From 488a63db26da6fe2015fd8ad861c7c585db03aa9 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Sun, 8 Sep 2024 11:29:17 +0700 Subject: [PATCH] :construction: taskwarrior-webui as podman container but not working as expected --- machines/chungus/configuration.nix | 2 +- machines/orbi/configuration.nix | 3 +- ...askserver.nix => service-taskchampion.nix} | 0 machines/orbi/service-taskwarrior.nix | 74 +++++++++++++++++++ 4 files changed, 77 insertions(+), 2 deletions(-) rename machines/orbi/{service-taskserver.nix => service-taskchampion.nix} (100%) create mode 100644 machines/orbi/service-taskwarrior.nix diff --git a/machines/chungus/configuration.nix b/machines/chungus/configuration.nix index 55c151c..a146eb4 100644 --- a/machines/chungus/configuration.nix +++ b/machines/chungus/configuration.nix @@ -48,7 +48,7 @@ ./service-forgejo.nix ./service-paperless.nix ./service-s3.nix - ./service-taskwarrior.nix + #./service-taskwarrior.nix ./service-vault.nix ./zerotier-controller.nix diff --git a/machines/orbi/configuration.nix b/machines/orbi/configuration.nix index 60d4c50..65d1863 100644 --- a/machines/orbi/configuration.nix +++ b/machines/orbi/configuration.nix @@ -20,7 +20,8 @@ ./service-nix-cache.nix ./service-photoprism.nix # ./service-surrealdb.nix # not really needed at the moment - ./service-taskserver.nix + ./service-taskchampion.nix + #./service-taskwarrior.nix ./service-vaultwarden.nix # ./service-vikunja.nix ./service-wastebin.nix diff --git a/machines/orbi/service-taskserver.nix b/machines/orbi/service-taskchampion.nix similarity index 100% rename from machines/orbi/service-taskserver.nix rename to machines/orbi/service-taskchampion.nix diff --git a/machines/orbi/service-taskwarrior.nix b/machines/orbi/service-taskwarrior.nix new file mode 100644 index 0000000..cf568d6 --- /dev/null +++ b/machines/orbi/service-taskwarrior.nix @@ -0,0 +1,74 @@ +{ + config, + lib, + pkgs, + ... +}: +let + uiPort = 8080; +in +{ + + users.users.taskwarrior-webui = { + isSystemUser = true; + group = "taskwarrior-webui"; + uid = config.ids.uids.taskd; + }; + users.groups.taskwarrior-webui = { + gid = config.ids.gids.taskd; + }; + + # fixme: process is running as root + # fixme: task sync not working + + virtualisation.oci-containers = { + containers.taskwarrior-webui = { + volumes = [ + "/srv/taskwarrior/taskrc:/.taskrc" + "/srv/taskwarrior/task:/.task" + ]; + ports = [ + # only allow access via wireguard + "10.100.0.1:${toString uiPort}:80" + ]; + #user = "${toString config.users.users.taskwarrior-webui.uid}:${toString config.users.groups.taskwarrior-webui.gid}"; + environment = { + TZ = "Europe/Berlin"; + }; + image = "dcsunset/taskwarrior-webui:3"; + extraOptions = [ + # https://www.artificialworlds.net/blog/2023/08/18/accessing-services-on-the-host-from-a-docker-container-or-a-podman-one/ + # host.containers.internal <- will reference host ports + "--network=slirp4netns:allow_host_loopback=true" + ]; + + }; + }; + + networking.firewall.interfaces.wg0.allowedTCPPorts = [ uiPort ]; + networking.firewall.interfaces.wg0.allowedUDPPorts = [ uiPort ]; + + # host nginx setup + # ---------------- + + # curl -H "Host: taskwarrior.ingolf-wagner.de" https://orbi.private/ < will work + # curl -H "Host: taskwarrior.ingolf-wagner.de" https://10.100.0.1/ < will work + # curl -H "Host: taskwarrior.ingolf-wagner.de" https://144.76.13.147/ < wont work + #services.nginx = { + # enable = true; + # recommendedProxySettings = true; + # virtualHosts = { + # "transmission2.${config.networking.hostName}.private" = { + # extraConfig = '' + # allow ${config.tinc.private.subnet}; + # allow ${config.wireguard.wg0.subnet}; + # deny all; + # ''; + # locations."/" = { + # proxyPass = "http://127.0.0.1:${toString uiPort}"; + # }; + # }; + # }; + #}; + +}