{ lib, ... }: {
nixos.systems.object = {
system = "x86_64-linux";
nixpkgs = "mine";
assignments = {
internal = {
name = "object-ctr";
domain = lib.my.colony.domain;
ipv4.address = "${lib.my.colony.start.ctrs.v4}7";
ipv6 = {
iid = "::7";
address = "${lib.my.colony.start.ctrs.v6}7";
};
};
};
configuration = { lib, pkgs, config, assignments, ... }:
let
inherit (lib) mkMerge mkIf;
inherit (lib.my) networkdAssignment;
in
{
config = mkMerge [
{
my = {
deploy.enable = false;
server.enable = true;
secrets = {
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdHbZErWLmTPO/aEWB1Fup/aGMf31Un5Wk66FJwTz/8";
files = {
"object/minio.env" = {};
"object/sharry.conf" = {
owner = "sharry";
group = "sharry";
};
};
};
firewall = {
tcp.allowed = [ 9000 9001 config.services.sharry.config.bind.port ];
};
};
systemd = {
network.networks."80-container-host0" = networkdAssignment "host0" assignments.internal;
services = {
minio = {
environment = {
MINIO_ROOT_USER = "minioadmin";
MINIO_DOMAIN = "s3.nul.ie";
MINIO_SERVER_URL = "https://s3.nul.ie";
MINIO_BROWSER_REDIRECT_URL = "https://minio.nul.ie";
};
};
};
};
services = {
minio = {
enable = true;
region = "eu-central-1";
browser = true;
rootCredentialsFile = config.age.secrets."object/minio.env".path;
dataDir = [ "/mnt/minio" ];
# TODO: Migrate from fs to snsd backend!
package = pkgs.minio_legacy_fs;
};
sharry = {
enable = true;
configOverridesFile = config.age.secrets."object/sharry.conf".path;
config = {
base-url = "https://share.${lib.my.pubDomain}";
bind.address = "[::]";
alias-member-enabled = true;
webapp = {
chunk-size = "64M";
};
backend = {
auth = {
fixed = {
enabled = true;
user = "dev";
};
internal = {
enabled = true;
order = 50;
};
};
jdbc = {
url = "jdbc:postgresql://colony-psql:5432/sharry";
user = "sharry";
};
files = {
default-store = "minio";
stores = {
database.enabled = false;
minio = {
enabled = true;
type = "s3";
endpoint = "https://s3.nul.ie";
access-key = "share";
bucket = "share";
};
};
};
compute-checksum.parallel = 4;
signup.mode = "invite";
share = {
max-size = "128G";
max-validity = "3650 days";
};
mail = {
enabled = true;
smtp = {
host = "mail.nul.ie";
port = 587;
user = "sharry@nul.ie";
ssl-type = "starttls";
default-from = "Sharry <sharry@nul.ie>";
timeout = "30 seconds";
};
};
};
};
};
};
}
(mkIf config.my.build.isDevVM {
virtualisation = {
forwardPorts = [
{ from = "host"; host.port = 9000; guest.port = 9000; }
{ from = "host"; host.port = 9001; guest.port = 9001; }
{ from = "host"; guest.port = config.services.sharry.config.bind.port; }
];
};
})
];
};
};
}