Closed eqfae closed 1 month ago
eqfae
commented
1 month ago 我猜和 path = [ pkgs.bash pkgs.iproute2 ];这类有关 有没有方法能让我不用指定path 就像在shell环境运行 I'm guessing it has something to do with the path = [ pkgs.bash pkgs.iproute2 ]; class. Is there any way I can run it as if it were in a shell environment without having to specify a path?
aksiksi
commented
1 month ago Can you please share your Compose file? Make sure to redact/remove sensitive information.
eqfae
commented
1 month ago services:
nginxmain:
image: docker.io/nginx:stable-alpine-perl
container_name: nginxmain
ports:
- 443:443
- "443:443/udp"
networks:
- nginx_net
restart: always
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/config/nginx:/etc/config/nginx:ro
entrypoint:
["nginx", "-g", "daemon off;", "-c", "/etc/config/nginx/conf/nginx.conf"]
cap_add:
- NET_BIND_SERVICE # 用于绑定到443
labels:
- io.containers.autoupdate=registry
qbittorrent:
image: docker.io/nevinee/qbittorrent:4.6.5
container_name: qbittorrent
restart: always
tty: true
hostname: qbitorrent
networks:
- nginx_net
# extra_hosts:
# - host.docker.internal:host-gateway
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/config/Downloader/qbittorrent/config:/data/config # 配置保存目录
- /etc/config/Downloader/qbittorrent/data:/data/data # 所有的数据文件保存目录
- /etc/config/Downloader/qbittorrent/diy:/data/diy # 自定义脚本保存目录
- $HOME/Downloads/qbittorrent:/data/downloads # 下载文件存放目录
- $HOME/Downloads/conf/qb/webui:/data/webui # 自定义ui目录
- $HOME/Downloads/watch:/data/watch # 监控目录,监控这个目录下的种子文件并自动下载,默认在配置中未启用
environment:
# 下面未列出的其他环境变量请根据环境变量清单自行添加
- BT_PORT=1111
- WEBUI_PORT=11111 # WEBUI 控制端口,可自定义 - BT_PORT=1111 # BT 监听端口,可自定义
- PUID=1000 # 输入 id -u 可查询,群晖必须改 - PGID=0 # 输入 id -g 可查询,群晖必须改
- PGID=1000
- QB_USERNAME=xx
- QB_PASSWORD=xx1
- TG_USER_ID=xx1x # tg 推送
- TG_BOT_TOKEN=xx1xx1
- DL_FINISH_NOTIFY=true
- ENABLE_AUTO_CATEGORY=true
- CRON_TRACKER_ERROR=off
- CRON_HEALTH_CHECK=off
ports:
# - 11111:11111 # 冒号左右一致,必须同WEBUI_PORT一样,本文件中的3个8080要改一起改
- 1111:1111 # 冒号左右一致,必须同BT_PORT一样,本文件中的5个1111要改一起改
- 1111:1111/udp # 冒号左右一致,必须同BT_PORT一样,本文件中的5个1111要改一起改
labels:
- io.containers.autoupdate=registry
# sysctls:
# net.ipv6.conf.all.disable_ipv6: 0
networks:
nginx_net:
enable_ipv6: true
ipam:
driver: default
config:
- subnet: "2001:1111:3000::/64"
volumes:
# portainer-data:
netdatalib:
netdatacache:
但我认为主要和以下有关 使用zfs存储需要root权限 同时我还了解到rootless的网络性能不如root的 可能btrfs那些也需要 But I think it's mainly related to the fact that Using zfs storage requires root access, and I've also learned that rootless doesn't perform as well on the network as root. Maybe the btrfs ones need it too.
environment.etc."containers/storage.conf".text = pkgs.lib.mkForce ''
[storage]
driver = "zfs"
graphroot = "/var/lib/containers/storage"
runroot = "/run/containers/storage"
# ZFS config FTW -- see note below
[storage.options.zfs]
fsname = "r/containers/.images"
mountopt = "nodev"
''; This seems unrelated to compose2nix - it's either a NixOS issue or Podman issue.
Do you also hit this when running the nginxmain container with Podman directly?
eqfae
commented
1 month ago This seems unrelated to compose2nix - it's either a NixOS issue or Podman issue.
Do you also hit this when running the
nginxmaincontainer with Podman directly?
不知道 我以后尝试添加 path = [ pkgs.podman ] 后添加zfs相关试试 t know I will try adding path = [pkgs.podman] and then add zfs related things in the future
eqfae
commented
1 month ago This seems unrelated to compose2nix - it's either a NixOS issue or Podman issue.
Do you also hit this when running the
nginxmaincontainer with Podman directly?
增加zfs Add zfs
path = [ pkgs.podman pkgs.zfs ]; # Networks
systemd.services."podman-network-ziyong_nginx_net" = {
path = [ pkgs.podman pkgs.zfs ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "podman network rm -f ziyong_nginx_net";
};
script = ''
podman network inspect ziyong_nginx_net || podman network create ziyong_nginx_net --ipam-driver=default --subnet=2001:2222:3000::/64
'';
partOf = [ "podman-compose-ziyong-root.target" ];
wantedBy = [ "podman-compose-ziyong-root.target" ];
};Error: unsupported ipam driver "default"
修改为 bridge Change to bridge
│restarting sysinit-reactivation.target │
│warning: the following units failed: podman-network-ziyong_nginx_net.service │
│× podman-network-ziyong_nginx_net.service │
│ Loaded: loaded (/etc/systemd/system/podman-network-ziyong_nginx_net.service; enabled; preset: enabled) │
│ Active: failed (Result: exit-code) since Thu 2024-09-26 22:33:29 CST; 314ms ago │
│ Invocation: 4c5ea22df02f45b1b8b8feef9cb24859 │
│ Process: 263429 ExecStart=/nix/store/g0jns082nqphsxa4jqir78ynd4p6jqnl-unit-script-podman-network-ziyong_│
│nginx_net-start/bin/podman-network-ziyong_nginx_net-start (code=exited, status=125) │
│ Main PID: 263429 (code=exited, status=125) │
│ IP: 0B in, 0B out │
│ Mem peak: 10.6M │
│ CPU: 188ms │
│ │
│9月 26 22:33:29 112 systemd[1]: Starting podman-network-ziyong_nginx_net.service... │
│9月 26 22:33:29 112 podman-network-ziyong_nginx_net-start[263430]: [] │
│9月 26 22:33:29 112 podman-network-ziyong_nginx_net-start[263430]: Error: network ziyong_nginx_net: unable t│
│o find network with name or ID ziyong_nginx_net: network not found │
│9月 26 22:33:29 112 podman-network-ziyong_nginx_net-start[263477]: Error: unsupported ipam driver "bridge" │
│9月 26 22:33:29 112 systemd[1]: podman-network-ziyong_nginx_net.service: Main process exited, code=exited, s│
│tatus=125/n/a │
│9月 26 22:33:29 112 systemd[1]: podman-network-ziyong_nginx_net.service: Failed with result 'exit-code'. │
│9月 26 22:33:29 112 systemd[1]: Failed to start podman-network-ziyong_nginx_net.service. │
│warning: error(s) occurred while switching to the new configuration Error: unsupported ipam driver "bridge"
eqfae
commented
1 month ago File "/nix/store/3hqqzn66d1pp7gchc0p45ib8jd6kd9cp-podman-compose-1.2.0/lib/python3.12/site-packages/podman│
│_compose.py", line 1362, in output │
│ raise subprocess.CalledProcessError(p.returncode, " ".join(cmd_ls), stderr_data) │
│subprocess.CalledProcessError: Command 'podman network create --label io.podman.compose.project=nginx --labe│
│l com.docker.compose.project=nginx --ipam-driver bridge --ipv6 --subnet 2001:2222:3000::/64 nginx_nginx_net'│
│ returned non-zero exit status 125. 切换到bridge podman-compose 也报错 切换回default 无报错启动 Switching to bridge podman-compose also reports an error, switching back to default and starting without error
podman network ls
│NETWORK ID NAME DRIVER │
│06c462f5ad21 nginx_nginx_net bridge │
│000000000000 podman bridge podman network inspect nginx_nginx_net
│ { │
│ "name": "nginx_nginx_net", │
│ "id": "06c462f5ad21237e7b169d39b99b24b2f883d4b35120d9b43284fd260b9f78b7", │
│ "driver": "bridge", │
│ "network_interface": "podman1", │
│ "created": "2024-09-26T23:01:44.984511555+08:00", │
│ "subnets": [ │
│ { │
│ "subnet": "2001:2222:3000::/64", │
│ "gateway": "2001:2222:3000::1" │
│ }, │
│ { │
│ "subnet": "10.89.0.0/24", │
│ "gateway": "10.89.0.1" │
│ } │
│ ], │
│ "ipv6_enabled": true, │
│ "internal": false, │
│ "dns_enabled": true, │
│ "labels": { │
│ "com.docker.compose.project": "nginx", │
│ "io.podman.compose.project": "nginx" │
│ }, │
│ "ipam_options": { │
│ "driver": "host-local" │
│ }, │
│ "containers": {} │
│ } │
│] podman network create --ipv6 --subnet 2001:2222:3000::/64 ziyong_nginx_net
│[ │
│ { │
│ "name": "ziyong_nginx_net", │
│ "id": "92574676e61f9ce70967e561d20846cde31f5af55534d54a998ec47e582d3a6e", │
│ "driver": "bridge", │
│ "network_interface": "podman1", │
│ "created": "2024-09-26T23:15:19.428287289+08:00", │
│ "subnets": [ │
│ { │
│ "subnet": "2001:2222:3000::/64", │
│ "gateway": "2001:2222:3000::1" │
│ }, │
│ { │
│ "subnet": "10.89.0.0/24", │
│ "gateway": "10.89.0.1" │
│ } │
│ ], │
│ "ipv6_enabled": true, │
│ "internal": false, │
│ "dns_enabled": true, │
│ "ipam_options": { │
│ "driver": "host-local" │
│ }, │
│ "containers": {} │
│ } │
│] if
networks:
nginx_net:
enable_ipv6: true
ipam:
driver: bridge
config:
- subnet: "2001:2222:3000::/64"去掉 --ipam-driver 参数 或指定系统默认值--ipam-driver host-local 添加 --ipv6 Remove the--ipam-driver parameter or specify the system default value--ipam-driver host-local Add--ipv6
end
# Networks │
│ systemd.services."podman-network-ziyong_nginx_net" = { │
│ path = [ pkgs.podman pkgs.zfs ]; │
│ serviceConfig = { │
│ Type = "oneshot"; │
│ RemainAfterExit = true; │
│ ExecStop = "podman network rm -f ziyong_nginx_net"; │
│ }; │
│ script = '' │
│ podman network inspect ziyong_nginx_net || podman network create --ipv6 --subnet 2001:2222:3000::/64 >│
│ ''; │
│ partOf = [ "podman-compose-ziyong-root.target" ]; │
│ wantedBy = [ "podman-compose-ziyong-root.target" ]; │
│ }; │
│ nginx没能启动 转换后没有entrypoint相关 nginx didn't start no entrypoint related after conversion
entrypoint:
["nginx", "-g", "daemon off;", "-c", "/etc/config/nginx/conf/nginx.conf"]
cap_add:
- NET_BIND_SERVICE # 用于绑定到443
labels:
- io.containers.autoupdate=registry ports = [ │
│ "443:443/tcp" │
│ "443:443/udp" │
│ ]; │
│ labels = { │
│ "io.containers.autoupdate" = "registry"; │
│ }; │
│ log-driver = "journald"; │
│ extraOptions = [ │
│ "--cap-add=NET_BIND_SERVICE" │
│ "--network-alias=nginxmain" │
│ "--network=ziyong_nginx_net" │
│ ]; │
│ }; │
│ systemd.services."podman-nginxmain" = { │
│ serviceConfig = { │
│ Restart = lib.mkOverride 500 "always"是 default is default if
networks:
nginx_net:
enable_ipv6: true
ipam:
driver: default
config:
- subnet: "2001:2222:3000::/64"podman network inspect nginx_nginx_net
│ { │ │ "name": "nginx_nginx_net", │ │ "id": "06c462f5ad21237e7b169d39b99b24b2f883d4b35120d9b43284fd260b9f78b7", │ │ "driver": "bridge", │ │ "network_interface": "podman1", │ │ "created": "2024-09-26T23:01:44.984511555+08:00", │ │ "subnets": [ │ │ { │ │ "subnet": "2001:2222:3000::/64", │ │ "gateway": "2001:2222:3000::1" │ │ }, │ │ { │ │ "subnet": "10.89.0.0/24", │ │ "gateway": "10.89.0.1" │ │ } │ │ ], │ │ "ipv6_enabled": true, │ │ "internal": false, │ │ "dns_enabled": true, │ │ "labels": { │ │ "com.docker.compose.project": "nginx", │ │ "io.podman.compose.project": "nginx" │ │ }, │ │ "ipam_options": { │ │ "driver": "host-local" │ │ }, │ │ "containers": {} │ │ } │ │]podman network create --ipv6 --subnet 2001:2222:3000::/64 ziyong_nginx_net
│[ │ │ { │ │ "name": "ziyong_nginx_net", │ │ "id": "92574676e61f9ce70967e561d20846cde31f5af55534d54a998ec47e582d3a6e", │ │ "driver": "bridge", │ │ "network_interface": "podman1", │ │ "created": "2024-09-26T23:15:19.428287289+08:00", │ │ "subnets": [ │ │ { │ │ "subnet": "2001:2222:3000::/64", │ │ "gateway": "2001:2222:3000::1" │ │ }, │ │ { │ │ "subnet": "10.89.0.0/24", │ │ "gateway": "10.89.0.1" │ │ } │ │ ], │ │ "ipv6_enabled": true, │ │ "internal": false, │ │ "dns_enabled": true, │ │ "ipam_options": { │ │ "driver": "host-local" │ │ }, │ │ "containers": {} │ │ } │ │]if
networks: nginx_net: enable_ipv6: true ipam: driver: bridge config: - subnet: "2001:2222:3000::/64"去掉 --ipam-driver 参数 或指定系统默认值--ipam-driver host-local 添加 --ipv6 Remove the--ipam-driver parameter or specify the system default value--ipam-driver host-local Add--ipv6
end
# Networks │ │ systemd.services."podman-network-ziyong_nginx_net" = { │ │ path = [ pkgs.podman pkgs.zfs ]; │ │ serviceConfig = { │ │ Type = "oneshot"; │ │ RemainAfterExit = true; │ │ ExecStop = "podman network rm -f ziyong_nginx_net"; │ │ }; │ │ script = '' │ │ podman network inspect ziyong_nginx_net || podman network create --ipv6 --subnet 2001:2222:3000::/64 >│ │ ''; │ │ partOf = [ "podman-compose-ziyong-root.target" ]; │ │ wantedBy = [ "podman-compose-ziyong-root.target" ]; │ │ }; │ │nginx没能启动 转换后没有entrypoint相关 nginx didn't start no entrypoint related after conversion
entrypoint: ["nginx", "-g", "daemon off;", "-c", "/etc/config/nginx/conf/nginx.conf"] cap_add: - NET_BIND_SERVICE # 用于绑定到443 labels: - io.containers.autoupdate=registryports = [ │ │ "443:443/tcp" │ │ "443:443/udp" │ │ ]; │ │ labels = { │ │ "io.containers.autoupdate" = "registry"; │ │ }; │ │ log-driver = "journald"; │ │ extraOptions = [ │ │ "--cap-add=NET_BIND_SERVICE" │ │ "--network-alias=nginxmain" │ │ "--network=ziyong_nginx_net" │ │ ]; │ │ }; │ │ systemd.services."podman-nginxmain" = { │ │ serviceConfig = { │ │ Restart = lib.mkOverride 500 "always"
aksiksi
commented
1 month ago Thanks for sharing the details! OK, I see at least two things here:
enable_ipv6: not supported by compose2nixentrypoint: also not supportedI will open a PR to add these.
See list of supported Compose options here: https://github.com/aksiksi/compose2nix?tab=readme-ov-file#supported-docker-compose-features
aksiksi
commented
1 month ago @eqfae Can you please try with the latest commit?
Also, can you try removing this line or setting it to default?
networks:
nginx_net:
enable_ipv6: true
ipam:
driver: bridge # <<<<
config:
- subnet: "2001:2222:3000::/64"@eqfae Can you please try with the latest commit?
Also, can you try removing this line or setting it to
default?networks: nginx_net: enable_ipv6: true ipam: driver: bridge # <<<< config: - subnet: "2001:2222:3000::/64"你没更新到nixpkg github action里也无二进制 You haven't updated to nixpkg github action and there is no binary
aksiksi
commented
1 month ago Please try running like this:
nix run github:aksiksi/compose2nix -- -h
eqfae
commented
1 month ago };
log-driver = "journald";
extraOptions = [
"--cap-add=NET_BIND_SERVICE"
"--entrypoint=[\"nginx\", \"-g\", \"daemon off;\", \"-c\", \"/etc/config/nginx/conf/nginx.conf\"]"
"--network-alias=nginxmain"
"--network=ziyong_nginx_net"
];
};
# Networks
systemd.services."podman-network-ziyong_nginx_net" = {
path = [ pkgs.podman ]; #这里没有zfs path = [ pkgs.podman pkgs.zfs ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "podman network rm -f ziyong_nginx_net";
};
script = ''
podman network inspect ziyong_nginx_net || podman network create ziyong_nginx_net --subnet=2001:2222:3000::/64 --ipv6
'';
partOf = [ "podman-compose-ziyong-root.target" ];
wantedBy = [ "podman-compose-ziyong-root.target" ];
};podman info
│store: │
│ configFile: /etc/containers/storage.conf │
│ containerStore: │
│ number: 2 │
│ paused: 0 │
│ running: 0 │
│ stopped: 2 │
│ graphDriverName: zfs │
│ graphOptions: │
│ zfs.fsname: r/containers/.images │
│ zfs.mountopt: nodev 没有zfs path = [ pkgs.podman pkgs.zfs ] podman-compose能用 是因为他在shell中运行 而systemd需要 指定相关path才能用
No zfs path = [ pkgs.podman pkgs.zfs ] podman-compose works because it runs in the shell and systemd needs to specify the relevant path to use it
nginx运行了 也有ipv6
nginx is up and running, and there's ipv6.
aksiksi
commented
1 month ago Unfortunately, compose2nix cannot know that a network requires ZFS to be in $PATH.
To add ZFS to the path, you can override the generated unit from your NixOS config:
systemd.services."podman-network-ziyong_nginx_net".path = [ pkgs.zfs ];好吧 okay
root用户手动运行没问题 Root users have no problem running it manually podman-compose -f ../nginx/docker-compose.yml up -d --pull-always --force-recreate