2024-07-08 22:23:11 +03:00
4 changed files with 15 additions and 11 deletions
--- a/cluster/services/ipfs/cluster-secret.age
+++ b/cluster/services/ipfs/cluster-secret.age
--- a/cluster/services/ipfs/cluster-pinsvc-credentials.age
+++ b/cluster/services/ipfs/cluster-pinsvc-credentials.age
--- a/cluster/services/ipfs/cluster.nix
+++ b/cluster/services/ipfs/cluster.nix
@ -1,8 +1,9 @@
-{ config, depot, lib, pkgs, ... }:
+{ cluster, config, depot, lib, ... }:

 let
  inherit (depot.lib.meta) domain;
  inherit (depot.lib.nginx) vhosts;
+  inherit (cluster.config.services.ipfs) secrets;
  cfg = config.services.ipfs-cluster;
  ipfsCfg = config.services.ipfs;

@ -19,20 +20,12 @@ in {
    incantations = i: [ ];
  };

-  age.secrets = {
-    ipfs-cluster-secret.file = ./cluster-secret.age;
-    ipfs-cluster-pinsvc-credentials = {
-      file = ./cluster-pinsvc-credentials.age;
-      owner = cfg.user;
-    };
-  };
-
  services.ipfs-cluster = {
    enable = true;
    consensus = "crdt";
    dataDir = "/srv/storage/ipfs/cluster";
-    secretFile = config.age.secrets.ipfs-cluster-secret.path;
-    pinSvcBasicAuthFile = config.age.secrets.ipfs-cluster-pinsvc-credentials.path;
+    secretFile = secrets.clusterSecret.path;
+    pinSvcBasicAuthFile = secrets.pinningServiceCredentials.path;
    openSwarmPort = true;
    settings = {
      cluster = {
--- a/cluster/services/ipfs/default.nix
+++ b/cluster/services/ipfs/default.nix
@ -47,6 +47,17 @@
      io-tweaks = ./io-tweaks.nix;
      remote-api = ./remote-api.nix;
    };
+    secrets = let
+      inherit (config.services.ipfs) nodes;
+    in {
+      clusterSecret = {
+        nodes = nodes.clusterPeer;
+      };
+      pinningServiceCredentials = {
+        nodes = nodes.clusterPeer;
+        owner = "ipfs";
+      };
+    };
  };

  monitoring.blackbox.targets.ipfs-gateway = {