46 lines
1.4 KiB
Nix
46 lines
1.4 KiB
Nix
{ config, inputs, lib, pkgs, tools, ... }:
|
|
with tools.nginx;
|
|
let
|
|
minioPort = config.portsStr.minio;
|
|
consolePort = config.portsStr.minioConsole;
|
|
in
|
|
{
|
|
reservePortsFor = [ "minio" "minioConsole" ];
|
|
|
|
age.secrets.minio-root-credentials = {
|
|
file = ../../../../secrets/minio-root-credentials.age;
|
|
owner = "root";
|
|
group = "root";
|
|
mode = "0400";
|
|
};
|
|
services.minio = {
|
|
enable = true;
|
|
rootCredentialsFile = config.age.secrets.minio-root-credentials.path;
|
|
dataDir = [ "/srv/storage/objects" ];
|
|
browser = true;
|
|
listenAddress = "127.0.0.1:${minioPort}";
|
|
consoleAddress = "127.0.0.1:${consolePort}";
|
|
};
|
|
systemd.services.minio.serviceConfig = {
|
|
Slice = "remotefshost.slice";
|
|
};
|
|
services.nginx.virtualHosts = mappers.mapSubdomains {
|
|
# TODO: vhosts.proxy?
|
|
"object-storage" = vhosts.basic // {
|
|
locations = {
|
|
"/".proxyPass = "http://127.0.0.1:${minioPort}";
|
|
"= /dashboard".proxyPass = "http://127.0.0.1:${minioPort}";
|
|
};
|
|
extraConfig = "client_max_body_size 4G;";
|
|
};
|
|
"console.object-storage" = vhosts.basic // {
|
|
locations = {
|
|
"/".proxyPass = "http://127.0.0.1:${consolePort}";
|
|
};
|
|
};
|
|
"cdn" = lib.recursiveUpdate (vhosts.proxy "http://127.0.0.1:${minioPort}/content-delivery$request_uri") {
|
|
locations."= /".return = "302 /index.html";
|
|
};
|
|
};
|
|
services.oauth2_proxy.nginx.virtualHosts = [ "console.object-storage.${tools.meta.domain}" ];
|
|
}
|