privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

VEGAS/gitlab: use Patroni database

Browse source
This commit is contained in:
Max Headroom 2022-08-09 22:33:05 +02:00
parent 0689f5586c
commit 35189ed6de
3 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
hosts/VEGAS/services/gitlab/default.nix
View file

@ -1,8 +1,10 @@
{ config, lib, tools, ... }: { cluster, config, lib, tools, ... }:
let let
inherit (tools.meta) domain adminEmail; inherit (tools.meta) domain adminEmail;
patroni = cluster.config.links.patroni-pg-access;
mkSecret = name: { mkSecret = name: {
owner = "gitlab"; owner = "gitlab";
group = "gitlab"; group = "gitlab";
@ -17,6 +19,7 @@ in
{ {
age.secrets = lib.flip lib.genAttrs mkSecret [ age.secrets = lib.flip lib.genAttrs mkSecret [
"gitlab-db-credentials"
"gitlab-initial-root-password" "gitlab-initial-root-password"
"gitlab-openid-secret" "gitlab-openid-secret"
"gitlab-runner-registration" "gitlab-runner-registration"
@ -32,6 +35,12 @@ in
host = "git.${domain}"; host = "git.${domain}";
port = 443; port = 443;
databaseCreateLocally = false;
databaseHost = patroni.ipv4;
extraDatabaseConfig = { inherit (patroni) port; };
databaseUsername = "gitlab";
databasePasswordFile = secrets.gitlab-db-credentials;
initialRootEmail = adminEmail; initialRootEmail = adminEmail;
statePath = "/srv/storage/private/gitlab/state"; statePath = "/srv/storage/private/gitlab/state";

1
secrets.nix
View file

@ -15,6 +15,7 @@ in with hosts;
"cluster/services/wireguard/mesh-keys/VEGAS.age".publicKeys = max ++ map systemKeys [ VEGAS ]; "cluster/services/wireguard/mesh-keys/VEGAS.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"cluster/services/wireguard/mesh-keys/prophet.age".publicKeys = max ++ map systemKeys [ prophet ]; "cluster/services/wireguard/mesh-keys/prophet.age".publicKeys = max ++ map systemKeys [ prophet ];
"secrets/coturn-static-auth.age".publicKeys = max ++ map systemKeys [ VEGAS ]; "secrets/coturn-static-auth.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"secrets/gitlab-db-credentials.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"secrets/gitlab-initial-root-password.age".publicKeys = max ++ map systemKeys [ VEGAS ]; "secrets/gitlab-initial-root-password.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"secrets/gitlab-openid-secret.age".publicKeys = max ++ map systemKeys [ VEGAS ]; "secrets/gitlab-openid-secret.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"secrets/gitlab-runner-registration.age".publicKeys = max ++ map systemKeys [ VEGAS ]; "secrets/gitlab-runner-registration.age".publicKeys = max ++ map systemKeys [ VEGAS ];

BIN
secrets/gitlab-db-credentials.age Normal file
View file

Binary file not shown.