changed vpn docker to a systemd service dockerized

2024-11-05 23:05:27 +01:00 · 2024-11-05 23:05:27 +01:00 · af0ac3bfbf
commit af0ac3bfbf
parent b7c6825268
2 changed files with 32 additions and 17 deletions
--- a/config/nixos/docker/vpn.nix
+++ b/config/nixos/docker/vpn.nix
@ -1,22 +1,19 @@
 { config, pkgs, ... }:
 {
-  services.docker-compose = {
+  environment.etc."docker/vpn/docker-compose.yml".source = ./vpn.yml;
-    enable = true;
+
-    containers = {
+  systemd.services.wireguard = {
-      wireguard = {
+    description = "Wireguard Docker Compose Service";
-        image = "lscr.io/linuxserver/wireguard:latest";
+    after = [ "network-online.target" ];
-        containerName = "wireguard";
+    wants = [ "network-online.target" ];
-        capAdd = [ "NET_ADMIN" ];
+    serviceConfig = {
-        environment = {
+      ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/vpn/docker-compose.yml up";
-          PEERS = "fold6,pc,laptop";
+      ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/vpn/docker-compose.yml down";
-        };
+      WorkingDirectory = "/etc/docker/vpn";
-        volumes = [ "./wireguard:/config" ];
+      Restart = "always";
-        ports = [ "51820:51820/udp" ];
+      RestartSec = 10;
        sysctls = {
          "net.ipv4.conf.all.src_valid_mark" = 1;
        };
        restartPolicy = "unless-stopped";
      };
    };
    wantedBy = [ "multi-user.target" ];
  };
 }
--- a/config/nixos/docker/vpn.yml
+++ b/config/nixos/docker/vpn.yml
@ -0,0 +1,18 @@
 version: '3.8'
 services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
    environment:
      - PEERS=fold6,pc,laptop
    volumes:
      - ./wireguard:/config
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped