changed vpn docker to a systemd service dockerized

2024-11-05 23:05:27 +01:00 · 2024-11-05 23:05:27 +01:00 · af0ac3bfbf
commit af0ac3bfbf
parent b7c6825268
2 changed files with 32 additions and 17 deletions
--- a/config/nixos/docker/vpn.nix
+++ b/config/nixos/docker/vpn.nix
@ -1,22 +1,19 @@
 { config, pkgs, ... }:
+
 {
-  services.docker-compose = {
-    enable = true;
-    containers = {
-      wireguard = {
-        image = "lscr.io/linuxserver/wireguard:latest";
-        containerName = "wireguard";
-        capAdd = [ "NET_ADMIN" ];
-        environment = {
-          PEERS = "fold6,pc,laptop";
-        };
-        volumes = [ "./wireguard:/config" ];
-        ports = [ "51820:51820/udp" ];
-        sysctls = {
-          "net.ipv4.conf.all.src_valid_mark" = 1;
-        };
-        restartPolicy = "unless-stopped";
-      };
+  environment.etc."docker/vpn/docker-compose.yml".source = ./vpn.yml;
+
+  systemd.services.wireguard = {
+    description = "Wireguard Docker Compose Service";
+    after = [ "network-online.target" ];
+    wants = [ "network-online.target" ];
+    serviceConfig = {
+      ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/vpn/docker-compose.yml up";
+      ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/vpn/docker-compose.yml down";
+      WorkingDirectory = "/etc/docker/vpn";
+      Restart = "always";
+      RestartSec = 10;
    };
+    wantedBy = [ "multi-user.target" ];
  };
 }
--- a/config/nixos/docker/vpn.yml
+++ b/config/nixos/docker/vpn.yml
@ -0,0 +1,18 @@
+version: '3.8'
+
+services:
+  wireguard:
+    image: lscr.io/linuxserver/wireguard:latest
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PEERS=fold6,pc,laptop
+    volumes:
+      - ./wireguard:/config
+    ports:
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    restart: unless-stopped
+