privatevoid.net/depot
1
1
Fork 0
Code Issues 20 Pull requests 5 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/storage: switch garage to ways

Browse source
This commit is contained in:
Max Headroom 2024-07-04 20:23:50 +02:00
parent b8067c6a33
commit c81aec9b9a
2 changed files with 20 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
cluster/services/storage/default.nix
View file

@ -88,9 +88,19 @@ in
}; };
}; };
dns.records.garage.consulService = "garage"; ways = {
dns.records."^[^_].+\\.web\\.garage" = { garage = {
consulService = "garage-web"; consulService = "garage";
rewrite.type = "regex"; extras.extraConfig = ''
client_max_body_size 4G;
'';
};
"web.garage" = {
consulService = "garage-web";
wildcard = true;
extras.locations."/".extraConfig = ''
proxy_set_header Host "$1.${config.links.garageWeb.hostname}";
'';
};
}; };
} }

66
cluster/services/storage/garage-gateway.nix
View file

@ -1,8 +1,8 @@
{ config, cluster, depot, lib, ... }: { config, cluster, depot, lib, ... }:
let let
linkS3 = cluster.config.links.garageS3; linkS3 = cluster.config.hostLinks.${config.networking.hostName}.garageS3;
linkWeb = cluster.config.links.garageWeb; linkWeb = cluster.config.hostLinks.${config.networking.hostName}.garageWeb;
in in
{ {
@ -10,60 +10,14 @@ in
services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple; services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple;
services.nginx.virtualHosts = {
${linkS3.hostname} = depot.lib.nginx.vhosts.basic // {
locations = {
"/".proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageS3.url;
"= /health".proxyPass = config.links.garageMetrics.url;
};
extraConfig = "client_max_body_size 4G;";
};
"${linkWeb.hostname}" = depot.lib.nginx.vhosts.basic // {
serverName = "~^(.+)\.${lib.escapeRegex linkWeb.hostname}$";
enableACME = false;
useACMEHost = linkWeb.hostname;
locations = {
"/" = {
proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageWeb.url;
extraConfig = ''
proxy_set_header Host "$1.${linkWeb.hostname}";
'';
};
"= /.internal-api/garage/health" = {
proxyPass = "${config.links.garageMetrics.url}/health";
};
};
};
};
security.acme.certs = {
${linkS3.hostname} = {
dnsProvider = "exec";
webroot = lib.mkForce null;
};
${linkWeb.hostname} = {
domain = "*.${linkWeb.hostname}";
dnsProvider = "exec";
group = "nginx";
};
};
consul.services = { consul.services = {
garage = { garage = {
mode = "external"; mode = "external";
definition = rec { definition = {
name = "garage"; name = "garage";
address = depot.reflection.interfaces.primary.addrPublic; address = linkS3.ipv4;
inherit (linkS3) port; inherit (linkS3) port;
checks = [ checks = [
{
name = "Frontend";
id = "service:garage:frontend";
interval = "60s";
http = "https://${address}/health";
tls_server_name = linkS3.hostname;
header.Host = lib.singleton linkS3.hostname;
}
{ {
name = "Garage Node"; name = "Garage Node";
id = "service:garage:node"; id = "service:garage:node";
@ -76,19 +30,11 @@ in
garage-web = { garage-web = {
mode = "external"; mode = "external";
unit = "garage"; unit = "garage";
definition = rec { definition = {
name = "garage-web"; name = "garage-web";
address = depot.reflection.interfaces.primary.addrPublic; address = linkWeb.ipv4;
inherit (linkWeb) port; inherit (linkWeb) port;
checks = [ checks = [
{
name = "Frontend";
id = "service:garage-web:frontend";
interval = "60s";
http = "https://${address}/.internal-api/garage/health";
tls_server_name = "healthcheck.${linkWeb.hostname}";
header.Host = lib.singleton "healthcheck.${linkWeb.hostname}";
}
{ {
name = "Garage Node"; name = "Garage Node";
id = "service:garage-web:node"; id = "service:garage-web:node";