Used agenix to manage secrets, 4 services up, ssh

2025-08-08 17:00:47 -04:00
parent ac6c3688ef
commit 911f3589a2
20 changed files with 369 additions and 56 deletions
--- a/modules/nixos/services/systemd/versioncontrol.nix
+++ b/modules/nixos/services/systemd/versioncontrol.nix
@@ -0,0 +1,38 @@
+{ config, pkgs, self, ... }:
+
+let
+  versioncontrol_compose_dir = pkgs.stdenv.mkDerivation {
+    name = "versioncontrol_compose_dir";
+    src = self + "/assets/compose/versioncontrol";
+    dontUnpack = true;
+    installPhase = ''
+      mkdir -p $out
+      cp -r $src/* $out/
+    '';
+  };
+in
+{
+  networking.firewall.allowedTCPPorts = [ 2222 ];
+
+  systemd.services.versioncontrol_stack = {
+    description = "Gitea via Docker Compose";
+    after = [ "network-online.target" "docker.service" ];
+    wants = [ "network-online.target" "docker.service" ];
+    serviceConfig = {
+      WorkingDirectory = "${versioncontrol_compose_dir}";
+
+      # Stop left over container by the same name
+      ExecStartPre = "${pkgs.bash}/bin/bash -c '${pkgs.docker-compose}/bin/docker-compose down || true'";
+
+      # Démarrer les conteneurs avec Docker Compose
+      ExecStart = "${pkgs.docker-compose}/bin/docker-compose up -d";
+
+      # Arrêter et supprimer les conteneurs à l’arrêt
+      ExecStop = "${pkgs.docker-compose}/bin/docker-compose down";
+
+      RemainAfterExit = true;
+      TimeoutStartSec = 0;
+    };
+    wantedBy = [ "multi-user.target" ];
+  };
+}