From fdf3980e3ffe80ac1b581a796f6c3a47e51b0f9e Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Fri, 3 Nov 2023 21:45:36 +0100
Subject: [PATCH] cluster/services/storage: use cluster link

---
 cluster/services/storage/default.nix        |  8 +++++++-
 cluster/services/storage/garage-gateway.nix | 14 +++++++-------
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/cluster/services/storage/default.nix b/cluster/services/storage/default.nix
index 79dfd89..34da2a0 100644
--- a/cluster/services/storage/default.nix
+++ b/cluster/services/storage/default.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, depot, lib, ... }:
 
 let
   meshIpForNode = name: config.vars.mesh.${name}.meshIp;
@@ -39,6 +39,12 @@ in
     };
   };
 
+  links.garageS3 = {
+    hostname = "garage.${depot.lib.meta.domain}";
+    port = 443;
+    protocol = "https";
+  };
+
   hostLinks = lib.genAttrs config.services.storage.nodes.garage (name: {
     garageRpc = {
       ipv4 = meshIpForNode name;
diff --git a/cluster/services/storage/garage-gateway.nix b/cluster/services/storage/garage-gateway.nix
index 8567465..88710f2 100644
--- a/cluster/services/storage/garage-gateway.nix
+++ b/cluster/services/storage/garage-gateway.nix
@@ -1,7 +1,7 @@
 { config, cluster, depot, lib, ... }:
 
 let
-  inherit (depot.lib.meta) domain;
+  link = cluster.config.links.garageS3;
 in
 
 {
@@ -10,7 +10,7 @@ in
   services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple;
 
   services.nginx.virtualHosts = {
-    "garage.${domain}" = depot.lib.nginx.vhosts.basic // {
+    ${link.hostname} = depot.lib.nginx.vhosts.basic // {
       locations = {
         "/".proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageS3.url;
 
@@ -18,7 +18,7 @@ in
       };
     };
   };
-  security.acme.certs."garage.${domain}" = {
+  security.acme.certs.${link.hostname} = {
     dnsProvider = "pdns";
     webroot = lib.mkForce null;
   };
@@ -28,15 +28,15 @@ in
     definition = rec {
       name = "garage";
       address = depot.reflection.interfaces.primary.addrPublic;
-      port = 443;
+      inherit (link) port;
       checks = [
-        rec {
+        {
           name = "Frontend";
           id = "service:garage:frontend";
           interval = "60s";
           http = "https://${address}/health";
-          tls_server_name = "garage.${domain}";
-          header.Host = lib.singleton tls_server_name;
+          tls_server_name = link.hostname;
+          header.Host = lib.singleton link.hostname;
         }
         {
           name = "Garage Node";