move objects store to bolty

2023-01-01 18:37:49 +00:00 · 2023-01-01 18:37:49 +00:00 · b779a8a3fe
commit b779a8a3fe
parent c609ffe7ac
4 changed files with 29 additions and 50 deletions
--- a/nixos/boxes/bolty/default.nix
+++ b/nixos/boxes/bolty/default.nix
@ -1,24 +1,19 @@
-{
-  config,
-  pkgs,
-  inputs,
-  lib,
-  ...
-}: {
+{ config, pkgs, inputs, lib, ... }: {
  imports = [
-    ./bolty-boot.nix
-    ./real-hardware.nix
    ../cli.nix
+    ./bolty-boot.nix
    ./home-assistant.nix
    ./matrix-server.nix
+    ./nix-store-server.nix
    ./print-server.nix
+    ./real-hardware.nix
    ./restic-server.nix
    ./woodpecker-agent.nix
  ];
-  boot.binfmt.emulatedSystems = ["aarch64-linux"];
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
  programs.ccache.enable = true;
  networking.hostName = "bolty";
-  boot.kernelModules = ["kvm_amd"];
+  boot.kernelModules = [ "kvm_amd" ];
  virtualisation = {
    libvirtd = {
      enable = true;
@ -32,7 +27,7 @@
    virt-viewer
    lm_sensors
  ];
-  networking.firewall.allowedTCPPorts = [5900];
+  networking.firewall.allowedTCPPorts = [ 5900 ];
  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";

  security.allowUserNamespaces = true;
--- a/nixos/boxes/vpsfree1/minio.sops
+++ b/nixos/boxes/vpsfree1/minio.sops
--- a/nixos/boxes/bolty/nix-store-server.nix
+++ b/nixos/boxes/bolty/nix-store-server.nix
@ -0,0 +1,22 @@
+{ config, pkgs, ... }:
+let
+  objectsPort = 10000;
+  adminPort = 10001;
+in {
+  sops.secrets."minio-env" = {
+    sopsFile = ./minio.sops;
+    format = "binary";
+  };
+
+  networking.firewall.allowedTCPPorts = [ objectsPort adminPort ];
+
+  services.minio = {
+    enable = true;
+    region = "cyplodev";
+    dataDir = [ "/var/lib/minio/data" ];
+    configDir = "/var/lib/minio/config";
+    listenAddress = ":${toString objectsPort}";
+    consoleAddress = ":${toString adminPort}";
+    rootCredentialsFile = "${config.sops.secrets.minio-env.path}";
+  };
+}
--- a/nixos/boxes/vpsfree1/nix-store-server.nix
+++ b/nixos/boxes/vpsfree1/nix-store-server.nix
@ -1,38 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: let
-  domain = "objects.cyplo.dev";
-  adminDomain = "objects-admin.cyplo.dev";
-  objectsPort = 10000;
-  adminPort = 10001;
-in {
-  services.nginx = {
-    virtualHosts = {
-      "${domain}" = {
-        forceSSL = true;
-        enableACME = true;
-        locations."/" = {proxyPass = "http://127.0.0.1:" + toString objectsPort;};
-      };
-      "${adminDomain}" = {
-        forceSSL = true;
-        enableACME = true;
-        locations."/" = {proxyPass = "http://127.0.0.1:" + toString adminPort;};
-      };
-    };
-  };
-  sops.secrets."minio-env" = {
-    sopsFile = ./minio.sops;
-    format = "binary";
-  };
-  services.minio = {
-    enable = true;
-    region = "cyplodev";
-    dataDir = ["/var/lib/minio/data"];
-    configDir = "/var/lib/minio/config";
-    listenAddress = ":${toString objectsPort}";
-    consoleAddress = ":${toString adminPort}";
-    rootCredentialsFile = "${config.sops.secrets.minio-env.path}";
-  };
-}