From bf76a1dbc3a9c33272435a04bd213303f9a68adc Mon Sep 17 00:00:00 2001
From: Gene Liverman <gene@technicalissues.us>
Date: Thu, 11 Apr 2024 17:28:55 -0400
Subject: [PATCH] Get Tandoor and Wallabag working in Docker Compose

Podman compose kept crashing, switching back to Docker without any other changes fixed things... :(
---
 .../nixos/nixnuc/containers/nginx-proxy.nix   |  4 ++--
 modules/hosts/nixos/nixnuc/default.nix        | 22 ++++++++++++++-----
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix b/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
index 859216c..227352a 100644
--- a/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
+++ b/modules/hosts/nixos/nixnuc/containers/nginx-proxy.nix
@@ -136,14 +136,14 @@ in {
             enableACME = true;
             acmeRoot = null;
             forceSSL = true;
-            locations."/".proxyPass = "http://${mini_watcher}:8090";
+            locations."/".proxyPass = "http://${backend_ip}:8090";
           };
           "tandoor.${home_domain}" = {
             listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
             enableACME = true;
             acmeRoot = null;
             forceSSL = true;
-            locations."/".proxyPass = "http://${mini_watcher}:8080";
+            locations."/".proxyPass = "http://${backend_ip}:8080";
           };
         };
       };
diff --git a/modules/hosts/nixos/nixnuc/default.nix b/modules/hosts/nixos/nixnuc/default.nix
index 0a5ebec..2381e5d 100644
--- a/modules/hosts/nixos/nixnuc/default.nix
+++ b/modules/hosts/nixos/nixnuc/default.nix
@@ -23,6 +23,7 @@
 
   environment.systemPackages = with pkgs; [
     compose2nix.packages.${pkgs.system}.default
+    docker-compose
     intel-gpu-tools
     jellyfin
     jellyfin-ffmpeg
@@ -47,7 +48,13 @@
 
   networking = {
     # Open ports in the firewall.
-    firewall.allowedTCPPorts = [ 22 80 13378 ];
+    firewall.allowedTCPPorts = [
+      22 # ssh
+      80 # http to local Nginx
+      8080 # Tandoor in podman compose
+      8090 # Wallabag in podman compose
+      13378 # Audiobookshelf in oci-container
+    ];
     # firewall.allowedUDPPorts = [ ... ];
     # Or disable the firewall altogether.
     # firewall.enable = false;
@@ -139,7 +146,8 @@
     restic.backups.daily.paths = [
       "/orico/jellyfin/data"
       "/orico/jellyfin/staging/downloaded-files"
-      #"${config.users.users.${username}.home}/compose-files/tandoor"
+      "${config.users.users.${username}.home}/compose-files/tandoor"
+      "${config.users.users.${username}.home}/compose-files/wallabag"
     ];
     tailscale = {
       enable = true;
@@ -176,7 +184,7 @@
   users.users.${username} = {
     isNormalUser = true;
     description = "Gene Liverman";
-    extraGroups = [ "podman" "networkmanager" "wheel" ];
+    extraGroups = [ "docker" "podman" "networkmanager" "wheel" ];
   };
 
   # Enable common container config files in /etc/containers
@@ -184,12 +192,16 @@
 
   virtualisation.oci-containers.backend = "podman";
 
+  # Compose based apps were crashing with podman compose, so back to Docker...
+  virtualisation.docker.enable = true;
+
   virtualisation.podman = {
     enable = true;
-    dockerCompat = true;
+    autoPrune.enable = true;
+    #dockerCompat = true;
     extraPackages = [ pkgs.zfs ]; # Required if the host is running ZFS
 
-    # Required for containers under podman-compose to be able to talk to each other.
+    # Required for container networking to be able to use names.
     defaultNetwork.settings.dns_enabled = true;
   };
 }