privatevoid.net/depot
1
1
Fork 0
Code Issues 25 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/storage: use cluster link

Browse source
This commit is contained in:
Max Headroom 2023-11-03 21:45:36 +01:00
parent e1c4f0e9ec
commit fdf3980e3f
2 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
cluster/services/storage/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }: { config, depot, lib, ... }:
let let
meshIpForNode = name: config.vars.mesh.${name}.meshIp; meshIpForNode = name: config.vars.mesh.${name}.meshIp;
@ -39,6 +39,12 @@ in
}; };
}; };
links.garageS3 = {
hostname = "garage.${depot.lib.meta.domain}";
port = 443;
protocol = "https";
};
hostLinks = lib.genAttrs config.services.storage.nodes.garage (name: { hostLinks = lib.genAttrs config.services.storage.nodes.garage (name: {
garageRpc = { garageRpc = {
ipv4 = meshIpForNode name; ipv4 = meshIpForNode name;

14
cluster/services/storage/garage-gateway.nix
View file

@ -1,7 +1,7 @@
{ config, cluster, depot, lib, ... }: { config, cluster, depot, lib, ... }:
let let
inherit (depot.lib.meta) domain; link = cluster.config.links.garageS3;
in in
{ {
@ -10,7 +10,7 @@ in
services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple; services.garage.settings.admin.api_bind_addr = config.links.garageMetrics.tuple;
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"garage.${domain}" = depot.lib.nginx.vhosts.basic // { ${link.hostname} = depot.lib.nginx.vhosts.basic // {
locations = { locations = {
"/".proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageS3.url; "/".proxyPass = cluster.config.hostLinks.${config.networking.hostName}.garageS3.url;
@ -18,7 +18,7 @@ in
}; };
}; };
}; };
security.acme.certs."garage.${domain}" = { security.acme.certs.${link.hostname} = {
dnsProvider = "pdns"; dnsProvider = "pdns";
webroot = lib.mkForce null; webroot = lib.mkForce null;
}; };
@ -28,15 +28,15 @@ in
definition = rec { definition = rec {
name = "garage"; name = "garage";
address = depot.reflection.interfaces.primary.addrPublic; address = depot.reflection.interfaces.primary.addrPublic;
port = 443; inherit (link) port;
checks = [ checks = [
rec { {
name = "Frontend"; name = "Frontend";
id = "service:garage:frontend"; id = "service:garage:frontend";
interval = "60s"; interval = "60s";
http = "https://${address}/health"; http = "https://${address}/health";
tls_server_name = "garage.${domain}"; tls_server_name = link.hostname;
header.Host = lib.singleton tls_server_name; header.Host = lib.singleton link.hostname;
} }
{ {
name = "Garage Node"; name = "Garage Node";