add cyberchef and correct things in nixos containers

2025-08-30 20:27:24 +02:00 · 2025-08-30 20:27:24 +02:00 · 9037f01470
commit 9037f01470
parent 325a193a38
8 changed files with 100 additions and 8 deletions
--- a/hosts/desktop1/configuration.nix
+++ b/hosts/desktop1/configuration.nix
@ -20,6 +20,21 @@
    hyprland.enable = true;
    kde.enable = true;
    docker.enable = true;
    containers = { 
      nixos = {
      };
      docker = {
        cyberchef = {
          enable = true;
          port = 6900;
        };
      };
      networking = {
        bridge = "br0";
        dns = [ "192.168.1.202" ];
        gateway = "192.168.1.254";
      };
    };
  };
  home-manager = {
--- a/hosts/server1/configuration.nix
+++ b/hosts/server1/configuration.nix
@ -15,7 +15,13 @@
  smayzy = {
    server.enable = true;
-    containers.nixos= {
+    containers = {
      networking = {
        bridge = "br0";
        dns = [ "192.168.1.202" ];
        gateway = "192.168.1.254";
      };
      nixos = {
        httpd = {
          enable = true;
          bridge = "br0";
@ -27,6 +33,13 @@
          ip = "192.168.1.202/24";
        };
      };
      docker = {
        cyberchef = {
          enable = true;
          port = 6900;
        };
      };
    };
  };
  home-manager = {
--- a/modules/nix/containers/default.nix
+++ b/modules/nix/containers/default.nix
@ -2,6 +2,8 @@
 {
  imports = [
    ./nixos
    ./nixos.nix
    ./docker
    ./docker.nix
  ];
 }
--- a/modules/nix/containers/docker/cyberchef.nix
+++ b/modules/nix/containers/docker/cyberchef.nix
@ -0,0 +1,27 @@
 { lib, config, ... }:
 let
  inherit (lib) mkIf mkOption types;
  cfg = config.smayzy.containers.docker.cyberchef;
 in
 {
  options.smayzy.containers.docker.cyberchef = {
    enable = mkOption {
      type = types.bool;
      default = false;
      description = "cyberchef docker ct";
    };
    port = mkOption {
      type = types.int;
      default = 80;
      description = "cyberchef's port";
    };
  };
  config = mkIf cfg.enable {
    virtualisation.oci-containers.containers = {
      cyberchef = {
        image = "ghcr.io/gchq/cyberchef";
        ports = [ "${toString cfg.port}:80" ];
      };
    };
  };
 }
--- a/modules/nix/containers/docker/default.nix
+++ b/modules/nix/containers/docker/default.nix
@ -0,0 +1,6 @@
 { ... }:
 {
  imports = [
    ./cyberchef.nix
  ];
 }
--- a/modules/nix/containers/nixos.nix
+++ b/modules/nix/containers/nixos.nix
@ -0,0 +1,23 @@
 {
  lib,
  ...
 }:
 let
  inherit (lib) mkOption types;
 in
 {
  options.smayzy.containers.networking = {
    bridge = mkOption {
      type = types.str;
      description = "the bridge to use e.g. (br0)";
    };
    dns = mkOption {
      type = types.listOf types.str;
      description = "the dns servers to use e.g. [ 1.1.1.1 8.8.8.8 ]";
    };
    gateway = mkOption {
      type = types.str;
      description = "the gateway to use e.g. (10.10.10.255)";
    };
  };
 }
--- a/modules/nix/containers/nixos/httpd.nix
+++ b/modules/nix/containers/nixos/httpd.nix
@ -2,6 +2,7 @@
 let
  inherit (lib) mkIf mkOption types;
  cfg = config.smayzy.containers.nixos.httpd;
  net = config.smayzy.containers.networking;
 in
 {
  options.smayzy.containers.nixos.httpd = {
@ -32,6 +33,8 @@ in
        services.httpd = {
          enable = true;
        };
        networking.defaultGateway = net.gateway;
        networking.nameservers = net.dns;
        networking.firewall.allowedTCPPorts = [ 80 ];
      };
    };
--- a/modules/nix/containers/nixos/unbound.nix
+++ b/modules/nix/containers/nixos/unbound.nix
@ -2,6 +2,7 @@
 let
  inherit (lib) mkIf mkOption types;
  cfg = config.smayzy.containers.nixos.unbound;
  net = config.smayzy.containers.networking;
 in
 {
  options.smayzy.containers.nixos.unbound = {
@ -61,6 +62,8 @@ in
            };
          };
        };
        networking.defaultGateway = net.gateway;
        networking.nameservers = net.dns;
        networking.firewall.allowedTCPPorts = [ 53 ];
        networking.firewall.allowedUDPPorts = [ 53 ];
      };