xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add garage on hopper

Browse source
This commit is contained in:
xunuwu 2025-07-17 23:00:02 +02:00
parent 0b8fa028a2
commit ea75c7c4b0
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
4 changed files with 37 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/hopper/profiles/lab/caddy.nix
View file

@ -49,6 +49,8 @@ in {
vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}"; vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}";
abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}"; abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}";
miniflux = mkPublicEntry "rss" "${bridge}:18632"; miniflux = mkPublicEntry "rss" "${bridge}:18632";
s3 = mkPublicEntry "s3" "unix//run/garage/s3.sock";
s3-2 = mkPublicEntry "*.s3" "unix//run/garage/s3.sock";
navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}"; navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}";
slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}"; slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}";
@ -58,6 +60,7 @@ in {
absPriv = mkPrivateEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}"; absPriv = mkPrivateEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}";
glances = mkPrivateEntry "glances" "${bridge}:${toString config.services.glances.port}"; glances = mkPrivateEntry "glances" "${bridge}:${toString config.services.glances.port}";
alertmanager = mkPrivateEntry "alerts" "${bridge}:${toString config.services.prometheus.alertmanager.port}"; alertmanager = mkPrivateEntry "alerts" "${bridge}:${toString config.services.prometheus.alertmanager.port}";
s3-web = mkPrivateEntry "s3-web" "unix//run/garage/web.sock";
other = { other = {
hostName = "*.${domain}:80"; hostName = "*.${domain}:80";

1
hosts/hopper/profiles/lab/default.nix
View file

@ -6,6 +6,7 @@
./audiobookshelf.nix ./audiobookshelf.nix
./caddy.nix ./caddy.nix
./dnsmasq.nix ./dnsmasq.nix
./garage.nix
./glances.nix ./glances.nix
./homepage.nix ./homepage.nix
./minecraft.nix ./minecraft.nix

30
hosts/hopper/profiles/lab/garage.nix Normal file
View file

@ -0,0 +1,30 @@
{
pkgs,
vars,
config,
...
}: {
services.garage = {
enable = true;
package = pkgs.garage_1_2_0;
settings = {
replication_factor = 1;
rpc_bind_addr = "[::]:8005";
rpc_secret = "4425f5c26c5e11581d3223904324dcb5b5d5dfb14e5e7f35e38c595424f5f1e6";
s3_api = {
api_bind_addr = "/run/garage/s3.sock";
s3_region = "garage";
root_domain = "s3.${vars.domain}";
};
s3_web = {
bind_addr = "/run/garage/web.sock";
root_domain = "s3-web.hopper.priv.${vars.domain}";
};
};
};
systemd.services.garage.serviceConfig.RuntimeDirectory = "garage";
}

4
hosts/rackserv/profiles/caddy.nix
View file

@ -16,7 +16,7 @@ in {
certs = { certs = {
"${domain}" = { "${domain}" = {
domain = "${domain}"; domain = "${domain}";
extraDomainNames = ["*.${domain}"]; extraDomainNames = ["*.${domain}" "*.s3.${domain}"];
dnsProvider = "cloudflare"; dnsProvider = "cloudflare";
reloadServices = ["caddy.service"]; reloadServices = ["caddy.service"];
credentialFiles.CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path; credentialFiles.CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path;
@ -45,6 +45,8 @@ in {
"vw.${domain}" "vw.${domain}"
"abs.${domain}" "abs.${domain}"
"rss.${domain}" "rss.${domain}"
"s3.${domain}"
"*.s3.${domain}"
]; ];
useACMEHost = domain; useACMEHost = domain;
logFormat = "output file ${config.services.caddy.logDir}/access-hopper.log"; logFormat = "output file ${config.services.caddy.logDir}/access-hopper.log";