ca17e..855e1cf 100644 --- a/host/komodo/modules/komodo/compose.yaml +++ b/host/komodo/modules/komodo/compose.yaml @@ -1,23 +1,25 @@ -########################## -# KOMODO COMPOSE - MONGO # -########################## +################################ +# 🦎 KOMODO COMPOSE - MONGO 🦎 # +################################ ## This compose file will deploy: ## 1. MongoDB ## 2. Komodo Core ## 3. Komodo Periphery - +name: komodo services: mongo: image: mongo - command: --quiet # suppress mongo logs a bit + labels: + komodo.skip: # Prevent Komodo from stopping with StopAllContainers + command: --quiet --wiredTigerCacheSizeGB 0.25 restart: unless-stopped logging: - driver: local # enable log rotation by default. see `https://docs.docker.com/config/containers/logging/local/` + driver: ${COMPOSE_LOGGING_DRIVER:-local} networks: - default - ports: - - 27017:27017 + # ports: + # - 27017:27017 volumes: - mongo-data:/data/db - mongo-config:/data/configdb @@ -26,74 +28,73 @@ services: MONGO_INITDB_ROOT_PASSWORD: ${DB_PASSWORD} core: - image: ghcr.io/mbecker20/komodo:latest - # image: ghcr.io/mbecker20/komodo:latest-aarch64 ## Use for arm support + image: ghcr.io/mbecker20/komodo:${COMPOSE_KOMODO_IMAGE_TAG:-latest} + labels: + komodo.skip: # Prevent Komodo from stopping with StopAllContainers restart: unless-stopped depends_on: - mongo logging: - driver: local + driver: ${COMPOSE_LOGGING_DRIVER:-local} networks: - default ports: - 9120:9120 - # volumes: # Optionally mount a custom core.config.toml - # - /path/to/core.config.toml:/config/config.toml - # extra_hosts: # allows for systemd Periphery connection at "http://host.docker.internal:8120" + env_file: ./komodo.env + environment: + KOMODO_DATABASE_ADDRESS: mongo:27017 + KOMODO_DATABASE_USERNAME: ${DB_USERNAME} + KOMODO_DATABASE_PASSWORD: ${DB_PASSWORD} + volumes: + ## Core cache for repos for latest commit hash / contents + - repo-cache:/repo-cache + ## Store sync files on server + # - /path/to/syncs:/syncs + ## Optionally mount a custom core.config.toml + # - /path/to/core.config.toml:/config/config.toml + ## Allows for systemd Periphery connection at + ## "http://host.docker.internal:8120" + # extra_hosts: # - host.docker.internal:host-gateway - environment: # https://github.com/mbecker20/komodo/blob/main/config/core.config.toml - KOMODO_HOST: ${KOMODO_HOST} - KOMODO_TITLE: ${KOMODO_TITLE} - KOMODO_ENSURE_SERVER: http://periphery:8120 - ## Mongo - KOMODO_MONGO_ADDRESS: mongo:27017 - KOMODO_MONGO_USERNAME: ${DB_USERNAME} - KOMODO_MONGO_PASSWORD: ${DB_PASSWORD} - ## Secrets - KOMODO_PASSKEY: ${KOMODO_PASSKEY} - KOMODO_WEBHOOK_SECRET: ${KOMODO_WEBHOOK_SECRET} - KOMODO_JWT_SECRET: ${KOMODO_JWT_SECRET} - ## Auth - KOMODO_LOCAL_AUTH: ${KOMODO_LOCAL_AUTH} - KOMODO_DISABLE_USER_REGISTRATION: ${KOMODO_DISABLE_USER_REGISTRATION} - ## Github Oauth - KOMODO_GITHUB_OAUTH_ENABLED: ${KOMODO_GITHUB_OAUTH_ENABLED} - KOMODO_GITHUB_OAUTH_ID: ${KOMODO_GITHUB_OAUTH_ID} - KOMODO_GITHUB_OAUTH_SECRET: ${KOMODO_GITHUB_OAUTH_SECRET} - ## Google Oauth - KOMODO_GOOGLE_OAUTH_ENABLED: ${KOMODO_GOOGLE_OAUTH_ENABLED} - KOMODO_GOOGLE_OAUTH_ID: ${KOMODO_GOOGLE_OAUTH_ID} - KOMODO_GOOGLE_OAUTH_SECRET: ${KOMODO_GOOGLE_OAUTH_SECRET} - ## Aws - KOMODO_AWS_ACCESS_KEY_ID: ${KOMODO_AWS_ACCESS_KEY_ID} - KOMODO_AWS_SECRET_ACCESS_KEY: ${KOMODO_AWS_SECRET_ACCESS_KEY} - ## Hetzner - KOMODO_HETZNER_TOKEN: ${KOMODO_HETZNER_TOKEN} ## Deploy Periphery container using this block, - ## or deploy the Periphery binary with systemd using https://github.com/mbecker20/komodo/tree/main/scripts + ## or deploy the Periphery binary with systemd using + ## https://github.com/mbecker20/komodo/tree/main/scripts periphery: - image: ghcr.io/mbecker20/periphery:latest - # image: ghcr.io/mbecker20/periphery:latest-aarch64 # Use for arm support + image: ghcr.io/mbecker20/periphery:${COMPOSE_KOMODO_IMAGE_TAG:-latest} + labels: + komodo.skip: # Prevent Komodo from stopping with StopAllContainers + restart: unless-stopped logging: - driver: local + driver: ${COMPOSE_LOGGING_DRIVER:-local} networks: - default + env_file: ./komodo.env volumes: + ## Mount external docker socket - /var/run/docker.sock:/var/run/docker.sock - - repos:/etc/komodo/repos # manage repos in a docker volume, or change it to an accessible host directory. - - stacks:/etc/komodo/stacks # manage stack files in a docker volume, or change it to an accessible host directory. - environment: - # If the disk size is overreporting, can use one of these to - # whitelist / blacklist the disks to filter them, whichever is easier. - # Accepts comma separated list of paths. - # Usually whitelisting just /etc/hostname gives correct size. - PERIPHERY_INCLUDE_DISK_MOUNTS: /etc/hostname - # PERIPHERY_EXCLUDE_DISK_MOUNTS: /snap,/etc/repos + ## Allow Periphery to see processes outside of container + - /proc:/proc + ## use self signed certs in docker volume, + ## or mount your own signed certs. + - ssl-certs:/etc/komodo/ssl + ## manage repos in a docker volume, + ## or change it to an accessible host directory. + - repos:/etc/komodo/repos + ## manage stack files in a docker volume, + ## or change it to an accessible host directory. + - stacks:/etc/komodo/stacks + ## Optionally mount a path to store compose files + # - /path/to/compose:/host/compose volumes: + # Mongo mongo-data: mongo-config: + # Core + repo-cache: + # Periphery + ssl-certs: repos: stacks: diff --git a/host/komodo/modules/komodo/default.nix b/host/komodo/modules/komodo/default.nix index cedd01e..0833c1a 100644 --- a/host/komodo/modules/komodo/default.nix +++ b/host/komodo/modules/komodo/default.nix @@ -1,72 +1,315 @@ -{config, pkgs, ... }: +# Auto-generated using compose2nix v0.3.1. +{ pkgs, lib, ... }: + { - config.virtualisation.oci-containers.containers = { - mongo = { - image = "docker.io/mongo"; - cmd = [ "--quiet" ]; - autoStart = true; - extraOptions = [ "--network=komodo-net" ]; - log-driver = "passthrough-tty"; - hostname = "mongo"; - ports = [ "27017:27017" ]; - volumes = [ - "/mnt/DockerStorage/komodo/mongo/data:/data/db" - "/mnt/DockerStorage/komodo/mongo/config:/data/configdb" - ]; - environmentFiles = [ ./komodo.env ]; - environment = { - MONGO_INITDB_ROOT_USERNAME = "\${DB_USERNAME}"; - MONGO_INITDB_ROOT_PASSWORD = "\${DB_PASSWORD}"; - }; - }; - - komodo = { - image = "ghcr.io/mbecker20/komodo:latest"; - autoStart = true; - extraOptions = [ "--network=komodo-net" ]; - dependsOn = [ "mongo" ]; - log-driver = "passthrough"; - hostname = "komodo"; - ports = [ "9120:9120" ]; - environmentFiles = [ ./komodo.env ]; - environment = { - KOMODO_HOST = "\${KOMODO_HOST}"; - KOMODO_TITLE = "\${KOMODO_TITLE}"; - KOMODO_ENSURE_SERVER = "http://periphery:8120"; - KOMODO_MONGO_ADDRESS = "mongo:27017"; - KOMODO_MONGO_USERNAME = "\${DB_USERNAME}"; - KOMODO_MONGO_PASSWORD = "\${DB_PASSWORD}"; - KOMODO_PASSKEY = "\${KOMODO_PASSKEY}"; - KOMODO_WEBHOOK_SECRET = "\${KOMODO_WEBHOOK_SECRET}"; - KOMODO_JWT_SECRET = "\${KOMODO_JWT_SECRET}"; - KOMODO_LOCAL_AUTH = "\${KOMODO_LOCAL_AUTH}"; - KOMODO_DISABLE_USER_REGISTRATION = "\${KOMODO_DISABLE_USER_REGISTRATION}"; - KOMODO_GITHUB_OAUTH_ENABLED = "\${KOMODO_GITHUB_OAUTH_ENABLED}"; - KOMODO_GITHUB_OAUTH_ID = "\${KOMODO_GITHUB_OAUTH_ID}"; - KOMODO_GITHUB_OAUTH_SECRET = "\${KOMODO_GITHUB_OAUTH_SECRET}"; - KOMODO_GOOGLE_OAUTH_ENABLED = "\${KOMODO_GOOGLE_OAUTH_ENABLED}"; - KOMODO_GOOGLE_OAUTH_ID = "\${KOMODO_GOOGLE_OAUTH_ID}"; - KOMODO_GOOGLE_OAUTH_SECRET = "\${KOMODO_GOOGLE_OAUTH_SECRET}"; - KOMODO_AWS_ACCESS_KEY_ID = "\${KOMODO_AWS_ACCESS_KEY_ID}"; - KOMODO_AWS_SECRET_ACCESS_KEY = "\${KOMODO_AWS_SECRET_ACCESS_KEY}"; - KOMODO_HETZNER_TOKEN = "\${KOMODO_HETZNER_TOKEN}"; - }; - }; - - periphery = { - image = "ghcr.io/mbecker20/periphery:latest"; - autoStart = true; - extraOptions = [ "--network=komodo-net" ]; - log-driver = "passthrough-tty"; - hostname = "periphery"; - volumes = [ - "/var/run/podman.sock:/var/run/docker.sock" - "/mnt/DockerStorage/komodo/repos:/etc/komodo/repos" - "mnt/DockerStorage/komodo/stacks:/etc/komodo/stacks" - ]; - environment = { - PERIPHERY_INCLUDE_DISK_MOUNTS = "/etc/hostname"; - }; - }; + # Runtime + virtualisation.docker = { + enable = true; + autoPrune.enable = true; }; -} \ No newline at end of file + virtualisation.oci-containers.backend = "docker"; + + # Containers + virtualisation.oci-containers.containers."komodo-core" = { + image = "ghcr.io/mbecker20/komodo:latest"; + environment = { + "COMPOSE_KOMODO_IMAGE_TAG" = "latest"; + "DB_PASSWORD" = "[REDACTED]"; + "DB_USERNAME" = "admin"; + "KOMODO_DATABASE_ADDRESS" = "mongo:27017"; + "KOMODO_DATABASE_PASSWORD" = "[REDACTED]"; + "KOMODO_DATABASE_USERNAME" = "admin"; + "KOMODO_DISABLE_CONFIRM_DIALOG" = "false"; + "KOMODO_DISABLE_NON_ADMIN_CREATE" = "false"; + "KOMODO_DISABLE_USER_REGISTRATION" = "false"; + "KOMODO_ENABLE_NEW_USERS" = "false"; + "KOMODO_FIRST_SERVER" = "https://periphery:8120"; + "KOMODO_GITHUB_OAUTH_ENABLED" = "false"; + "KOMODO_GOOGLE_OAUTH_ENABLED" = "false"; + "KOMODO_JWT_SECRET" = "x5jVLA6ClfJKaOVymKtLUbFJbWnA2mGS5AbKL5FoJmB9fdZ30BzMAzXXcfLbFdxT"; + "KOMODO_JWT_TTL" = "1-day"; + "KOMODO_LOCAL_AUTH" = "true"; + "KOMODO_MONITORING_INTERVAL" = "15-sec"; + "KOMODO_OIDC_ENABLED" = "false"; + "KOMODO_PASSKEY" = "tvjs5utkaW0Xvpru7qjEKJF3w6RdkBUm98StyOGKJFy5kdpQ3ZRzJbSyJmpMYIhA"; + "KOMODO_RESOURCE_POLL_INTERVAL" = "5-min"; + "KOMODO_TITLE" = "Komodo"; + "KOMODO_TRANSPARENT_MODE" = "false"; + "KOMODO_WEBHOOK_SECRET" = "ZUjiO97F9z3gliI8nIfmxzhbtP1TZ9FJUGr870sGxIhtxXMshRwHfhELScXMnQxK"; + "PASSKEY" = "tvjs5utkaW0Xvpru7qjEKJF3w6RdkBUm98StyOGKJFy5kdpQ3ZRzJbSyJmpMYIhA"; + "PERIPHERY_INCLUDE_DISK_MOUNTS" = "/etc/hostname"; + "PERIPHERY_PASSKEYS" = "tvjs5utkaW0Xvpru7qjEKJF3w6RdkBUm98StyOGKJFy5kdpQ3ZRzJbSyJmpMYIhA"; + "PERIPHERY_SSL_ENABLED" = "true"; + }; + environmentFiles = [ + "/home/toph/git/dotfiles/host/komodo/modules/komodo/komodo.env" + ]; + volumes = [ + "/mnt/DockerStorage/komodo/cache:/repo-cache:rw" + ]; + ports = [ + "9120:9120/tcp" + ]; + labels = { + "komodo.skip" = ""; + }; + dependsOn = [ + "komodo-mongo" + ]; + log-driver = "local"; + extraOptions = [ + "--network-alias=core" + "--network=komodo_default" + ]; + }; + + systemd.services."docker-komodo-core" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + RestartMaxDelaySec = lib.mkOverride 90 "1m"; + RestartSec = lib.mkOverride 90 "100ms"; + RestartSteps = lib.mkOverride 90 9; + }; + after = [ + "docker-network-komodo_default.service" + # "docker-volume-komodo_repo-cache.service" + ]; + requires = [ + "docker-network-komodo_default.service" + # "docker-volume-komodo_repo-cache.service" + ]; + partOf = [ + "docker-compose-komodo-root.target" + ]; + wantedBy = [ + "docker-compose-komodo-root.target" + ]; + }; + + virtualisation.oci-containers.containers."komodo-mongo" = { + image = "mongo"; + environment = { + "MONGO_INITDB_ROOT_PASSWORD" = "[REDACTED]"; + "MONGO_INITDB_ROOT_USERNAME" = "admin"; + }; + environmentFiles = [ + "/home/toph/git/dotfiles/host/komodo/modules/komodo/komodo.env" + ]; + volumes = [ + "/mnt/DockerStorage/komodo/mongo/config:/data/configdb:rw" + "/mnt/DockerStorage/komodo/mongo/data:/data/db:rw" + ]; + cmd = [ + "--quiet" + "--wiredTigerCacheSizeGB" + "0.25" + ]; + labels = { + "komodo.skip" = ""; + }; + log-driver = "local"; + extraOptions = [ + "--network-alias=mongo" + "--network=komodo_default" + ]; + }; + + systemd.services."docker-komodo-mongo" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + RestartMaxDelaySec = lib.mkOverride 90 "1m"; + RestartSec = lib.mkOverride 90 "100ms"; + RestartSteps = lib.mkOverride 90 9; + }; + after = [ + "docker-network-komodo_default.service" + # "docker-volume-komodo_mongo-config.service" + # "docker-volume-komodo_mongo-data.service" + ]; + requires = [ + "docker-network-komodo_default.service" + # "docker-volume-komodo_mongo-config.service" + # "docker-volume-komodo_mongo-data.service" + ]; + partOf = [ + "docker-compose-komodo-root.target" + ]; + wantedBy = [ + "docker-compose-komodo-root.target" + ]; + }; + + virtualisation.oci-containers.containers."komodo-periphery" = { + image = "ghcr.io/mbecker20/periphery:latest"; + environment = { + "COMPOSE_KOMODO_IMAGE_TAG" = "latest"; + "DB_PASSWORD" = "[REDACTED]"; + "DB_USERNAME" = "admin"; + "KOMODO_DISABLE_CONFIRM_DIALOG" = "false"; + "KOMODO_DISABLE_NON_ADMIN_CREATE" = "false"; + "KOMODO_DISABLE_USER_REGISTRATION" = "false"; + "KOMODO_ENABLE_NEW_USERS" = "false"; + "KOMODO_FIRST_SERVER" = "https://periphery:8120"; + "KOMODO_GITHUB_OAUTH_ENABLED" = "false"; + "KOMODO_GOOGLE_OAUTH_ENABLED" = "false"; + "KOMODO_JWT_SECRET" = "x5jVLA6ClfJKaOVymKtLUbFJbWnA2mGS5AbKL5FoJmB9fdZ30BzMAzXXcfLbFdxT"; + "KOMODO_JWT_TTL" = "1-day"; + "KOMODO_LOCAL_AUTH" = "true"; + "KOMODO_MONITORING_INTERVAL" = "15-sec"; + "KOMODO_OIDC_ENABLED" = "false"; + "KOMODO_PASSKEY" = "tvjs5utkaW0Xvpru7qjEKJF3w6RdkBUm98StyOGKJFy5kdpQ3ZRzJbSyJmpMYIhA"; + "KOMODO_RESOURCE_POLL_INTERVAL" = "5-min"; + "KOMODO_TITLE" = "Komodo"; + "KOMODO_TRANSPARENT_MODE" = "false"; + "KOMODO_WEBHOOK_SECRET" = "ZUjiO97F9z3gliI8nIfmxzhbtP1TZ9FJUGr870sGxIhtxXMshRwHfhELScXMnQxK"; + "PASSKEY" = "tvjs5utkaW0Xvpru7qjEKJF3w6RdkBUm98StyOGKJFy5kdpQ3ZRzJbSyJmpMYIhA"; + "PERIPHERY_INCLUDE_DISK_MOUNTS" = "/etc/hostname"; + "PERIPHERY_PASSKEYS" = "tvjs5utkaW0Xvpru7qjEKJF3w6RdkBUm98StyOGKJFy5kdpQ3ZRzJbSyJmpMYIhA"; + "PERIPHERY_SSL_ENABLED" = "true"; + }; + environmentFiles = [ + "/home/toph/git/dotfiles/host/komodo/modules/komodo/komodo.env" + ]; + volumes = [ + "/proc:/proc:rw" + "/var/run/docker.sock:/var/run/docker.sock:rw" + "/mnt/DockerStorage/komodo/repos:/etc/komodo/repos:rw" + "/mnt/DockerStorage/komodo/ssl:/etc/komodo/ssl:rw" + "/mnt/DockerStorage/komodo/stacks:/etc/komodo/stacks:rw" + ]; + labels = { + "komodo.skip" = ""; + }; + log-driver = "local"; + extraOptions = [ + "--network-alias=periphery" + "--network=komodo_default" + ]; + }; + + systemd.services."docker-komodo-periphery" = { + serviceConfig = { + Restart = lib.mkOverride 90 "always"; + RestartMaxDelaySec = lib.mkOverride 90 "1m"; + RestartSec = lib.mkOverride 90 "100ms"; + RestartSteps = lib.mkOverride 90 9; + }; + after = [ + "docker-network-komodo_default.service" + # "docker-volume-komodo_repos.service" + # "docker-volume-komodo_ssl-certs.service" + # "docker-volume-komodo_stacks.service" + ]; + requires = [ + "docker-network-komodo_default.service" + # "docker-volume-komodo_repos.service" + # "docker-volume-komodo_ssl-certs.service" + # "docker-volume-komodo_stacks.service" + ]; + partOf = [ + "docker-compose-komodo-root.target" + ]; + wantedBy = [ + "docker-compose-komodo-root.target" + ]; + }; + + # Networks + systemd.services."docker-network-komodo_default" = { + path = [ pkgs.docker ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStop = "docker network rm -f komodo_default"; + }; + script = '' + docker network inspect komodo_default || docker network create komodo_default + ''; + partOf = [ "docker-compose-komodo-root.target" ]; + wantedBy = [ "docker-compose-komodo-root.target" ]; + }; + + # # Volumes + # systemd.services."docker-volume-komodo_mongo-config" = { + # path = [ pkgs.docker ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + # script = '' + # docker volume inspect komodo_mongo-config || docker volume create komodo_mongo-config + # ''; + # partOf = [ "docker-compose-komodo-root.target" ]; + # wantedBy = [ "docker-compose-komodo-root.target" ]; + # }; + # systemd.services."docker-volume-komodo_mongo-data" = { + # path = [ pkgs.docker ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + # script = '' + # docker volume inspect komodo_mongo-data || docker volume create komodo_mongo-data + # ''; + # partOf = [ "docker-compose-komodo-root.target" ]; + # wantedBy = [ "docker-compose-komodo-root.target" ]; + # }; + # systemd.services."docker-volume-komodo_repo-cache" = { + # path = [ pkgs.docker ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + # script = '' + # docker volume inspect komodo_repo-cache || docker volume create komodo_repo-cache + # ''; + # partOf = [ "docker-compose-komodo-root.target" ]; + # wantedBy = [ "docker-compose-komodo-root.target" ]; + # }; + # systemd.services."docker-volume-komodo_repos" = { + # path = [ pkgs.docker ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + # script = '' + # docker volume inspect komodo_repos || docker volume create komodo_repos + # ''; + # partOf = [ "docker-compose-komodo-root.target" ]; + # wantedBy = [ "docker-compose-komodo-root.target" ]; + # }; + # systemd.services."docker-volume-komodo_ssl-certs" = { + # path = [ pkgs.docker ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + # script = '' + # docker volume inspect komodo_ssl-certs || docker volume create komodo_ssl-certs + # ''; + # partOf = [ "docker-compose-komodo-root.target" ]; + # wantedBy = [ "docker-compose-komodo-root.target" ]; + # }; + # systemd.services."docker-volume-komodo_stacks" = { + # path = [ pkgs.docker ]; + # serviceConfig = { + # Type = "oneshot"; + # RemainAfterExit = true; + # }; + # script = '' + # docker volume inspect komodo_stacks || docker volume create komodo_stacks + # ''; + # partOf = [ "docker-compose-komodo-root.target" ]; + # wantedBy = [ "docker-compose-komodo-root.target" ]; + # }; + + # Root service + # When started, this will automatically create all resources and start + # the containers. When stopped, this will teardown all resources. + systemd.targets."docker-compose-komodo-root" = { + unitConfig = { + Description = "Root target generated by compose2nix."; + }; + wantedBy = [ "multi-user.target" ]; + }; +}