depot/cluster/services/attic/default.nix

61 lines
1.2 KiB
Nix
Raw Permalink Normal View History

{ config, depot, ... }:
2023-06-14 00:27:53 +03:00
{
services.attic = {
nodes = {
2024-08-02 23:46:45 +03:00
monolith = [ "VEGAS" "prophet" ];
server = [ "VEGAS" "grail" "prophet" ];
2023-06-14 00:27:53 +03:00
};
nixos = {
2024-08-02 23:46:45 +03:00
monolith = [
./server.nix
];
server = [
./server.nix
./binary-cache.nix
./nar-serve.nix
];
2023-06-14 00:27:53 +03:00
};
2024-08-23 02:06:38 +03:00
meshLinks.server.attic.link.protocol = "http";
secrets = let
inherit (config.services.attic) nodes;
in {
serverToken = {
nodes = nodes.server;
};
dbCredentials = {
nodes = nodes.server;
owner = "atticd";
};
};
2023-06-14 00:27:53 +03:00
};
2023-10-31 23:19:08 +02:00
2024-07-23 20:03:56 +03:00
garage = config.lib.forService "attic" {
keys.attic.locksmith = {
nodes = config.services.attic.nodes.server;
owner = "atticd";
format = "aws";
};
2023-10-31 23:19:08 +02:00
buckets.attic = {
allow.attic = [ "read" "write" ];
};
};
dns.records = let
serverAddrs = map
(node: depot.hours.${node}.interfaces.primary.addrPublic)
config.services.attic.nodes.server;
2024-07-23 20:03:56 +03:00
in config.lib.forService "attic" {
cache.target = serverAddrs;
};
2024-08-02 23:46:45 +03:00
2024-07-23 20:03:56 +03:00
ways = config.lib.forService "attic" {
cache-api = {
consulService = "atticd";
extras.extraConfig = ''
client_max_body_size 4G;
'';
};
2024-08-02 23:46:45 +03:00
};
2023-06-14 00:27:53 +03:00
}