os/hosts/chonk/garage.nix
Hendrik Sokolowski 6c7d9704bd
All checks were successful
continuous-integration/drone/push Build is passing
latest changes
2023-11-11 01:24:25 +01:00

41 lines
905 B
Nix

{ pkgs, config, lib, self, ... }:
{
age.secrets.garage_rpc_token = {
file = "${self}/secrets/chonk_garage_rpc_secret.age";
owner = "garage";
group = "garage";
};
networking.firewall.interfaces.wg0.allowedTCPPorts = [ 3900 3901 ];
users.groups.garage = {};
users.users.garage = {
group = "garage";
isSystemUser = true;
};
# overwrite dynamicuser
systemd.services.garage.serviceConfig = {
User = "garage";
Group = "garage";
DynamicUser = false;
StateDirectory = lib.mkForce null;
};
services.garage = {
enable = true;
package = pkgs.garage_0_8;
settings = {
replication_mode = "1";
rpc_bind_addr = "[::]:3901";
rpc_secret_file = config.age.secrets.garage_rpc_token.path;
s3_api = {
api_bind_addr = "[::]:3900";
s3_region = "garage";
root_domain = ".s3.gssws.de";
};
};
};
}