{ config, pkgs, ... }: let domain = "objects.cyplo.dev"; adminDomain = "objects-admin.cyplo.dev"; objectsPort = 10000; adminPort = 10001; in { services.nginx = { virtualHosts = { "${domain}" = { forceSSL = true; enableACME = true; locations."/" = {proxyPass = "http://127.0.0.1:" + toString objectsPort;}; }; "${adminDomain}" = { forceSSL = true; enableACME = true; locations."/" = {proxyPass = "http://127.0.0.1:" + toString adminPort;}; }; }; }; sops.secrets."minio-env" = { sopsFile = ./minio.sops; format = "binary"; }; services.minio = { enable = true; region = "cyplodev"; dataDir = ["/var/lib/minio/data"]; configDir = "/var/lib/minio/config"; listenAddress = ":${toString objectsPort}"; consoleAddress = ":${toString adminPort}"; rootCredentialsFile = "${config.sops.secrets.minio-env.path}"; }; }