From c11fea4a9d317a505bf419f2a86da12e0f990a4f Mon Sep 17 00:00:00 2001
From: pazpi <davide@pasetto.me>
Date: Sat, 31 Jan 2026 19:18:20 +0100
Subject: [PATCH] Remove portainer in favor of Docker

---
 containers/README.md           |  2 +-
 hosts/caddy/dashy-settings.nix | 14 ++++++++-----
 hosts/caddy/default.nix        | 10 ++++-----
 hosts/docker/default.nix       | 21 +++++++++++++++++++
 hosts/hosts.nix                |  8 +++----
 hosts/metrics/default.nix      |  2 +-
 hosts/parameters.nix           |  2 +-
 hosts/portainer/default.nix    | 38 ----------------------------------
 secrets.nix                    |  2 +-
 ssh-keys.nix                   |  2 +-
 10 files changed, 44 insertions(+), 57 deletions(-)
 create mode 100644 hosts/docker/default.nix
 delete mode 100644 hosts/portainer/default.nix

diff --git a/containers/README.md b/containers/README.md
index b0ef27c..80cea54 100644
--- a/containers/README.md
+++ b/containers/README.md
@@ -1,3 +1,3 @@
 # Containers
 
-Easy to deploy in portainer that nix
\ No newline at end of file
+For deployments via Dockhand (WIP)
\ No newline at end of file
diff --git a/hosts/caddy/dashy-settings.nix b/hosts/caddy/dashy-settings.nix
index c9f265d..5389a70 100644
--- a/hosts/caddy/dashy-settings.nix
+++ b/hosts/caddy/dashy-settings.nix
@@ -12,7 +12,11 @@ in
       oidc = {
         clientId = "FiIJTqBIlMKmeSBjznUFgXIJadt71av8dfICvZvf";
         endpoint = "https://auth.pasetto.me/application/o/dashy/";
-        scope = ["openid" "profile" "email"];
+        scope = [
+          "openid"
+          "profile"
+          "email"
+        ];
       };
     };
     webSearch = {
@@ -325,10 +329,10 @@ in
       };
       items = [
         {
-          title = "Portainer";
+          title = "Docker";
           description = "Container Management";
-          url = "https://portainer.${p.domains.public}";
-          icon = "hl-portainer";
+          url = "https://${p.hosts.docker}.${p.domains.public}";
+          icon = "hl-docker";
         }
         {
           title = "Primary DNS";
@@ -354,7 +358,7 @@ in
           url = "https://node.${p.domains.public}:8006";
           icon = "hl-proxmox";
         }
-                {
+        {
           title = "Krzo";
           description = "Proxmox Node";
           url = "https://krzo.${p.domains.public}:8006";
diff --git a/hosts/caddy/default.nix b/hosts/caddy/default.nix
index b5a3b72..5f8ed8a 100644
--- a/hosts/caddy/default.nix
+++ b/hosts/caddy/default.nix
@@ -125,7 +125,7 @@ in
       uptime-kuma.proxy = {
         enable = true;
         domain = p.domains.public;
-        host = p.hosts.portainer;
+        host = p.hosts.docker;
       };
 
       librenms.proxy = {
@@ -172,22 +172,22 @@ in
           }
           {
             subdomain = "ai";
-            host = "http://${p.hosts.portainer}:4080";
+            host = "http://${p.hosts.docker}:4080";
             domain = p.domains.public;
           }
           {
             subdomain = "keep";
-            host = "http://${p.hosts.portainer}:3000";
+            host = "http://${p.hosts.docker}:3000";
             domain = p.domains.public;
           }
           {
             subdomain = "maps";
-            host = "http://${p.hosts.portainer}:5000";
+            host = "http://${p.hosts.docker}:5000";
             domain = p.domains.public;
           }
           {
             subdomain = "dock";
-            host = "http://${p.hosts.portainer}:3333";
+            host = "http://${p.hosts.docker}:3333";
             domain = p.domains.public;
           }
         ];
diff --git a/hosts/docker/default.nix b/hosts/docker/default.nix
new file mode 100644
index 0000000..9f7dc74
--- /dev/null
+++ b/hosts/docker/default.nix
@@ -0,0 +1,21 @@
+{
+  pkgs,
+  lib,
+  ...
+}:
+{
+  my = {
+    utils = {
+      commons.enable = true;
+      lxc-standard.enable = true;
+    };
+
+    monitoring.uptime-kuma.enable = true;
+
+    virtualisation = {
+      proxmox.enable = true;
+    };
+  };
+
+  system.stateVersion = "24.11";
+}
diff --git a/hosts/hosts.nix b/hosts/hosts.nix
index dd73b05..8b006da 100644
--- a/hosts/hosts.nix
+++ b/hosts/hosts.nix
@@ -29,7 +29,7 @@
       "auth"
       "metrics"
       "nextcloud"
-      "portainer"
+      "docker"
       "vaultwarden"
       "immich"
       "firefly-iii"
@@ -155,12 +155,12 @@
     ];
   };
 
-  portainer = {
-    module = ./portainer;
+  docker = {
+    module = ./docker;
     tags = [
       "lxc"
       "bacco"
-      "portainer"
+      "docker"
       "secondary"
     ];
   };
diff --git a/hosts/metrics/default.nix b/hosts/metrics/default.nix
index 91853c1..c54e603 100644
--- a/hosts/metrics/default.nix
+++ b/hosts/metrics/default.nix
@@ -104,7 +104,7 @@ in
               "${p.hosts.nextcloud}:${defaultNodePort}"
               "${p.hosts.vaultwarden}:${defaultNodePort}"
               "${p.hosts.plex}:${defaultNodePort}"
-              "${p.hosts.portainer}:${defaultNodePort}"
+              "${p.hosts.docker}:${defaultNodePort}"
             ];
           }
         ];
diff --git a/hosts/parameters.nix b/hosts/parameters.nix
index 87949e5..7f9267a 100644
--- a/hosts/parameters.nix
+++ b/hosts/parameters.nix
@@ -17,7 +17,7 @@ in
     nextcloud = "nextcloud.${private-domain}";
     vaultwarden = "vaultwarden.${private-domain}";
     plex = "plex.${private-domain}";
-    portainer = "portainer.${private-domain}";
+    docker = "docker.${private-domain}";
     colmena = "colmena.${private-domain}";
     pve01 = "bacco${private-domain}";
     pve02 = "node.${private-domain}";
diff --git a/hosts/portainer/default.nix b/hosts/portainer/default.nix
deleted file mode 100644
index d2ae030..0000000
--- a/hosts/portainer/default.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
-let
-  portainerDataDir = "/var/lib/portainer"; # Define the directory for persistent data
-in
-{
-
-  age.secrets.watchtowerSecrets.file = ../../secrets/watchtower-secrets.age;
-
-  my = {
-    utils = {
-      commons.enable = true;
-      lxc-standard.enable = true;
-    };
-
-    monitoring.uptime-kuma.enable = true;
-
-    virtualisation = {
-      proxmox.enable = true;
-      portainer = {
-        enable = true;
-        enableWatchtower = true;
-        environmentSecrets = config.age.secrets.watchtowerSecrets.path;
-      };
-    };
-  };
-
-  # Extra packages
-  environment.shellAliases = {
-      docker = "sudo docker";
-  };
-
-  system.stateVersion = "24.11";
-}
diff --git a/secrets.nix b/secrets.nix
index 9518d43..4a01d50 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -16,7 +16,7 @@ let
       machines.caddy
       machines.metrics
     ];
-    watchtower-secrets = [ machines.portainer ];
+    watchtower-secrets = [ machines.docker ];
     authentik-env = [ machines.auth ];
     dns01-admin-password = [ machines.dns01 ];
     dns02-admin-password = [ machines.dns02 ];
diff --git a/ssh-keys.nix b/ssh-keys.nix
index 1f1d57a..1231b7e 100644
--- a/ssh-keys.nix
+++ b/ssh-keys.nix
@@ -13,7 +13,7 @@ rec {
     nextcloud = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGYobAlQ9tPKjyh7eE2Ku81ZiMY6OWd3ELDqo+xBmjbC";
     vaultwarden = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOW9uYQpPMiKvI/KFRvd/5f9J8a0zLaQxstWRI8VNObV";
     plex = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINp9itRJGSSVWLxwrcudyGUNOOKl+qqtf+IzLHrhffyt";
-    portainer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgg4SKMCw2/21l1crY7trFnrCmNSrkYPl3vEDnJ8aQn";
+    docker = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgg4SKMCw2/21l1crY7trFnrCmNSrkYPl3vEDnJ8aQn";
     auth = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFsSQbXHRt+MpUh+YQxd5p6YPnbbWR/4ylz/pXjdZ9Bs";
     dns01 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII7BdiP/dCE6FHoJylcBKQ5AXz06UpLHNyeuvfLVccSi";
     dns02 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ+HIq6/ebjiv71xDozdOTn5AdnXgr1fGqIzXnH7Not+";