diff --git a/machines/flake-module.nix b/machines/flake-module.nix index c4d1260..406ddfe 100644 --- a/machines/flake-module.nix +++ b/machines/flake-module.nix @@ -5,9 +5,15 @@ inventory.machines = { crocus = { deploy.targetHost = "root@crocus"; + tags = [ + "garage" + ]; }; genepi = { deploy.targetHost = "root@genepi"; + tags = [ + "garage" + ]; }; }; @@ -78,6 +84,19 @@ }; }; + "garage" = { + module.input = "clan-core"; + module.name = "garage"; + roles.default.tags.garage = { }; + }; + + "garage-config" = { + module.input = "clan-core"; + module.name = "importer"; + roles.default.tags.garage = { }; + roles.default.extraModules = [ ../modules/garage.nix ]; + }; + "trusted-nix-caches" = { module.input = "clan-core"; module.name = "trusted-nix-caches"; diff --git a/modules/garage.nix b/modules/garage.nix new file mode 100644 index 0000000..965ffaa --- /dev/null +++ b/modules/garage.nix @@ -0,0 +1,44 @@ +{ + config, + pkgs, + self, + ... +}: +let + zerotier_interface = "zts7mq7onf"; + zerotier_ip = + self.nixosConfigurations.${config.networking.hostName}.config.clan.core.vars.generators.zerotier.files.zerotier-ip.value; +in +{ + services.garage = { + package = pkgs.garage; + settings = { + metadata_dir = "/var/lib/garage/meta"; + data_dir = "/var/lib/garage/data"; + db_engine = "sqlite"; + + replication_factor = 2; + + rpc_bind_addr = "[${zerotier_ip}]:3901"; + + s3_api = { + api_bind_addr = "127.0.0.1:3900"; + s3_region = "garage"; + root_domain = ".s3.garage.home.rpqt.fr"; + }; + + s3_web = { + bind_addr = "127.0.0.1:3902"; + root_domain = ".web.garage.home.rpqt.fr"; + }; + + admin = { + api_bind_addr = "127.0.0.1:3903"; + }; + }; + }; + + networking.firewall.interfaces.${zerotier_interface} = { + allowedTCPPorts = [ 3901 ]; + }; +}