container/Cloud.nix

@@ -0,0 +1,27 @@
+{ storage
+, mkContainer
+, mkContainerConfig
+, mkContainerDir
+, ... } @args: let
+	address = "10.1.0.13";
+	path    = "${storage}/cloud";
+in {
+	systemd.tmpfiles.rules = map (dir: mkContainerDir "${path}/${dir}") [
+		"data"
+	];
+
+	containers.postgres = mkContainer address {
+		bindMounts = {
+			"/var/www/html" = {
+				hostPath   = "${path}/data";
+				isReadOnly = false;
+			};
+		};
+
+		config = { ... }: mkContainerConfig {
+			services.nextcloud = {
+				enable = true;
+			};
+		};
+	};
+}

container/Paste.nix

@@ -1,6 +1,5 @@
 { pkgs
 , storage
-, const
 , domain
 , util
 , mkContainer
@@ -39,23 +38,8 @@ in {
 			};
 		};
 
-		config = { config, lib, ... }: mkContainerConfig {
-			system.stateVersion = const.stateVersion;
-
-			users.users.root.password = "";
-			users.mutableUsers = false;
-
-			networking = {
-				useHostResolvConf = lib.mkForce false;
-				firewall.enable = false;
-			};
-
-			environment = {
-				systemPackages = [ package pkgs.neovim ];
-				variables = {
-				};
-			};
-
+		config = { config, ... }: mkContainerConfig {
+			environment.systemPackages = [ package ];
 			systemd.packages = [ package ];
 
 			users.users.paste = {

container/Postgres.nix

@@ -1,5 +1,4 @@
 { storage
-, const
 , host
 , mkContainer
 , mkContainerConfig
@@ -20,17 +19,7 @@ in {
 			};
 		};
 
-		config = { lib, pkgs, ... }: mkContainerConfig {
-			system.stateVersion = const.stateVersion;
-
-			users.users.root.password = "";
-			users.mutableUsers = false;
-
-			networking = {
-				useHostResolvConf = lib.mkForce false;
-				firewall.enable = false;
-			};
-
+		config = { pkgs, ... }: mkContainerConfig {
 			services.postgresql = let
 				databases = [
 					"privatebin"

container/Proxy.nix

@@ -1,5 +1,4 @@
 { storage
-, const
 , util
 , domain
 , mkContainer
@@ -27,17 +26,7 @@ in {
 			};
 		};
 
-		config = { lib, pkgs, ... }: mkContainerConfig {
-			system.stateVersion = const.stateVersion;
-
-			users.users.root.password = "";
-			users.mutableUsers = false;
-
-			networking = {
-				useHostResolvConf = lib.mkForce false;
-				firewall.enable = false;
-			};
-
+		config = { pkgs, ... }: mkContainerConfig {
 			environment.systemPackages = with pkgs; [ certbot ];
 
 			services.nginx = {