2023-11-03 21:40:34 +02:00
|
|
|
{ config, cluster, depot, lib, ... }:
|
|
|
|
|
|
|
|
let
|
2024-04-22 00:40:21 +03:00
|
|
|
linkS3 = cluster.config.links.garageS3;
|
|
|
|
linkWeb = cluster.config.links.garageWeb;
|
2023-11-03 21:40:34 +02:00
|
|
|
in
|
|
|
|
|
|
|
|
{
|
|
|
|
links.garageMetrics.protocol = "http";
|
|
|
|
|
|
|
|
services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple;
|
|
|
|
|
|
|
|
services.nginx.virtualHosts = {
|
2024-04-22 00:40:21 +03:00
|
|
|
${linkS3.hostname} = depot.lib.nginx.vhosts.basic // {
|
2023-11-03 21:40:34 +02:00
|
|
|
locations = {
|
|
|
|
"/".proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageS3.url;
|
|
|
|
|
2023-11-03 22:33:46 +02:00
|
|
|
"= /health".proxyPass = config.links.garageMetrics.url;
|
2023-11-03 21:40:34 +02:00
|
|
|
};
|
2023-11-11 21:01:02 +02:00
|
|
|
extraConfig = "client_max_body_size 4G;";
|
2023-11-03 21:40:34 +02:00
|
|
|
};
|
2024-04-22 00:40:21 +03:00
|
|
|
"${linkWeb.hostname}" = depot.lib.nginx.vhosts.basic // {
|
|
|
|
serverName = "~^(.+)\.${lib.escapeRegex linkWeb.hostname}$";
|
|
|
|
enableACME = false;
|
|
|
|
useACMEHost = linkWeb.hostname;
|
|
|
|
locations = {
|
|
|
|
"/" = {
|
|
|
|
proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageWeb.url;
|
|
|
|
extraConfig = ''
|
|
|
|
proxy_set_header Host "$1.${linkWeb.hostname}";
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
"= /.internal-api/garage/health" = {
|
|
|
|
proxyPass = "${config.links.garageMetrics.url}/health";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2023-11-03 21:40:34 +02:00
|
|
|
};
|
2024-04-22 00:40:21 +03:00
|
|
|
security.acme.certs = {
|
|
|
|
${linkS3.hostname} = {
|
|
|
|
dnsProvider = "exec";
|
|
|
|
webroot = lib.mkForce null;
|
|
|
|
};
|
|
|
|
${linkWeb.hostname} = {
|
|
|
|
domain = "*.${linkWeb.hostname}";
|
|
|
|
dnsProvider = "exec";
|
|
|
|
group = "nginx";
|
|
|
|
};
|
2023-11-03 21:40:34 +02:00
|
|
|
};
|
2024-04-22 00:40:21 +03:00
|
|
|
consul.services = {
|
|
|
|
garage = {
|
|
|
|
mode = "external";
|
|
|
|
definition = rec {
|
|
|
|
name = "garage";
|
|
|
|
address = depot.reflection.interfaces.primary.addrPublic;
|
|
|
|
inherit (linkS3) port;
|
|
|
|
checks = [
|
|
|
|
{
|
|
|
|
name = "Frontend";
|
|
|
|
id = "service:garage:frontend";
|
|
|
|
interval = "60s";
|
|
|
|
http = "https://${address}/health";
|
|
|
|
tls_server_name = linkS3.hostname;
|
|
|
|
header.Host = lib.singleton linkS3.hostname;
|
|
|
|
}
|
|
|
|
{
|
|
|
|
name = "Garage Node";
|
|
|
|
id = "service:garage:node";
|
|
|
|
interval = "5s";
|
|
|
|
http = "${config.links.garageMetrics.url}/health";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
garage-web = {
|
|
|
|
mode = "external";
|
|
|
|
unit = "garage";
|
|
|
|
definition = rec {
|
|
|
|
name = "garage-web";
|
|
|
|
address = depot.reflection.interfaces.primary.addrPublic;
|
|
|
|
inherit (linkWeb) port;
|
|
|
|
checks = [
|
|
|
|
{
|
|
|
|
name = "Frontend";
|
|
|
|
id = "service:garage-web:frontend";
|
|
|
|
interval = "60s";
|
|
|
|
http = "https://${address}/.internal-api/garage/health";
|
|
|
|
tls_server_name = "healthcheck.${linkWeb.hostname}";
|
|
|
|
header.Host = lib.singleton "healthcheck.${linkWeb.hostname}";
|
|
|
|
}
|
|
|
|
{
|
|
|
|
name = "Garage Node";
|
|
|
|
id = "service:garage-web:node";
|
|
|
|
interval = "5s";
|
|
|
|
http = "${config.links.garageMetrics.url}/health";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
2023-11-03 21:40:34 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|