Working docker VM

services/docker/default.nix

@@ -14,18 +14,20 @@ in {
     };
   };
   config = lib.mkIf cfg.enable {
-    age.secrets.docker-lapi-key = {
+    age.secrets = {
+      docker-lapi-key = {
         file = ../../secrets/docker-lapi-key.age;
         owner = "crowdsec";
       };
-    age.secrets.docker-gluetun-env = {
+      docker-gluetun-env = {
         file = ./secrets/docker-gluetun-env.age;
         owner = "tbarnouin";
       };
-    age.secrets.docker-qbittorrent-env = {
+      docker-qbittorrent-env = {
         file = ./secrets/docker-qbittorrent-env.age;
         owner = "tbarnouin";
       };
+    };
     users.users.tbarnouin.extraGroups = ["docker"];
     fileSystems = {
       "/mnt/docker-data" = {
@@ -41,6 +43,20 @@ in {
         ];
       };
     };
+    services.crowdsec = {
+      settings.lapi.credentialsFile = "${config.age.secrets.docker-lapi-key.path}";
+      localConfig = {
+        acquisitions = [
+          {
+            source = "journalctl";
+            journalctl_filter = ["_SYSTEMD_UNIT=docker.service"];
+            labels = {
+              type = "syslog";
+            };
+          }
+        ];
+      };
+    };
     virtualisation = {
       docker = {
         enable = true;
@@ -51,10 +67,9 @@ in {
           data-root = "/mnt/docker-data";
         };
       };
-      oci-containers.backend = "docker";
+      oci-containers = {
-    };
+        backend = "docker";
-  
+        containers = {
-    virtualisation.oci-containers.containers = {
           "gluetun" = {
             autoStart = true;
             image = "ghcr.io/qdm12/gluetun:latest";
@@ -126,10 +141,6 @@ in {
               "6767:6767/tcp"
             ];
             log-driver = "journald";
-        extraOptions = [
-          "--network-alias=bazarr"
-          "--network=arr-box_default"
-        ];
           };
           "jellyseerr" = {
             image = "fallenbagel/jellyseerr:latest";
@@ -144,10 +155,6 @@ in {
               "5055:5055/tcp"
             ];
             log-driver = "journald";
-        extraOptions = [
-          "--network-alias=jellyseerr"
-          "--network=arr-box_default"
-        ];
           };
           "prowlarr" = {
             image = "lscr.io/linuxserver/prowlarr:latest";
@@ -164,10 +171,6 @@ in {
               "9696:9696/tcp"
             ];
             log-driver = "journald";
-        extraOptions = [
-          "--network-alias=prowlarr"
-          "--network=arr-box_default"
-        ];
           };
           "radarr" = {
             image = "lscr.io/linuxserver/radarr:latest";
@@ -184,10 +187,6 @@ in {
               "7878:7878/tcp"
             ];
             log-driver = "journald";
-        extraOptions = [
-          "--network-alias=radarr"
-          "--network=arr-box_default"
-        ];
           };
           "sonarr" = {
             image = "lscr.io/linuxserver/sonarr:latest";
@@ -204,26 +203,8 @@ in {
               "8989:8989/tcp"
             ];
             log-driver = "journald";
-        extraOptions = [
-          "--network-alias=sonarr"
-          "--network=arr-box_default"
-        ];
           };
         };
-    services = {
-      crowdsec = {
-        settings.lapi.credentialsFile = "${config.age.secrets.docker-lapi-key.path}";
-        localConfig = {
-          acquisitions = [
-            {
-              source = "journalctl";
-              journalctl_filter = ["_SYSTEMD_UNIT=docker.service"];
-              labels = {
-                type = "syslog";
-              };
-            }
-          ];
-        };
       };
     };
   };