Noratrieb/vps
1
0
Fork 0
mirror of https://github.com/Noratrieb/vps.git synced 2026-01-14 16:55:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
vps/nix/modules/garage/default.nix
Noratrieb f53dfd45bb update
2025-09-28 12:55:44 +02:00

64 lines
1.5 KiB
Nix
Raw Blame History

{ config, pkgs, name, ... }:
let
rpcPort = 3901;
adminPort = 3903;
in
{
age.secrets.garage_secrets.file = ../../secrets/garage_secrets.age;
environment.systemPackages = with pkgs; [
minio-client
];
networking.firewall.interfaces.wg0.allowedTCPPorts = [
rpcPort
adminPort
];
systemd.services.garage.serviceConfig = {
Restart = "on-failure";
};
services.garage = {
enable = true;
package = pkgs.garage_2_1_0;
settings = {
metadata_dir = "/var/lib/garage/meta";
data_dir = "/var/lib/garage/data";
db_engine = "sqlite";
metadata_auto_snapshot_interval = "6h";
replication_factor = 3;
# arbitrary, but a bit higher as disk space matters more than time. she says, cluelessly.
compression-level = 5;
rpc_bind_addr = "[::]:${toString rpcPort}";
rpc_public_addr = "${name}.local:${toString rpcPort}";
s3_api = {
s3_region = "garage";
api_bind_addr = "[::]:3900";
root_domain = ".s3.garage.internal";
};
s3_web = {
bind_addr = "[::]:3902";
root_domain = ".web.garage.internal";
index = "index.html";
};
admin = {
api_bind_addr = "[::]:${toString adminPort}";
};
};
environmentFile = config.age.secrets.garage_secrets.path;
};
services.caddy.virtualHosts."garage.noratrieb.dev" = {
logFormat = "";
extraConfig = ''
encode zstd gzip
reverse_proxy * localhost:3900
'';
};
}
Reference in a new issue View git blame Copy permalink