depot/cluster/services/forge/default.nix

46 lines
1.2 KiB
Nix
Raw Permalink Normal View History

{ config, depot, ... }:
2023-07-21 02:26:26 +03:00
{
services.forge = {
nodes.server = [ "VEGAS" ];
nixos.server = ./server.nix;
2024-08-23 02:06:38 +03:00
meshLinks.server.forge.link.protocol = "http";
secrets = with config.services.forge.nodes; {
oidcSecret = {
nodes = server;
owner = "forgejo";
};
};
2023-07-21 02:26:26 +03:00
};
2024-07-23 20:05:45 +03:00
ways = let
2024-07-04 05:25:56 +03:00
host = builtins.head config.services.forge.nodes.server;
2024-07-23 20:05:45 +03:00
in config.lib.forService "forge" {
forge.target = config.hostLinks.${host}.forge.url;
};
2024-07-02 18:07:43 +03:00
2024-08-11 21:47:59 +03:00
patroni = config.lib.forService "forge" {
databases.forge = {};
users.forge.locksmith = {
nodes = config.services.forge.nodes.server;
format = "raw";
};
};
2024-07-23 20:05:45 +03:00
garage = config.lib.forService "forge" {
keys.forgejo.locksmith.nodes = config.services.forge.nodes.server;
2024-07-02 18:07:43 +03:00
buckets.forgejo.allow.forgejo = [ "read" "write" ];
};
2024-07-23 20:05:45 +03:00
monitoring.blackbox.targets.forge = config.lib.forService "forge" {
address = "https://forge.${depot.lib.meta.domain}/api/v1/version";
module = "https2xx";
};
2024-07-23 20:05:45 +03:00
dns.records = config.lib.forService "forge" {
"ssh.forge".target = map
(node: depot.hours.${node}.interfaces.primary.addrPublic)
config.services.forge.nodes.server;
};
2023-07-21 02:26:26 +03:00
}