DGNum/infrastructure
13
6
Fork 3
Code Issues 20 Pull requests 7 Projects 1 Releases Packages Wiki Activity Actions

feat(garage): Simplify management of domains and buckets
All checks were successful
build configuration / build_vault01 (push) Successful in 1m4s
Details
build configuration / build_web02 (push) Successful in 1m4s
Details
build configuration / build_compute01 (push) Successful in 1m12s
Details
build configuration / build_storage01 (push) Successful in 1m20s
Details
lint / check (push) Successful in 23s
Details
build configuration / build_web01 (push) Successful in 1m29s
Details
build configuration / build_rescue01 (push) Successful in 48s
Details

Browse source
This commit is contained in:
Tom Hubrecht 2024-03-16 17:34:42 +01:00
parent f74fd8c8eb
commit 9cae38be02
1 changed files with 16 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
machines/storage01/garage.nix
View file

@ -1,9 +1,4 @@
{ { config, pkgs, ... }:
config,
pkgs,
lib,
...
}:
let let
host = "s3.dgnum.eu"; host = "s3.dgnum.eu";
@ -12,16 +7,17 @@ let
data_dir = "/data/slow/garage/data"; data_dir = "/data/slow/garage/data";
metadata_dir = "/data/fast/garage/meta"; metadata_dir = "/data/fast/garage/meta";
buckets = { domains = [
"castopod-dgnum" = { }; "boussole-sante.normalesup.eu"
"peertube-videos-dgnum" = { }; "simi.normalesup.eu"
"boussole-sante.normalesup.eu" = { ];
mainDomain = true;
}; buckets = [
"simi.normalesup.eu" = { "castopod-dgnum"
mainDomain = true; "peertube-videos-dgnum"
}; ] ++ domains;
};
mkHosted = host: builtins.map (b: "${b}.${host}");
in in
{ {
services.garage = { services.garage = {
@ -79,7 +75,7 @@ in
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
serverAliases = builtins.map (b: "${b}.${host}") (builtins.attrNames buckets); serverAliases = mkHosted host buckets;
locations."/".extraConfig = '' locations."/".extraConfig = ''
proxy_pass http://127.0.0.1:3900; proxy_pass http://127.0.0.1:3900;
@ -95,16 +91,13 @@ in
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
serverAliases = lib.flatten ( serverAliases = domains ++ (mkHosted webHost buckets);
lib.mapAttrsToList (
b: v: lib.singleton "${b}.${webHost}" ++ lib.optional (v ? mainDomain && v.mainDomain) b
) buckets
);
locations."/".extraConfig = '' locations."/".extraConfig = ''
proxy_pass http://127.0.0.1:3902; proxy_pass http://127.0.0.1:3902;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;''; proxy_set_header Host $host;
'';
}; };
}; };
} }