dump

nixos/hosts/sandbox/warpgate.nix

@@ -0,0 +1,35 @@
+{
+  virtualisation = {
+    containers.enable = true;
+    oci-containers.backend = "podman";
+
+    podman = {
+      enable = true;
+
+      # Create a `docker` alias for podman, to use it as a drop-in replacement
+      dockerCompat = true;
+
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+  virtualisation.oci-containers.containers = {
+    warpgate = {
+      image = "ghcr.io/warp-tech/warpgate";
+      ports = [
+        "2222:2222"
+        "8888:8888"
+      ];
+      volumes = [
+        "/srv/warpgate/data:/data"
+      ];
+    };
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /srv/warpgate 0755 root root -"
+    "d /srv/warpgate/data 0755 root root -"
+  ];
+
+  networking.firewall.allowedTCPPorts = [8888];
+}