diff --git a/flake.lock b/flake.lock index b190062..cffbc70 100644 --- a/flake.lock +++ b/flake.lock @@ -33,11 +33,11 @@ ] }, "locked": { - "lastModified": 1780048612, - "narHash": "sha256-Md/eOK5OjmvvHc2H52pLZe4zpP4XyfiS5vHqfRCz2HU=", + "lastModified": 1780290312, + "narHash": "sha256-eTAlX0CwgB84Ts3GaBd944A3DRXVMzgA0EqroZBISUo=", "owner": "nix-community", "repo": "disko", - "rev": "caa775cf67bfdc47f940edd96c975b5016df9059", + "rev": "115e5211780054d8a890b41f0b7734cafad54dfe", "type": "github" }, "original": { @@ -88,11 +88,11 @@ ] }, "locked": { - "lastModified": 1780099287, - "narHash": "sha256-efIPwVGtIWIjWcznhaop6XN6HxnOL8800hF6CBNvlqQ=", + "lastModified": 1780593650, + "narHash": "sha256-CHo7k65YTL3HY+WQVedDTupji+LMgNlKCdrtRHZFAK4=", "owner": "nix-community", "repo": "home-manager", - "rev": "7d8127d308c3fb9664f7e643eec944be74ebb37d", + "rev": "447fd9ff62501dae7206dfe180ee89f8de27b7d5", "type": "github" }, "original": { @@ -106,11 +106,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1780065812, - "narHash": "sha256-SCSLUKBmwlSLGQ8Xbr8PjRFtiHNk0l9ktqkcmqdBkfE=", + "lastModified": 1780310866, + "narHash": "sha256-fPBRVf6A5xlACYcOI59shGrjURuvwu0lRsDoSCEXt/I=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b76b5639c0593e0aeb0b5879ad62d4b30596c144", + "rev": "4ed851c979641e28597a05086332d75cdc9e395f", "type": "github" }, "original": { @@ -130,11 +130,11 @@ ] }, "locked": { - "lastModified": 1777732699, - "narHash": "sha256-2uX/XtOWZ/oy2rerRynVhqVA//ZXZ3Fo60PikLHEPQc=", + "lastModified": 1780525334, + "narHash": "sha256-IsKkAEN/9x0MRIrZduykgLJxME8L70KNknC+3iII6Yo=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "5482f113fd31ebac131d1ebeb2ae90bf0d5e41f5", + "rev": "cde346714cb46261648cac80c361dbd388f82f20", "type": "github" }, "original": { @@ -191,11 +191,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1780153237, - "narHash": "sha256-6658BeYllejVKYlvu1EXOXO1rYvtB88/uSc08LlQhnc=", + "lastModified": 1780666822, + "narHash": "sha256-QgEnDOgjCr88nMiOVsH4VnM8azQNAvEImnyqyF3J3ik=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6cf1cfe2b4b86f3d4e306dff68774a8881d444e7", + "rev": "241d80fa6a000758f6d9c1847e41fab5b4899828", "type": "github" }, "original": { @@ -223,11 +223,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1779560665, - "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=", + "lastModified": 1780243769, + "narHash": "sha256-x5UQuRsH3MqI0U9afaXSNqzTPSeZlRLvFAav2Ux1pNw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786", + "rev": "331800de5053fcebacf6813adb5db9c9dca22a0c", "type": "github" }, "original": { @@ -245,11 +245,11 @@ "noctalia-qs": "noctalia-qs" }, "locked": { - "lastModified": 1779763713, - "narHash": "sha256-as2Vo4PitnWfXezfkQB2H3Rsr/DXJPp4Oe+dE+dZ0Xo=", + "lastModified": 1780371321, + "narHash": "sha256-WCaU6npdMdjZSZHe3XATNDFijmzRnsV8V+iR80e5deg=", "owner": "noctalia-dev", "repo": "noctalia-shell", - "rev": "272cd91408b5ff6e329e6397eed042fe422069e7", + "rev": "3aab45a2f34fd47666b05892b95054952e788de1", "type": "github" }, "original": { @@ -268,11 +268,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1779588472, - "narHash": "sha256-CVonDVo41DqdqS/kNeXFatwEuTltyXcppm9zkVOnrsM=", + "lastModified": 1780194487, + "narHash": "sha256-M+YtjKCTkHrkplNaKVyaxfa8hAWjRF6wFOUBAZvxQ4U=", "owner": "noctalia-dev", "repo": "noctalia-qs", - "rev": "70fea8a39a908e395de63024a4dfdb829bff1ffe", + "rev": "07398e12b54f194e3a2d47c87e3fd10b8eeaa27d", "type": "github" }, "original": { @@ -333,11 +333,11 @@ ] }, "locked": { - "lastModified": 1777944972, - "narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=", + "lastModified": 1780547341, + "narHash": "sha256-Gq8KNx5A7hBB3uGJaj6eQfLDIz5YdLu92gqBcvHvoUo=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c591bf665727040c6cc5cb409079acb22dcce33c", + "rev": "9ed65852b6257fbeae4355bc24ecfea307ca759a", "type": "github" }, "original": { diff --git a/modules/containers/remnawave-examples/docker-compose-local.nix b/modules/containers/remnawave-examples/docker-compose-local.nix index caf26b3..7e50742 100644 --- a/modules/containers/remnawave-examples/docker-compose-local.nix +++ b/modules/containers/remnawave-examples/docker-compose-local.nix @@ -1,6 +1,11 @@ # Auto-generated by compose2nix. -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: { # Runtime @@ -11,11 +16,13 @@ }; # Enable container name DNS for all Podman networks. - networking.firewall.interfaces = let - matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; - in { - "${matchAll}".allowedUDPPorts = [ 53 ]; - }; + networking.firewall.interfaces = + let + matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; + in + { + "${matchAll}".allowedUDPPorts = [ 53 ]; + }; virtualisation.oci-containers.backend = "podman"; @@ -32,8 +39,10 @@ "FRONT_END_DOMAIN" = "*"; "IS_DOCS_ENABLED" = "false"; "IS_TELEGRAM_NOTIFICATIONS_ENABLED" = "false"; - "JWT_API_TOKENS_SECRET" = "787aa44c10130a9fa17ea3ea50c1248dd3e868f74941b96c09d608051399f88b95b67cd68d045aa39658b4b3fe933bf2b2c1437522498976f39f85ae1eab40da"; - "JWT_AUTH_SECRET" = "2bc14bacb6b82ce9e3ef69f8dd7bfb6b8a531f4f516902735d1d8f1bac8ff9b5077398f95b942b1adafc0ca1da4cdfd24a18539fa6eb26bee3f597a45deac94a"; + "JWT_API_TOKENS_SECRET" = + "787aa44c10130a9fa17ea3ea50c1248dd3e868f74941b96c09d608051399f88b95b67cd68d045aa39658b4b3fe933bf2b2c1437522498976f39f85ae1eab40da"; + "JWT_AUTH_SECRET" = + "2bc14bacb6b82ce9e3ef69f8dd7bfb6b8a531f4f516902735d1d8f1bac8ff9b5077398f95b942b1adafc0ca1da4cdfd24a18539fa6eb26bee3f597a45deac94a"; "METRICS_PASS" = "admin"; "METRICS_PORT" = "3001"; "METRICS_USER" = "admin"; @@ -80,7 +89,10 @@ # Builds systemd.services."podman-build-remnawave-panel-1" = { - path = [ pkgs.podman pkgs.git ]; + path = [ + pkgs.podman + pkgs.git + ]; serviceConfig = { Type = "oneshot"; TimeoutSec = 300; diff --git a/modules/containers/remnawave-examples/docker-compose-prod.nix b/modules/containers/remnawave-examples/docker-compose-prod.nix index 58d94fd..80ca9e5 100644 --- a/modules/containers/remnawave-examples/docker-compose-prod.nix +++ b/modules/containers/remnawave-examples/docker-compose-prod.nix @@ -1,6 +1,11 @@ # Auto-generated by compose2nix. -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: { # Runtime @@ -11,11 +16,13 @@ }; # Enable container name DNS for all Podman networks. - networking.firewall.interfaces = let - matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; - in { - "${matchAll}".allowedUDPPorts = [ 53 ]; - }; + networking.firewall.interfaces = + let + matchAll = if !config.networking.nftables.enable then "podman+" else "podman*"; + in + { + "${matchAll}".allowedUDPPorts = [ 53 ]; + }; virtualisation.oci-containers.backend = "podman"; @@ -32,8 +39,10 @@ "FRONT_END_DOMAIN" = "*"; "IS_DOCS_ENABLED" = "false"; "IS_TELEGRAM_NOTIFICATIONS_ENABLED" = "false"; - "JWT_API_TOKENS_SECRET" = "787aa44c10130a9fa17ea3ea50c1248dd3e868f74941b96c09d608051399f88b95b67cd68d045aa39658b4b3fe933bf2b2c1437522498976f39f85ae1eab40da"; - "JWT_AUTH_SECRET" = "2bc14bacb6b82ce9e3ef69f8dd7bfb6b8a531f4f516902735d1d8f1bac8ff9b5077398f95b942b1adafc0ca1da4cdfd24a18539fa6eb26bee3f597a45deac94a"; + "JWT_API_TOKENS_SECRET" = + "787aa44c10130a9fa17ea3ea50c1248dd3e868f74941b96c09d608051399f88b95b67cd68d045aa39658b4b3fe933bf2b2c1437522498976f39f85ae1eab40da"; + "JWT_AUTH_SECRET" = + "2bc14bacb6b82ce9e3ef69f8dd7bfb6b8a531f4f516902735d1d8f1bac8ff9b5077398f95b942b1adafc0ca1da4cdfd24a18539fa6eb26bee3f597a45deac94a"; "METRICS_PASS" = "admin"; "METRICS_PORT" = "3001"; "METRICS_USER" = "admin"; @@ -111,8 +120,10 @@ "FRONT_END_DOMAIN" = "*"; "IS_DOCS_ENABLED" = "false"; "IS_TELEGRAM_NOTIFICATIONS_ENABLED" = "false"; - "JWT_API_TOKENS_SECRET" = "787aa44c10130a9fa17ea3ea50c1248dd3e868f74941b96c09d608051399f88b95b67cd68d045aa39658b4b3fe933bf2b2c1437522498976f39f85ae1eab40da"; - "JWT_AUTH_SECRET" = "2bc14bacb6b82ce9e3ef69f8dd7bfb6b8a531f4f516902735d1d8f1bac8ff9b5077398f95b942b1adafc0ca1da4cdfd24a18539fa6eb26bee3f597a45deac94a"; + "JWT_API_TOKENS_SECRET" = + "787aa44c10130a9fa17ea3ea50c1248dd3e868f74941b96c09d608051399f88b95b67cd68d045aa39658b4b3fe933bf2b2c1437522498976f39f85ae1eab40da"; + "JWT_AUTH_SECRET" = + "2bc14bacb6b82ce9e3ef69f8dd7bfb6b8a531f4f516902735d1d8f1bac8ff9b5077398f95b942b1adafc0ca1da4cdfd24a18539fa6eb26bee3f597a45deac94a"; "METRICS_PASS" = "admin"; "METRICS_PORT" = "3001"; "METRICS_USER" = "admin"; @@ -178,7 +189,23 @@ volumes = [ "valkey-socket:/var/run/valkey:rw" ]; - cmd = [ "valkey-server" "--save" "" "--appendonly" "no" "--maxmemory-policy" "noeviction" "--loglevel" "warning" "--unixsocket" "/var/run/valkey/valkey.sock" "--unixsocketperm" "777" "--port" "0" ]; + cmd = [ + "valkey-server" + "--save" + "" + "--appendonly" + "no" + "--maxmemory-policy" + "noeviction" + "--loglevel" + "warning" + "--unixsocket" + "/var/run/valkey/valkey.sock" + "--unixsocketperm" + "777" + "--port" + "0" + ]; log-driver = "journald"; extraOptions = [ "--health-cmd=[\"valkey-cli\", \"-s\", \"/var/run/valkey/valkey.sock\", \"ping\"]"