From c81aec9b9a00185309b7c3f36b53da1419972fd9 Mon Sep 17 00:00:00 2001 From: Max Date: Thu, 4 Jul 2024 20:23:50 +0200 Subject: [PATCH] cluster/services/storage: switch garage to ways --- cluster/services/storage/default.nix | 18 ++++-- cluster/services/storage/garage-gateway.nix | 66 ++------------------- 2 files changed, 20 insertions(+), 64 deletions(-) diff --git a/cluster/services/storage/default.nix b/cluster/services/storage/default.nix index 615bb73..5f39ca8 100644 --- a/cluster/services/storage/default.nix +++ b/cluster/services/storage/default.nix @@ -88,9 +88,19 @@ in }; }; - dns.records.garage.consulService = "garage"; - dns.records."^[^_].+\\.web\\.garage" = { - consulService = "garage-web"; - rewrite.type = "regex"; + ways = { + garage = { + consulService = "garage"; + extras.extraConfig = '' + client_max_body_size 4G; + ''; + }; + "web.garage" = { + consulService = "garage-web"; + wildcard = true; + extras.locations."/".extraConfig = '' + proxy_set_header Host "$1.${config.links.garageWeb.hostname}"; + ''; + }; }; } diff --git a/cluster/services/storage/garage-gateway.nix b/cluster/services/storage/garage-gateway.nix index a87ee0f..fa209e3 100644 --- a/cluster/services/storage/garage-gateway.nix +++ b/cluster/services/storage/garage-gateway.nix @@ -1,8 +1,8 @@ { config, cluster, depot, lib, ... }: let - linkS3 = cluster.config.links.garageS3; - linkWeb = cluster.config.links.garageWeb; + linkS3 = cluster.config.hostLinks.${config.networking.hostName}.garageS3; + linkWeb = cluster.config.hostLinks.${config.networking.hostName}.garageWeb; in { @@ -10,60 +10,14 @@ in services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple; - services.nginx.virtualHosts = { - ${linkS3.hostname} = depot.lib.nginx.vhosts.basic // { - locations = { - "/".proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageS3.url; - - "= /health".proxyPass = config.links.garageMetrics.url; - }; - extraConfig = "client_max_body_size 4G;"; - }; - "${linkWeb.hostname}" = depot.lib.nginx.vhosts.basic // { - serverName = "~^(.+)\.${lib.escapeRegex linkWeb.hostname}$"; - enableACME = false; - useACMEHost = linkWeb.hostname; - locations = { - "/" = { - proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageWeb.url; - extraConfig = '' - proxy_set_header Host "$1.${linkWeb.hostname}"; - ''; - }; - - "= /.internal-api/garage/health" = { - proxyPass = "${config.links.garageMetrics.url}/health"; - }; - }; - }; - }; - security.acme.certs = { - ${linkS3.hostname} = { - dnsProvider = "exec"; - webroot = lib.mkForce null; - }; - ${linkWeb.hostname} = { - domain = "*.${linkWeb.hostname}"; - dnsProvider = "exec"; - group = "nginx"; - }; - }; consul.services = { garage = { mode = "external"; - definition = rec { + definition = { name = "garage"; - address = depot.reflection.interfaces.primary.addrPublic; + address = linkS3.ipv4; inherit (linkS3) port; checks = [ - { - name = "Frontend"; - id = "service:garage:frontend"; - interval = "60s"; - http = "https://${address}/health"; - tls_server_name = linkS3.hostname; - header.Host = lib.singleton linkS3.hostname; - } { name = "Garage Node"; id = "service:garage:node"; @@ -76,19 +30,11 @@ in garage-web = { mode = "external"; unit = "garage"; - definition = rec { + definition = { name = "garage-web"; - address = depot.reflection.interfaces.primary.addrPublic; + address = linkWeb.ipv4; inherit (linkWeb) port; checks = [ - { - name = "Frontend"; - id = "service:garage-web:frontend"; - interval = "60s"; - http = "https://${address}/.internal-api/garage/health"; - tls_server_name = "healthcheck.${linkWeb.hostname}"; - header.Host = lib.singleton "healthcheck.${linkWeb.hostname}"; - } { name = "Garage Node"; id = "service:garage-web:node";