depot/hosts/VEGAS/services/object-storage/default.nix

{ config, inputs, lib, pkgs, tools, ... }:
with tools.nginx;
let
  minioPort = config.portsStr.minio;
  consolePort = config.portsStr.minioConsole;
in
{
  reservePortsFor = [ "minio" "minioConsole" ];

  age.secrets.minio-root-credentials = {
    file = ../../../../secrets/minio-root-credentials.age;
    owner = "root";
    group = "root";
    mode = "0400";
  };
  services.minio = {
    enable = true;
    rootCredentialsFile = config.age.secrets.minio-root-credentials.path;
    dataDir = [ "/srv/storage/objects" ];
    browser = true;
    listenAddress = "127.0.0.1:${minioPort}";
    consoleAddress = "127.0.0.1:${consolePort}";
  };
  systemd.services.minio.serviceConfig = {
    Slice = "remotefshost.slice";
  };
  services.nginx.virtualHosts = mappers.mapSubdomains {
    # TODO: vhosts.proxy?
    "object-storage" = vhosts.basic // {
      locations = {
        "/".proxyPass = "http://127.0.0.1:${minioPort}";
        "= /dashboard".proxyPass = "http://127.0.0.1:${minioPort}";
      };
      extraConfig = "client_max_body_size 4G;";
    };
    "console.object-storage" = vhosts.basic // {
      locations = {
        "/".proxyPass = "http://127.0.0.1:${consolePort}";
      };
    };
    "cdn" = lib.recursiveUpdate (vhosts.proxy "http://127.0.0.1:${minioPort}/content-delivery$request_uri") {
      locations."= /".return = "302 /index.html";
    };
  };
  services.oauth2_proxy.nginx.virtualHosts = [ "console.object-storage.${tools.meta.domain}" ];
}
packages/minio-console: 0.12.5 -> 0.13.2 2022-01-20 00:31:44 +02:00			`{ config, inputs, lib, pkgs, tools, ... }:`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`with tools.nginx;`
			`let`
services/object-storage: use built-in console 2022-05-26 23:52:49 +03:00			`minioPort = config.portsStr.minio;`
			`consolePort = config.portsStr.minioConsole;`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`in`
			`{`
services/object-storage: use built-in console 2022-05-26 23:52:49 +03:00			`reservePortsFor = [ "minio" "minioConsole" ];`
VEGAS: use port-magic where applicable 2021-11-29 02:38:59 +02:00
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`age.secrets.minio-root-credentials = {`
			`file = ../../../../secrets/minio-root-credentials.age;`
			`owner = "root";`
			`group = "root";`
			`mode = "0400";`
			`};`
			`services.minio = {`
			`enable = true;`
VEGAS/object-storage: set root credentials path in module option 2021-12-02 22:46:52 +02:00			`rootCredentialsFile = config.age.secrets.minio-root-credentials.path;`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`dataDir = [ "/srv/storage/objects" ];`
			`browser = true;`
services/object-storage: use built-in console 2022-05-26 23:52:49 +03:00			`listenAddress = "127.0.0.1:${minioPort}";`
			`consoleAddress = "127.0.0.1:${consolePort}";`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`};`
			`systemd.services.minio.serviceConfig = {`
			`Slice = "remotefshost.slice";`
			`};`
			`services.nginx.virtualHosts = mappers.mapSubdomains {`
			`# TODO: vhosts.proxy?`
			`"object-storage" = vhosts.basic // {`
			`locations = {`
services/object-storage: use built-in console 2022-05-26 23:52:49 +03:00			`"/".proxyPass = "http://127.0.0.1:${minioPort}";`
			`"= /dashboard".proxyPass = "http://127.0.0.1:${minioPort}";`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`};`
VEGAS/object-storage: allow big uploads 2021-12-01 23:26:45 +02:00			`extraConfig = "client_max_body_size 4G;";`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`};`
			`"console.object-storage" = vhosts.basic // {`
			`locations = {`
services/object-storage: use built-in console 2022-05-26 23:52:49 +03:00			`"/".proxyPass = "http://127.0.0.1:${consolePort}";`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`};`
			`};`
services/object-storage: use built-in console 2022-05-26 23:52:49 +03:00			`"cdn" = lib.recursiveUpdate (vhosts.proxy "http://127.0.0.1:${minioPort}/content-delivery$request_uri") {`
VEGAS: add object storage service 2021-10-16 20:59:06 +03:00			`locations."= /".return = "302 /index.html";`
			`};`
			`};`
			`services.oauth2_proxy.nginx.virtualHosts = [ "console.object-storage.${tools.meta.domain}" ];`
			`}`