From b779a8a3fe6a4b9077b9bb3ff0c4cabf5e48d5e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= Date: Sun, 1 Jan 2023 18:37:49 +0000 Subject: [PATCH] move objects store to bolty --- nixos/boxes/bolty/default.nix | 19 ++++------- nixos/boxes/{vpsfree1 => bolty}/minio.sops | 0 nixos/boxes/bolty/nix-store-server.nix | 22 +++++++++++++ nixos/boxes/vpsfree1/nix-store-server.nix | 38 ---------------------- 4 files changed, 29 insertions(+), 50 deletions(-) rename nixos/boxes/{vpsfree1 => bolty}/minio.sops (100%) create mode 100644 nixos/boxes/bolty/nix-store-server.nix delete mode 100644 nixos/boxes/vpsfree1/nix-store-server.nix diff --git a/nixos/boxes/bolty/default.nix b/nixos/boxes/bolty/default.nix index 94305bae..769e47e6 100644 --- a/nixos/boxes/bolty/default.nix +++ b/nixos/boxes/bolty/default.nix @@ -1,24 +1,19 @@ -{ - config, - pkgs, - inputs, - lib, - ... -}: { +{ config, pkgs, inputs, lib, ... }: { imports = [ - ./bolty-boot.nix - ./real-hardware.nix ../cli.nix + ./bolty-boot.nix ./home-assistant.nix ./matrix-server.nix + ./nix-store-server.nix ./print-server.nix + ./real-hardware.nix ./restic-server.nix ./woodpecker-agent.nix ]; - boot.binfmt.emulatedSystems = ["aarch64-linux"]; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; programs.ccache.enable = true; networking.hostName = "bolty"; - boot.kernelModules = ["kvm_amd"]; + boot.kernelModules = [ "kvm_amd" ]; virtualisation = { libvirtd = { enable = true; @@ -32,7 +27,7 @@ virt-viewer lm_sensors ]; - networking.firewall.allowedTCPPorts = [5900]; + networking.firewall.allowedTCPPorts = [ 5900 ]; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; security.allowUserNamespaces = true; diff --git a/nixos/boxes/vpsfree1/minio.sops b/nixos/boxes/bolty/minio.sops similarity index 100% rename from nixos/boxes/vpsfree1/minio.sops rename to nixos/boxes/bolty/minio.sops diff --git a/nixos/boxes/bolty/nix-store-server.nix b/nixos/boxes/bolty/nix-store-server.nix new file mode 100644 index 00000000..e0662865 --- /dev/null +++ b/nixos/boxes/bolty/nix-store-server.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: +let + objectsPort = 10000; + adminPort = 10001; +in { + sops.secrets."minio-env" = { + sopsFile = ./minio.sops; + format = "binary"; + }; + + networking.firewall.allowedTCPPorts = [ objectsPort adminPort ]; + + services.minio = { + enable = true; + region = "cyplodev"; + dataDir = [ "/var/lib/minio/data" ]; + configDir = "/var/lib/minio/config"; + listenAddress = ":${toString objectsPort}"; + consoleAddress = ":${toString adminPort}"; + rootCredentialsFile = "${config.sops.secrets.minio-env.path}"; + }; +} diff --git a/nixos/boxes/vpsfree1/nix-store-server.nix b/nixos/boxes/vpsfree1/nix-store-server.nix deleted file mode 100644 index 1e8d18e9..00000000 --- a/nixos/boxes/vpsfree1/nix-store-server.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - pkgs, - ... -}: let - domain = "objects.cyplo.dev"; - adminDomain = "objects-admin.cyplo.dev"; - objectsPort = 10000; - adminPort = 10001; -in { - services.nginx = { - virtualHosts = { - "${domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = {proxyPass = "http://127.0.0.1:" + toString objectsPort;}; - }; - "${adminDomain}" = { - forceSSL = true; - enableACME = true; - locations."/" = {proxyPass = "http://127.0.0.1:" + toString adminPort;}; - }; - }; - }; - sops.secrets."minio-env" = { - sopsFile = ./minio.sops; - format = "binary"; - }; - services.minio = { - enable = true; - region = "cyplodev"; - dataDir = ["/var/lib/minio/data"]; - configDir = "/var/lib/minio/config"; - listenAddress = ":${toString objectsPort}"; - consoleAddress = ":${toString adminPort}"; - rootCredentialsFile = "${config.sops.secrets.minio-env.path}"; - }; -}