dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos: Add Sharry file sharing service

Browse Source
This commit is contained in:
Jack O'Sullivan 2022-11-20 18:41:49 +00:00
parent 0038d9c987
commit d01078dc7b
7 changed files with 124 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
flake.lock generated
View File

@ -109,6 +109,21 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_3": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager-stable": { "home-manager-stable": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -239,7 +254,30 @@
"nixpkgs-mine": "nixpkgs-mine", "nixpkgs-mine": "nixpkgs-mine",
"nixpkgs-mine-stable": "nixpkgs-mine-stable", "nixpkgs-mine-stable": "nixpkgs-mine-stable",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable" "nixpkgs-unstable": "nixpkgs-unstable",
"sharry": "sharry"
}
},
"sharry": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1668965316,
"narHash": "sha256-ZIVZBbLhn40A29iF75H/g5N8OuZo9e6OQPZLmstVLvQ=",
"owner": "devplayer0",
"repo": "sharry",
"rev": "a539318cebdeb82bb47100ff4288764d0e6014a8",
"type": "github"
},
"original": {
"owner": "devplayer0",
"ref": "nix-module-improvements",
"repo": "sharry",
"type": "github"
} }
}, },
"utils": { "utils": {

4
flake.nix
View File

@ -25,6 +25,10 @@
# Stuff used by systems # Stuff used by systems
#impermanence.url = "github:nix-community/impermanence"; #impermanence.url = "github:nix-community/impermanence";
impermanence.url = "github:devplayer0/impermanence/qemu-vm-dirs"; impermanence.url = "github:devplayer0/impermanence/qemu-vm-dirs";
# Packages not in nixpkgs
sharry.url = "github:devplayer0/sharry/nix-module-improvements";
sharry.inputs.nixpkgs.follows = "nixpkgs-unstable";
}; };
outputs = outputs =

9
nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
View File

@ -357,6 +357,15 @@ in
]; ];
useACMEHost = lib.my.pubDomain; useACMEHost = lib.my.pubDomain;
}; };
"share.${lib.my.pubDomain}" = {
locations."/" = {
proxyPass = "http://object-ctr.${config.networking.domain}:9090";
proxyWebsockets = true;
extraConfig = lib.my.nginx.proxyHeaders;
};
useACMEHost = lib.my.pubDomain;
};
}; };
minio = minio =

73
nixos/boxes/colony/vms/shill/containers/object.nix
View File

@ -29,11 +29,17 @@
secrets = { secrets = {
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdHbZErWLmTPO/aEWB1Fup/aGMf31Un5Wk66FJwTz/8"; key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdHbZErWLmTPO/aEWB1Fup/aGMf31Un5Wk66FJwTz/8";
files."minio.env" = {}; files = {
"object/minio.env" = {};
"object/sharry.conf" = {
owner = "sharry";
group = "sharry";
};
};
}; };
firewall = { firewall = {
tcp.allowed = [ 9000 9001 ]; tcp.allowed = [ 9000 9001 config.services.sharry.config.bind.port ];
}; };
}; };
@ -56,9 +62,69 @@
enable = true; enable = true;
region = "eu-central-1"; region = "eu-central-1";
browser = true; browser = true;
rootCredentialsFile = config.age.secrets."minio.env".path; rootCredentialsFile = config.age.secrets."object/minio.env".path;
dataDir = [ "/mnt/minio" ]; dataDir = [ "/mnt/minio" ];
}; };
sharry = {
enable = true;
configOverridesFile = config.age.secrets."object/sharry.conf".path;
config = {
base-url = "https://share.${lib.my.pubDomain}";
bind.address = "[::]";
alias-member-enabled = true;
webapp = {
chunk-size = "64M";
};
backend = {
auth = {
fixed = {
enabled = true;
user = "dev";
};
internal = {
enabled = true;
order = 50;
};
};
jdbc = {
url = "jdbc:postgresql://colony-psql:5432/sharry";
user = "sharry";
};
files = {
default-store = "minio";
stores = {
database.enabled = false;
minio = {
enabled = true;
type = "s3";
endpoint = "https://s3.nul.ie";
access-key = "share";
bucket = "share";
};
};
};
compute-checksum.parallel = 4;
signup.mode = "invite";
share = {
max-size = "128G";
max-validity = "3650 days";
};
mail = {
enabled = true;
smtp = {
host = "mail.nul.ie";
port = 587;
user = "sharry@nul.ie";
ssl-type = "starttls";
default-from = "Sharry <sharry@nul.ie>";
timeout = "30 seconds";
};
};
};
};
};
}; };
} }
(mkIf config.my.build.isDevVM { (mkIf config.my.build.isDevVM {
@ -66,6 +132,7 @@
forwardPorts = [ forwardPorts = [
{ from = "host"; host.port = 9000; guest.port = 9000; } { from = "host"; host.port = 9000; guest.port = 9000; }
{ from = "host"; host.port = 9001; guest.port = 9001; } { from = "host"; host.port = 9001; guest.port = 9001; }
{ from = "host"; guest.port = config.services.sharry.config.bind.port; }
]; ];
}; };
}) })

2
nixos/modules/common.nix
View File

@ -17,6 +17,7 @@ in
imports = [ imports = [
inputs.impermanence.nixosModule inputs.impermanence.nixosModule
inputs.agenix.nixosModules.age inputs.agenix.nixosModules.age
inputs.sharry.nixosModules.default
]; ];
config = mkMerge [ config = mkMerge [
@ -71,6 +72,7 @@ in
nixpkgs = { nixpkgs = {
overlays = [ overlays = [
inputs.deploy-rs.overlay inputs.deploy-rs.overlay
inputs.sharry.overlays.default
]; ];
config = { config = {
allowUnfree = true; allowUnfree = true;

0
secrets/minio.env.age → secrets/object/minio.env.age
View File

BIN
secrets/object/sharry.conf.age Normal file
View File

Binary file not shown.