RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-29 11:07:44 +00:00
Code Issues Activity

feat: add garage to best

Browse source
This commit is contained in:
RGBCube 2025-02-26 00:35:06 +03:00
parent 2791c4b23b
commit 7b953a5bed
Signed by: RGBCube
SSH key fingerprint: SHA256:CzqbPcfwt+GxFYNnFVCqoN5Itn4YFrshg1TrnACpA5M
4 changed files with 56 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -7,6 +7,7 @@
!hosts/ !hosts/
!hosts/best/ !hosts/best/
!hosts/best/garage/
!hosts/best/nix-serve/ !hosts/best/nix-serve/
!hosts/cube/ !hosts/cube/

44
hosts/best/garage/default.nix Normal file
View file

@ -0,0 +1,44 @@
{ self, config, lib, pkgs, ... }: let
inherit (config.networking) domain;
inherit (lib) enabled merge;
fqdn = "s3.${domain}";
portS3 = 8004;
portRpc = 8005;
in {
imports = [(self + /modules/nginx.nix)];
secrets.garageEnvironment.file = ./environment.age;
services.garage = enabled {
package = pkgs.garage_1_0_1;
environmentFile = config.secrets.garageEnvironment.path;
settings = {
data_dir = [{
capacity = "2T";
path = "/var/lib/garage/data";
}];
replication_factor = 1; # TODO: Expand.
consistency_mode = "consistent";
metadata_fsync = true;
data_fsync = true;
rpc_bind_addr = "[::]:${toString portRpc}";
s3_api = {
s3_region = "garage";
api_bind_addr = "[::1]:${toString portS3}";
root_domain = fqdn;
};
};
};
services.nginx.virtualHosts.${fqdn} = merge config.services.nginx.sslTemplate {
locations."/".proxyPass = "http://[::1]:${toString portS3}";
};
}

8
hosts/best/garage/environment.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> ssh-ed25519 8y3T6w izWjzENLwfqk9n6gvSvSQVPl/BZJZCa8hhLOVu5IvjY
wvfsfYEoYRWf93ArRNP/6rmXikqr0pZa2WyoYmoOYuw
-> ssh-ed25519 CzqbPQ h4ciazCxdHa0kEhImX9PPxLRs9Qw4eP9GFm4GgzQzzo
0wgm2Bf1/OfsxESnaoYQlXjN1IFHtBihU7yTDm3nGK0
--- kzbMa60jx3l2aqxA3Ll86mwCOzBLxcy2X2HjQS/iFtE
!@xAmzôU Ð"{GŠÎbYihJ}öÖºõ›@&g†çæ ·Ô
Ù5•Cñ¾¾{b/\=Ùxð (´Ï}z[ ŸA \ÔÏÔè7 EBœ3¢­„™2Ùk~A%§äLðù«k0l1M¸­Õ³Tà<>

4
secrets.nix
View file

@ -5,7 +5,9 @@ in {
"hosts/best/id.age".publicKeys = [ best ] ++ admins; "hosts/best/id.age".publicKeys = [ best ] ++ admins;
"hosts/best/password.the.age".publicKeys = [ best ] ++ admins; "hosts/best/password.the.age".publicKeys = [ best ] ++ admins;
"hosts/best/nix-serve/key.age".publicKeys = [ best ] ++ admins; "hosts/best/garage/environment.age".publicKeys = [ best ] ++ admins;
"hosts/best/nix-serve/key.age".publicKeys = [ best ] ++ admins;
# cube # cube
"hosts/cube/id.age".publicKeys = [ cube ] ++ admins; "hosts/cube/id.age".publicKeys = [ cube ] ++ admins;