From ea75c7c4b07f7af82d35e727246867c905e25e6b Mon Sep 17 00:00:00 2001 From: xunuwu Date: Thu, 17 Jul 2025 23:00:02 +0200 Subject: [PATCH] add garage on hopper --- hosts/hopper/profiles/lab/caddy.nix | 3 +++ hosts/hopper/profiles/lab/default.nix | 1 + hosts/hopper/profiles/lab/garage.nix | 30 +++++++++++++++++++++++++++ hosts/rackserv/profiles/caddy.nix | 4 +++- 4 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 hosts/hopper/profiles/lab/garage.nix diff --git a/hosts/hopper/profiles/lab/caddy.nix b/hosts/hopper/profiles/lab/caddy.nix index 1466ebf..70be7dc 100644 --- a/hosts/hopper/profiles/lab/caddy.nix +++ b/hosts/hopper/profiles/lab/caddy.nix @@ -49,6 +49,8 @@ in { vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}"; abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}"; miniflux = mkPublicEntry "rss" "${bridge}:18632"; + s3 = mkPublicEntry "s3" "unix//run/garage/s3.sock"; + s3-2 = mkPublicEntry "*.s3" "unix//run/garage/s3.sock"; navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}"; slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}"; @@ -58,6 +60,7 @@ in { absPriv = mkPrivateEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}"; glances = mkPrivateEntry "glances" "${bridge}:${toString config.services.glances.port}"; alertmanager = mkPrivateEntry "alerts" "${bridge}:${toString config.services.prometheus.alertmanager.port}"; + s3-web = mkPrivateEntry "s3-web" "unix//run/garage/web.sock"; other = { hostName = "*.${domain}:80"; diff --git a/hosts/hopper/profiles/lab/default.nix b/hosts/hopper/profiles/lab/default.nix index 710d3c9..a2e221e 100644 --- a/hosts/hopper/profiles/lab/default.nix +++ b/hosts/hopper/profiles/lab/default.nix @@ -6,6 +6,7 @@ ./audiobookshelf.nix ./caddy.nix ./dnsmasq.nix + ./garage.nix ./glances.nix ./homepage.nix ./minecraft.nix diff --git a/hosts/hopper/profiles/lab/garage.nix b/hosts/hopper/profiles/lab/garage.nix new file mode 100644 index 0000000..75298e8 --- /dev/null +++ b/hosts/hopper/profiles/lab/garage.nix @@ -0,0 +1,30 @@ +{ + pkgs, + vars, + config, + ... +}: { + services.garage = { + enable = true; + package = pkgs.garage_1_2_0; + settings = { + replication_factor = 1; + + rpc_bind_addr = "[::]:8005"; + rpc_secret = "4425f5c26c5e11581d3223904324dcb5b5d5dfb14e5e7f35e38c595424f5f1e6"; + + s3_api = { + api_bind_addr = "/run/garage/s3.sock"; + s3_region = "garage"; + root_domain = "s3.${vars.domain}"; + }; + + s3_web = { + bind_addr = "/run/garage/web.sock"; + root_domain = "s3-web.hopper.priv.${vars.domain}"; + }; + }; + }; + + systemd.services.garage.serviceConfig.RuntimeDirectory = "garage"; +} diff --git a/hosts/rackserv/profiles/caddy.nix b/hosts/rackserv/profiles/caddy.nix index d40eafb..9e732a9 100644 --- a/hosts/rackserv/profiles/caddy.nix +++ b/hosts/rackserv/profiles/caddy.nix @@ -16,7 +16,7 @@ in { certs = { "${domain}" = { domain = "${domain}"; - extraDomainNames = ["*.${domain}"]; + extraDomainNames = ["*.${domain}" "*.s3.${domain}"]; dnsProvider = "cloudflare"; reloadServices = ["caddy.service"]; credentialFiles.CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path; @@ -45,6 +45,8 @@ in { "vw.${domain}" "abs.${domain}" "rss.${domain}" + "s3.${domain}" + "*.s3.${domain}" ]; useACMEHost = domain; logFormat = "output file ${config.services.caddy.logDir}/access-hopper.log";