pointfichiers/services/garage/default.nix

# TODO: Run as different user
{config, ...}: {
  sops.secrets."garage/RPC_SECRET".owner = "root";

  services.caddy.virtualHosts."s3.gasdev.fr *.s3.gasdev.fr" = {
    logFormat = "output file ${config.services.caddy.logDir}/access-s3.gasdev.fr.log";
    extraConfig = ''
      header {
        ?Access-Control-Allow-Headers *
        ?Access-Control-Allow-Methods *
        ?Access-Control-Allow-Origin *
      }
      reverse_proxy http://127.0.0.1:3900
    '';
  };

  services.caddy.virtualHosts."s3web.gasdev.fr *.s3web.gasdev.fr" = {
    logFormat = "output file ${config.services.caddy.logDir}/access-s3web.gasdev.fr.log";
    extraConfig = ''
      reverse_proxy http://127.0.0.1:3902
    '';
  };

  virtualisation.oci-containers.containers = {
    garage = {
      image = "docker.io/dxflrs/garage:v1.0.0";
      autoStart = true;
      ports = [
        "127.0.0.1:3900:3900"
        "127.0.0.1:3901:3901"
        "127.0.0.1:3902:3902"
      ];
      volumes = [
        "/etc/garage.toml:/etc/garage.toml"
        "/var/lib/garage/meta:/var/lib/garage/meta"
        "/var/lib/garage/data:/var/lib/garage/data"
        "/run/secrets/garage/RPC_SECRET:/run/secrets/garage/RPC_SECRET"
      ];
    };
  };

  environment.etc."garage.toml".text = builtins.readFile ./garage.toml;
  systemd.tmpfiles.rules = [
    "d /var/lib/garage/meta 0700 root root -"
    "d /var/lib/garage/data 0700 root root -"
  ];

  programs.bash.shellAliases = {
    garage = "podman exec -it garage /garage";
  };
}
feat(services): Added `garage` service config 2024-09-30 12:13:14 +02:00			`# TODO: Run as different user`
fix(garage): Fixed proxy config 2024-11-03 21:41:19 +01:00			`{config, ...}: {`
chore(services -> garage): Uppercase secret file name 2024-10-02 08:59:02 +02:00			`sops.secrets."garage/RPC_SECRET".owner = "root";`
feat(services): Added `garage` service config 2024-09-30 12:13:14 +02:00
fix(garage): Fixed proxy config 2024-11-03 21:41:19 +01:00			`services.caddy.virtualHosts."s3.gasdev.fr *.s3.gasdev.fr" = {`
			`logFormat = "output file ${config.services.caddy.logDir}/access-s3.gasdev.fr.log";`
			`extraConfig = ''`
fix(outline): Tweak stuff to make uploads work Currently not working 2024-11-03 22:14:02 +01:00			`header {`
			`?Access-Control-Allow-Headers *`
			`?Access-Control-Allow-Methods *`
			`?Access-Control-Allow-Origin *`
			`}`
fix(garage): Fixed proxy config 2024-11-03 21:41:19 +01:00			`reverse_proxy http://127.0.0.1:3900`
			`'';`
			`};`
fix(garage): Added new domains 2024-10-12 18:10:49 +02:00
fix(garage): Fixed proxy config 2024-11-03 21:41:19 +01:00			`services.caddy.virtualHosts."s3web.gasdev.fr *.s3web.gasdev.fr" = {`
			`logFormat = "output file ${config.services.caddy.logDir}/access-s3web.gasdev.fr.log";`
			`extraConfig = ''`
			`reverse_proxy http://127.0.0.1:3902`
			`'';`
			`};`
feat(services): Added `garage` service config 2024-09-30 12:13:14 +02:00
			`virtualisation.oci-containers.containers = {`
			`garage = {`
			`image = "docker.io/dxflrs/garage:v1.0.0";`
			`autoStart = true;`
			`ports = [`
			`"127.0.0.1:3900:3900"`
			`"127.0.0.1:3901:3901"`
			`"127.0.0.1:3902:3902"`
			`];`
			`volumes = [`
			`"/etc/garage.toml:/etc/garage.toml"`
			`"/var/lib/garage/meta:/var/lib/garage/meta"`
			`"/var/lib/garage/data:/var/lib/garage/data"`
chore(services -> garage): Uppercase secret file name 2024-10-02 08:59:02 +02:00			`"/run/secrets/garage/RPC_SECRET:/run/secrets/garage/RPC_SECRET"`
feat(services): Added `garage` service config 2024-09-30 12:13:14 +02:00			`];`
			`};`
			`};`

			`environment.etc."garage.toml".text = builtins.readFile ./garage.toml;`
			`systemd.tmpfiles.rules = [`
			`"d /var/lib/garage/meta 0700 root root -"`
			`"d /var/lib/garage/data 0700 root root -"`
			`];`
feat(garage): Add `garage` bash alias 2024-10-11 20:58:03 +02:00
			`programs.bash.shellAliases = {`
			`garage = "podman exec -it garage /garage";`
			`};`
feat(services): Added `garage` service config 2024-09-30 12:13:14 +02:00			`}`