add arion

This commit is contained in:
Philip Peterson 2026-06-04 19:20:57 -07:00
parent c55f02a9e4
commit e3f91306f7
3 changed files with 43 additions and 0 deletions

View file

@ -0,0 +1,29 @@
{ pkgs, ... }:
{
project.name = "pluto";
networks.pluto.external = false;
services = {
app = {
service = {
image = "julia:1.11";
container_name = "pluto";
restart = "unless-stopped";
networks = [ "pluto" ];
command = [
"sh" "-c"
"julia -e 'using Pkg; Pkg.add(\"Pluto\"); import Pluto; Pluto.run(host=\"0.0.0.0\", port=1234, launch_browser=false)'"
];
volumes = [
"/var/pluto/notebooks:/notebooks"
"/var/pluto/julia-depot:/root/.julia"
];
environment = {
JULIA_NUM_THREADS = "auto";
};
ports = [ "127.0.0.1:1234:1234" ];
};
};
};
}

View file

@ -0,0 +1,3 @@
import <nixpkgs> {
system = "x86_64-linux";
}

View file

@ -163,6 +163,7 @@ in {
backend = "podman-socket";
projects.forgejo.settings = import ./arion/arion-compose.nix;
projects.riverside.settings = import ./arion-riverside/arion-compose.nix;
projects.pluto.settings = import ./arion-pluto/arion-compose.nix;
};
# The arion NixOS module sets backend = "podman-socket" but doesn't inject
@ -170,6 +171,7 @@ in {
# (no daemon). Point it at the podman-compatible socket instead.
systemd.services.arion-forgejo.environment.DOCKER_HOST = "unix:///run/podman/podman.sock";
systemd.services.arion-riverside.environment.DOCKER_HOST = "unix:///run/podman/podman.sock";
systemd.services.arion-pluto.environment.DOCKER_HOST = "unix:///run/podman/podman.sock";
# Build the VNC desktop image locally from the Dockerfile — no registry push/pull needed.
# vncContext is a Nix store path that changes whenever any file under vnc-desktop/ changes,
@ -237,6 +239,8 @@ in {
systemd.tmpfiles.rules = [
"d /home/ironmagma/.config 0755 ${username} users"
"d /root/.config 0755 ${username} users"
"d /var/pluto/notebooks 0755 root root"
"d /var/pluto/julia-depot 0755 root root"
"d /var/riverside/files 0755 root root"
"d /var/riverside/postgres 0755 root root"
"d /var/lib/gitea-runner/ubuntu 0755 gitea-runner gitea-runner"
@ -420,6 +424,12 @@ in {
environmentFile = config.age.secrets."nearlyfreespeech".path;
webroot = null;
};
certs."pluto.philippeterson.com" = {
dnsProvider = "nearlyfreespeech";
environmentFile = config.age.secrets."nearlyfreespeech".path;
webroot = null;
};
};
# Break the systemd ordering cycle that deadlocks nixos-rebuild switch.
@ -442,5 +452,6 @@ in {
"acme-selfsigned-riverside.coldairnetworks.com.service"
"acme-selfsigned-vnc.quinefoundation.com.service"
"acme-selfsigned-webdav.philippeterson.com.service"
"acme-selfsigned-pluto.philippeterson.com.service"
];
}