From cee3794ec0fa7b9a395bebe3fb8fa54ceb789aa0 Mon Sep 17 00:00:00 2001
From: Leon van Kammen <leonvankammen@gmail.com>
Date: Thu, 5 Mar 2026 22:02:04 +0100
Subject: [PATCH] wip

---
 .env                 |  1 +
 docker-compose.yaml  | 20 ++++++++++----------
 process-compose.yaml | 43 ++++++++++++++++++++++++++++++++++++++-----
 shell.nix            |  4 ++--
 util/wget            |  3 ++-
 5 files changed, 53 insertions(+), 18 deletions(-)
 create mode 100644 .env

diff --git a/.env b/.env
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/.env
@@ -0,0 +1 @@
+
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 19504a6..92e42c4 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,13 +1,13 @@
 # docker-compose.yml
 services:
-  traefik:
-    image: traefik:v3.6
-    command:
-      - "--api.insecure=true"
-      - "--providers.docker=true"
-      - "--entrypoints.web.address=:80"
+  test:
+    image: alpine:3.19
+    entrypoint: nc -l -p 8000
     ports:
-      - "80:80"
-      - "8080:8080"
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
+      - "127.0.0.0:8000:8000"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.rule=Host(`whoami.docker.localhost`)"
+      - "traefik.http.routers.whoami.entrypoints=websecure"
+      - "traefik.http.routers.whoami.tls=true"
+
diff --git a/process-compose.yaml b/process-compose.yaml
index 4efbef0..ab66b70 100644
--- a/process-compose.yaml
+++ b/process-compose.yaml
@@ -8,11 +8,12 @@ disable_env_expansion: true
 vars:
   FOO: 1 # {{.FOO}}
 
+env_cmds:
+  DOCKER: "which podman || which docker"
+  DOCKER_HOST: "printf 'unix://'; which podman &>/dev/null && echo /run/user/$UID/podman/podman.sock || echo '/var/run/docker.sock'"
+env:
+
 processes:
-  install:
-    disabled: true # run `process-compose run install`
-    command: |
-      util/wget a69b6424cda4887e84247b1e01dbfb36ae613ac2cb37f19e307889db2cecc39b https://github.com/glanceapp/glance/releases/download/v0.8.4/glance-linux-amd64.tar.gz
 
   paramjob:
     command: "echo @{foo}"
@@ -39,8 +40,40 @@ processes:
       echo curl --data 'log=https://localhost:8080/process/logs/create_container' -X POST https://home.org/created_container/$ID
     disabled: true # run `curl https://loclahost:8080/process/start/create_container`
 
+  dockersocket:
+    command: |
+      which podman && podman system service --time=0 #$DOCKER_HOST;
+    is_elevated: true
+
+  reverse_proxy:
+    command: |
+      test pkg/traefik || util/wget 6093cd8a06ac26026e66d840dddfc2a1bde2048f8aed95ef26990b7ff70b3ed5 https://github.com/traefik/traefik/releases/download/v3.6.9/traefik_v3.6.9_linux_amd64.tar.gz
+      sleep 1
+      sudo pkg/traefik --api.insecure=true --providers.docker=true --entrypoints.web.address=:80 --providers.docker.endpoint=$DOCKER_HOST
+    depends_on:
+      dockersocket:
+        condition: process_started
+    availability:
+      restart: always # other options: "exit_on_failure", "always", "no" (default)
+      backoff_seconds: 2 # default: 1
+      max_restarts: 5 # default: 0 (unlimited)  
+
+  dockers: 
+    command: |
+      sleep 2 && DOCKER_HOST=$DOCKER_HOST docker-compose up test
+    availability:
+      restart: always # other options: "exit_on_failure", "always", "no" (default)
+      backoff_seconds: 2 # default: 1
+      max_restarts: 5 # default: 0 (unlimited)  
+    depends_on:
+      dockersocket:
+        condition: process_started
+
+
   glance:
-    command: pkg/glance 
+    command: |
+      test -f pkg/glance || util/wget a69b6424cda4887e84247b1e01dbfb36ae613ac2cb37f19e307889db2cecc39b https://github.com/glanceapp/glance/releases/download/v0.8.4/glance-linux-amd64.tar.gz
+      pkg/glance 
     availability:
       restart: on_failure # other options: "exit_on_failure", "always", "no" (default)
       backoff_seconds: 2 # default: 1
diff --git a/shell.nix b/shell.nix
index 7e0e418..0030611 100644
--- a/shell.nix
+++ b/shell.nix
@@ -11,7 +11,7 @@
     # nativeBuildInputs is usually what you want -- tools you need to run
     nativeBuildInputs = with pkgs.buildPackages; [ 
 
-      authbind
+      #authbind
       process-compose
       docker-compose
 
@@ -19,7 +19,7 @@
 
     shellHooks = ''
       export NIX_SHELL_VPS=1
-
+      source .env
       echo "available commands:"
       
     '';
diff --git a/util/wget b/util/wget
index ee36423..917d83c 100755
--- a/util/wget
+++ b/util/wget
@@ -1,8 +1,9 @@
 #!/bin/sh
 # downloads an url [+installs to path] [+checks bit-by-bit reproducability]
+set -x
 test -z "$1" && { echo "wget.install [sha256checksum] <url>"; exit 0; }
 set -e
-test -n "$2" && url="$2" || url="$2"
+test -n "$2" && url="$2" || url="$1"
 file=$(basename "$url")
 test -n "$OUT" || OUT="pkg"
 wget -O "$file" "$url"