bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

S3: removed unnecessary gateways

Browse source
This commit is contained in:
Filippo Berto 2023-08-15 11:57:26 +02:00
parent a02853e64f
commit f4b2644bd1
No known key found for this signature in database
GPG key ID: FE98AE5EC52B1056
9 changed files with 60 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

3
flake.nix
View file

@ -129,7 +129,6 @@
./modules/nixos/pentablet.nix ./modules/nixos/pentablet.nix
./modules/nixos/steam-link.nix ./modules/nixos/steam-link.nix
./modules/nixos/kdeconnect.nix ./modules/nixos/kdeconnect.nix
./modules/nixos/garage.nix
] ++ homeManagerModules ++ [ ] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./instances/thor/hm.nix; } { home-manager.users.bertof = import ./instances/thor/hm.nix; }
]; ];
@ -154,7 +153,6 @@
./modules/nixos/pentablet.nix ./modules/nixos/pentablet.nix
./modules/nixos/steam-link.nix ./modules/nixos/steam-link.nix
./modules/nixos/kdeconnect.nix ./modules/nixos/kdeconnect.nix
./modules/nixos/garage.nix
] ++ homeManagerModules ++ [ ] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./instances/odin/hm.nix; } { home-manager.users.bertof = import ./instances/odin/hm.nix; }
]; ];
@ -209,7 +207,6 @@
"${nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix" "${nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix"
./modules/nixos/digitalocean.nix ./modules/nixos/digitalocean.nix
./modules/nixos/garage.nix
./modules/nixos/users/tiziano.nix ./modules/nixos/users/tiziano.nix
] ++ homeManagerModules ++ [{ ] ++ homeManagerModules ++ [{
home-manager.users.bertof = import ./instances/baldur/hm.nix; home-manager.users.bertof = import ./instances/baldur/hm.nix;

2
instances/baldur/hm.nix
View file

@ -19,7 +19,7 @@
Wants = [ "network.target" "network-online.target" ]; Wants = [ "network.target" "network-online.target" ];
}; };
Service = { Service = {
ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_baldur_key.path},use_path_request_style,url=http://localhost:3900"; ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3 -o passwd_file=${nixosConfig.age.secrets.garage_bertof_baldur_key.path},use_path_request_style,url=http://freya.local:3900";
Restart = "always"; Restart = "always";
RestartSec = 30; RestartSec = 30;
Type = "exec"; Type = "exec";

2
instances/baldur/hm_tiziano.nix
View file

@ -18,7 +18,7 @@
Wants = [ "network.target" "network-online.target" ]; Wants = [ "network.target" "network-online.target" ];
}; };
Service = { Service = {
ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d tiziano /home/tiziano/s3 -o passwd_file=${nixosConfig.age.secrets.garage_tiziano_baldur_key.path},use_path_request_style,url=http://localhost:3900"; ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d tiziano /home/tiziano/s3 -o passwd_file=${nixosConfig.age.secrets.garage_tiziano_baldur_key.path},use_path_request_style,url=http://freya.local:3900";
Restart = "always"; Restart = "always";
RestartSec = 30; RestartSec = 30;
Type = "exec"; Type = "exec";

3
instances/odin/common_configuration.nix
View file

@ -186,8 +186,7 @@ with lib; {
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = environment.systemPackages = builtins.attrValues { inherit (pkgs) tmux helix vim git ntfs3g; };
builtins.attrValues { inherit (pkgs) tmux helix vim git ntfs3g s3fs; };
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.

31
instances/odin/hm.nix
View file

@ -1,4 +1,4 @@
{ pkgs, nixosConfig, ... }: { { pkgs, ... }: {
home = { home = {
language.base = "it_IT.UTF-8"; language.base = "it_IT.UTF-8";
keyboard = { keyboard = {
@ -42,35 +42,6 @@
''; '';
}; };
systemd.user.services.garage-home-s3-bertof =
let
path = "/home/bertof/s3/bertof";
in
{
Unit = {
After = [ "network.target" "network-online.target" "local-fs.target" ];
# AssertPathIsDirectory = path;
# AssertPathIsReadWrite = path;
Description = "Mount S3 bucket in bertof's home";
StartLimitBurst = 5;
StartLimitInterval = 200;
Wants = [ "network.target" "network-online.target" ];
};
Service = {
ExecStart = pkgs.writeShellScript "garage-home-s3-bertof" ''
set -e
${pkgs.coreutils}/bin/mkdir -p '${path}'
${pkgs.s3fs}/bin/s3fs -f -d bertof ${path} -o passwd_file=${nixosConfig.age.secrets.garage_bertof_odin_key.path},use_path_request_style,url=http://localhost:3900
'';
Restart = "always";
RestartSec = 30;
Type = "exec";
};
Install = {
# WantedBy = [ "default.target" ];
};
};
imports = [ imports = [
../../modules/hm/__basic.nix ../../modules/hm/__basic.nix

23
instances/thor/hm.nix
View file

@ -1,4 +1,4 @@
{ pkgs, nixosConfig, ... }: { { pkgs, ... }: {
home = { home = {
language.base = "it_IT.UTF-8"; language.base = "it_IT.UTF-8";
keyboard = { keyboard = {
@ -31,27 +31,6 @@
}; };
}; };
systemd.user.services.garage-home-s3-bertof = {
Unit = {
After = [ "network.target" "network-online.target" "local-fs.target" ];
AssertPathIsDirectory = "/home/bertof/s3/bertof";
AssertPathIsReadWrite = "/home/bertof/s3/bertof";
Description = "Mount S3 bucket in bertof's home";
StartLimitBurst = 5;
StartLimitInterval = 200;
Wants = [ "network.target" "network-online.target" ];
};
Service = {
ExecStart = "${pkgs.s3fs}/bin/s3fs -f -d bertof /home/bertof/s3/bertof -o passwd_file=${nixosConfig.age.secrets.garage_bertof_thor_key.path},use_path_request_style,url=http://localhost:3900";
Restart = "always";
RestartSec = 30;
Type = "exec";
};
Install = {
WantedBy = [ "default.target" ];
};
};
services = { gnome-keyring.enable = true; }; services = { gnome-keyring.enable = true; };
imports = [ imports = [

1
modules/hm/__basic.nix
View file

@ -23,6 +23,7 @@
./gpg.nix ./gpg.nix
./info.nix ./info.nix
./jq.nix ./jq.nix
./joshuto.nix
./keychain.nix ./keychain.nix
./lf.nix ./lf.nix
./man.nix ./man.nix

50
modules/hm/joshuto.nix Normal file
View file

@ -0,0 +1,50 @@
{ pkgs, ... }:
let tomlGenerate = (pkgs.formats.toml { }).generate; in
{
# TODO: switch to module on next release
home.packages = [ pkgs.unstable_pkgs.joshuto ];
home.shellAliases."fm" = "joshuto --change-directory";
xdg.configFile = {
"johsuto/joshuto.toml".source = tomlGenerate "joshuto.toml" {
scroll_offset = 6;
xdg_open = true;
xdg_open_fork = true;
use_trash = true;
watch_files = true;
display = {
mode = "default";
collapse_preview = true;
column_ratio = [ 1 3 4 ];
show_borders = true;
show_hidden = false;
show_icons = true;
tilde_in_titlebar = true;
line_number_style = "absolute";
linemode = "size";
};
display.sort = {
sort_method = "natural";
case_sensitive = false;
directories_first = true;
reverse = false;
};
search = {
string_case_sensitivity = "insensitive";
glob_case_sensitivity = "sensitive";
fzf_case_sensitivity = "insensitive";
};
tab = {
display_mode = "all";
home_page = "inherit";
};
};
"johsuto/mimetype.toml".source = tomlGenerate "joshuto.toml" {
# xdg_open = true;
# xdg_open_fork = true;
# line_number_style = "absolute";
# tab.home_page = "inherit";
};
};
}

7
modules/nixos/garage.nix
View file

@ -4,6 +4,7 @@
age.secrets.garage_rpc_secret = { file = ../../secrets/garage_rpc_secret.age; owner = "garage"; }; age.secrets.garage_rpc_secret = { file = ../../secrets/garage_rpc_secret.age; owner = "garage"; };
networking.firewall.interfaces."ztmjfdwjkp".allowedTCPPorts = [ networking.firewall.interfaces."ztmjfdwjkp".allowedTCPPorts = [
3900
3901 3901
]; ];
@ -19,17 +20,17 @@
settings = { settings = {
replication_mode = 2; replication_mode = 2;
rpc_secret_file = config.age.secrets.garage_rpc_secret.path; rpc_secret_file = config.age.secrets.garage_rpc_secret.path;
rpc_bind_addr = "[::]:3901"; rpc_bind_addr = "0.0.0.0:3901";
bootstrap_peers = [ ]; bootstrap_peers = [ ];
s3_api = { s3_api = {
api_bind_addr = "[::]:3900"; api_bind_addr = "0.0.0.0:3900";
s3_region = "garage"; s3_region = "garage";
root_domain = ".s3.bertof.net"; root_domain = ".s3.bertof.net";
}; };
s3_web = { s3_web = {
bind_addr = "[::]:3902"; bind_addr = "0.0.0.0:3902";
root_domain = ".web.bertof.net"; root_domain = ".web.bertof.net";
}; };