setup filerun in cloud with arion

host/cloud/default.nix

@@ -3,6 +3,7 @@
   config,
   pkgs,
   hostName,
+  admin,
   ...
 }:
 {
@@ -20,6 +21,8 @@
 
     # cron
     ./modules/cron
+    # Filerun
+    ./modules/filerun
     # Logrotate
     ./modules/logrotate
     # Caddy
@@ -40,10 +43,12 @@
   };
 
   ## USERS ##
+  users.users.${admin}.extraGroups = [ "docker" ];
 
   ## ENVIORMENT & PACKAGES ##
   nixpkgs.overlays = [ (import ../../nix/overlays) ];
   environment.systemPackages = with pkgs; [
+    arion
     git
     mergerfs
     micro

host/cloud/modules/caddy/default.nix

@@ -7,10 +7,10 @@
         extraConfig = ''
           reverse_proxy http://localhost:8181 {
             header_up Host {host}
-            header_up X-Forwarded-For {remote}
+            # header_up X-Forwarded-For {remote}
-            header_up X-Forwarded-Proto {scheme}
+            # header_up X-Forwarded-Proto {scheme}
-            header_up X-Forwarded-Protocol {scheme}
+            # header_up X-Forwarded-Protocol {scheme}
-            header_up X-Forwarded-Port {server_port}
+            # header_up X-Forwarded-Port {server_port}
           }
         '';
       };

host/cloud/modules/filerun/.env

@@ -0,0 +1,4 @@
+DB_NAME=filerun
+DB_USER=admin
+DB_PASS=m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY
+DB_ROOT_PASS=pHUlPjDwhfpfAJPlF/FYN8q5w2R+0/U4aosJ5FOBPIejHkmm

host/cloud/modules/filerun/arion-compose.nix

@@ -0,0 +1,41 @@
+{
+  services = {
+    db.service = {
+      image = "mariadb:10.11";
+      user = "1000:1004";
+      environment = {
+        MYSQL_ROOT_PASSWORD = "pHUlPjDwhfpfAJPlF/FYN8q5w2R+0/U4aosJ5FOBPIejHkmm";
+        MYSQL_USER = "admin";
+        MYSQL_PASSWORD = "m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY";
+        MYSQL_DATABASE = "filerun";
+      };
+      volumes = [
+        "/pool/filerun/db:/var/lib/mysql"
+      ];
+    };
+
+    web.service = {
+      image = "filerun/filerun:8.1";
+      user = "root";
+      tty = true;
+      environment = {
+        FR_DB_HOST = "db";
+        FR_DB_PORT = "3306";
+        FR_DB_NAME = "filerun";
+        FR_DB_USER = "admin";
+        FR_DB_PASS = "m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY";
+        APACHE_RUN_USER = "toph";
+        APACHE_RUN_USER_ID = "1000";
+        APACHE_RUN_GROUP = "ryot";
+        APACHE_RUN_GROUP_ID = "1004";
+      };
+      depends_on = [ "db" ];
+      ports = [ "8181:80" ];
+      volumes = [
+        "/pool/filerun/html:/var/www/html"
+        "/pool/filerun/user-files:/user-files"
+        "/pool/:/pool"
+      ];
+    };
+  };
+}

host/cloud/modules/filerun/arion-compose.yml

@@ -0,0 +1,58 @@
+{
+  "networks": { "default": { "name": "filerun" } },
+  "services":
+    {
+      "db":
+        {
+          "environment":
+            {
+              "MYSQL_DATABASE": "filerun",
+              "MYSQL_PASSWORD": "m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY",
+              "MYSQL_ROOT_PASSWORD": "pHUlPjDwhfpfAJPlF/FYN8q5w2R+0/U4aosJ5FOBPIejHkmm",
+              "MYSQL_USER": "admin",
+            },
+          "image": "mariadb:10.11",
+          "sysctls": {},
+          "user": "1000:1004",
+          "volumes": ["/pool/filerun/db:/var/lib/mysql"],
+        },
+      "web":
+        {
+          "depends_on": ["db"],
+          "environment":
+            {
+              "APACHE_RUN_GROUP": "ryot",
+              "APACHE_RUN_GROUP_ID": "1004",
+              "APACHE_RUN_USER": "toph",
+              "APACHE_RUN_USER_ID": "1000",
+              "FR_DB_HOST": "db",
+              "FR_DB_NAME": "filerun",
+              "FR_DB_PASS": "m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY",
+              "FR_DB_PORT": "3306",
+              "FR_DB_USER": "admin",
+            },
+          "image": "filerun/filerun:8.1",
+          "ports": ["8181:80"],
+          "sysctls": {},
+          "tty": true,
+          "user": "root",
+          "volumes":
+            [
+              "/pool/filerun/html:/var/www/html",
+              "/pool/filerun/user-files:/user-files",
+            ],
+        },
+    },
+  "version": "3.4",
+  "volumes": {},
+  "x-arion":
+    {
+      "images": [],
+      "project": { "name": "filerun" },
+      "serviceInfo":
+        {
+          "db": { "defaultExec": ["/bin/sh"] },
+          "web": { "defaultExec": ["/bin/sh"] },
+        },
+    },
+}

host/cloud/modules/filerun/compose.yml

@@ -0,0 +1,37 @@
+name: filerun
+services:
+    db:
+        image: mariadb:10.5
+        user: 1001:1004
+        environment:
+            MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASS}
+            MYSQL_USER: ${DB_USER}
+            MYSQL_PASSWORD: ${DB_PASS}
+            MYSQL_DATABASE: ${DB_NAME}
+        restart: unless-stopped
+        volumes:
+            - /pool/filerun/db:/var/lib/mysql
+
+    web:
+        image: filerun/filerun:8.1
+        user: root
+        environment:
+            FR_DB_HOST: db
+            FR_DB_PORT: 3306
+            FR_DB_NAME: ${DB_NAME}
+            FR_DB_USER: ${DB_USER}
+            FR_DB_PASS: ${DB_PASS}
+            APACHE_RUN_USER: toph
+            APACHE_RUN_USER_ID: 1001
+            APACHE_RUN_GROUP: toph
+            APACHE_RUN_GROUP_ID: 1004
+        depends_on:
+            - db
+        links:
+            - db:db
+        ports:
+            - "8181:80"
+        restart: unless-stopped
+        volumes:
+            - /pool/filerun/html:/var/www/html
+            - /pool/filerun/user-files:/user-files

host/cloud/modules/filerun/default.nix

@@ -0,0 +1,29 @@
+{
+
+  imports =
+    let
+      commit = "9f01fb79f61f53fe31d5ef831e420ab9ad252b99";
+    in
+    [
+      "${
+        builtins.fetchTarball {
+          name = "arion-v0.2.2.0";
+          url = "https://github.com/hercules-ci/arion/archive/${commit}.tar.gz";
+          # obtained via nix-prefetch-url --unpack <url>
+          sha256 = "1y2wi9kjb1agrvzaj6417lap4qg969hdfz3cmw3v3sz1q5mqcaw5";
+        }
+      }/nixos-module.nix"
+    ];
+
+  virtualisation.docker.enable = true;
+  virtualisation.arion = {
+    backend = "docker"; # or "docker"
+    projects.filerun = {
+      # serviceName = "filerun";
+      settings = {
+        # Specify you project here, or import it from a file.
+        imports = [ ./arion-compose.nix ];
+      };
+    };
+  };
+}

host/cloud/modules/filerun/oci.nix

@@ -0,0 +1,126 @@
+# Auto-generated using compose2nix v0.3.1.
+{ pkgs, lib, ... }:
+
+{
+  # Runtime
+  virtualisation.docker = {
+    enable = true;
+    autoPrune.enable = true;
+  };
+  virtualisation.oci-containers.backend = "docker";
+
+  # Containers
+  virtualisation.oci-containers.containers."filerun-db" = {
+    image = "mariadb:10.5";
+    environment = {
+      "MYSQL_DATABASE" = "filerun";
+      "MYSQL_PASSWORD" = "m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY";
+      "MYSQL_ROOT_PASSWORD" = "pHUlPjDwhfpfAJPlF/FYN8q5w2R+0/U4aosJ5FOBPIejHkmm";
+      "MYSQL_USER" = "admin";
+    };
+    volumes = [
+      "/pool/filerun/db:/var/lib/mysql:rw"
+    ];
+    user = "root";
+    log-driver = "journald";
+    extraOptions = [
+      "--network-alias=db"
+      "--network=filerun_default"
+    ];
+  };
+  systemd.services."docker-filerun-db" = {
+    serviceConfig = {
+      Restart = lib.mkOverride 90 "always";
+      RestartMaxDelaySec = lib.mkOverride 90 "1m";
+      RestartSec = lib.mkOverride 90 "100ms";
+      RestartSteps = lib.mkOverride 90 9;
+    };
+    after = [
+      "docker-network-filerun_default.service"
+    ];
+    requires = [
+      "docker-network-filerun_default.service"
+    ];
+    partOf = [
+      "docker-compose-filerun-root.target"
+    ];
+    wantedBy = [
+      "docker-compose-filerun-root.target"
+    ];
+  };
+  virtualisation.oci-containers.containers."filerun-web" = {
+    image = "filerun/filerun:8.1";
+    environment = {
+      "APACHE_RUN_GROUP" = "toph";
+      "APACHE_RUN_GROUP_ID" = "100";
+      "APACHE_RUN_USER" = "toph";
+      "APACHE_RUN_USER_ID" = "1000";
+      "FR_DB_HOST" = "db";
+      "FR_DB_NAME" = "filerun";
+      "FR_DB_PASS" = "m3kItsvjLTYWtYX1TQLxwAKBWDVnWsezPR3vtVS+rsHUlazY";
+      "FR_DB_PORT" = "3306";
+      "FR_DB_USER" = "admin";
+    };
+    volumes = [
+      "/pool/filerun/html:/var/www/html:rw"
+      "/pool/filerun/user-files:/user-files:rw"
+    ];
+    ports = [
+      "8181:80/tcp"
+    ];
+    dependsOn = [
+      "filerun-db"
+    ];
+    user = "root";
+    log-driver = "journald";
+    extraOptions = [
+      "--network-alias=web"
+      "--network=filerun_default"
+    ];
+  };
+  systemd.services."docker-filerun-web" = {
+    serviceConfig = {
+      Restart = lib.mkOverride 90 "always";
+      RestartMaxDelaySec = lib.mkOverride 90 "1m";
+      RestartSec = lib.mkOverride 90 "100ms";
+      RestartSteps = lib.mkOverride 90 9;
+    };
+    after = [
+      "docker-network-filerun_default.service"
+    ];
+    requires = [
+      "docker-network-filerun_default.service"
+    ];
+    partOf = [
+      "docker-compose-filerun-root.target"
+    ];
+    wantedBy = [
+      "docker-compose-filerun-root.target"
+    ];
+  };
+
+  # Networks
+  systemd.services."docker-network-filerun_default" = {
+    path = [ pkgs.docker ];
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+      ExecStop = "docker network rm -f filerun_default";
+    };
+    script = ''
+      docker network inspect filerun_default || docker network create filerun_default
+    '';
+    partOf = [ "docker-compose-filerun-root.target" ];
+    wantedBy = [ "docker-compose-filerun-root.target" ];
+  };
+
+  # Root service
+  # When started, this will automatically create all resources and start
+  # the containers. When stopped, this will teardown all resources.
+  systemd.targets."docker-compose-filerun-root" = {
+    unitConfig = {
+      Description = "Root target generated by compose2nix.";
+    };
+    wantedBy = [ "multi-user.target" ];
+  };
+}