cluster/services/forge: define db

This commit is contained in:
Max Headroom 2024-08-11 20:47:59 +02:00
parent ba1fdb69c1
commit 9d75c90e36
3 changed files with 10 additions and 15 deletions

View file

@ -1,13 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 NO562A YQQrnpQI/qyEZugiRwsrPbW4oMYK/rlmRKAdD3JjYz4
JRGFqNc4BVflfR4WUuEOym39IhZlUI778NtOFtxE8eY
-> ssh-ed25519 5/zT0w utH25Xa9WQK9hXbKWsEWK5LJtCbhjpDX6JaomxnRaCI
2MfxxDjs0doUTVsGP9942rx1tyCYsDxhlDo1542BhKQ
-> ssh-ed25519 d3WGuA 6qD02cluQEBqEvupHf93Onlpv8QJJSl/bJm/XqyD+gQ
bLz/ULSaIW6HnPXDKD5dxCbQWv0VC2R+E5wlj7VxOc0
-> Ovax-grease ^1$]}H G4 FpDF XKHkj{
IVdVFYcVe9PoHCCqM3GG1pM6xgTZ5r8XWlkBjlQimgaDArotF4dPpsSTpyc
--- wdTYr6EpFPFsDJI0qQf74c6ce+v5ek6j+mgAx2CI9uI
ÜA³×oÈð:±­‹`ÜVd±å(Kät:fk¼}3*#MJš<4A>Áõ]ê,¤éÐÈÍ69 il`ÛÆJKwAè8­y@Ýœ¯à+&ðÖ©s]ÅÓ–›Ç>~Ší„+Úô
üÁ»<C381>qa©h<C2A9>( YÕ<17>eÇjýI•ê·/ð^å~Ýw Ê
ÆÜßÌZî!^þRˆéÿv­¾…ïkÊp»ÛPÌ)ý̆ÍpÓV5²F΄ÆÚÙÚÞhBÇ»ß b# Š<>´ùºãi”»¸9ìQy¹¾<C2B9>Êè}€ß ƒ¬E}~ZHûjmyq{òxŠÉôß<C3B4>"”éÀ´C#šójÿÐ.ò§y Ô£¸<0A>ÉÐòê<1“Œúâ¾ìßzâš#/êGñ?që

View file

@ -13,7 +13,6 @@
nodes = server; nodes = server;
owner = "forgejo"; owner = "forgejo";
}; };
dbCredentials.nodes = server;
}; };
}; };
@ -23,6 +22,14 @@
target = config.hostLinks.${host}.forge.url; target = config.hostLinks.${host}.forge.url;
}; };
patroni = config.lib.forService "forge" {
databases.forge = {};
users.forge.locksmith = {
nodes = config.services.forge.nodes.server;
format = "raw";
};
};
garage = config.lib.forService "forge" { garage = config.lib.forService "forge" {
keys.forgejo.locksmith.nodes = config.services.forge.nodes.server; keys.forgejo.locksmith.nodes = config.services.forge.nodes.server;
buckets.forgejo.allow.forgejo = [ "read" "write" ]; buckets.forgejo.allow.forgejo = [ "read" "write" ];

View file

@ -26,6 +26,7 @@ in
services.locksmith.waitForSecrets.forgejo = [ services.locksmith.waitForSecrets.forgejo = [
"garage-forgejo-id" "garage-forgejo-id"
"garage-forgejo-secret" "garage-forgejo-secret"
"patroni-forge"
]; ];
services.forgejo = { services.forgejo = {
@ -39,7 +40,7 @@ in
inherit (patroni) port; inherit (patroni) port;
name = "forge"; name = "forge";
user = "forge"; user = "forge";
passwordFile = secrets.dbCredentials.path; passwordFile = "/run/locksmith/patroni-forge";
}; };
settings = { settings = {
DEFAULT = { DEFAULT = {