youthlic/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

module(garage,awscli): Add garage and awscli module

Browse source 
- Add garage module.
- Enable garage module on Tytonidae.
- Add awscli module.
- Enable awscli module on Tytonidae.
This commit is contained in:
ulic-youthlic 2025-06-02 19:34:47 +08:00
parent e65183b4a4
commit bebfd63f40
Signed by: youthlic
GPG key ID: 63E86C3C14A0D721
10 changed files with 121 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
home/david/configurations/Tytonidae/default.nix
View file

@ -33,6 +33,7 @@
kvm.enable = true;
atuin.enable = true;
ion.enable = true;
awscli.enable = true;
};
};

31
home/modules/programs/awscli.nix Normal file
View file

@ -0,0 +1,31 @@
{
config,
lib,
pkgs,
...
}: let
cfg = config.youthlic.programs.awscli;
in {
options = {
youthlic.programs.awscli = {
enable = lib.mkEnableOption "awscli";
};
};
config = lib.mkIf cfg.enable {
sops.secrets."awscli" = {};
programs.awscli = {
enable = true;
credentials = {
default = {
credential_process = "${lib.getExe' pkgs.uutils-coreutils-noprefix "cat"} ${config.sops.secrets.awscli.path}";
};
};
settings = {
default = {
region = "garage";
endpoint_url = "https://s3.youthlic.social";
};
};
};
};
}

1
home/modules/programs/default.nix
View file

@ -16,5 +16,6 @@
./fzf.nix
./eza.nix
./ion.nix
./awscli.nix
];
}

4
nixos/configurations/Cape/default.nix
View file

@ -36,6 +36,10 @@
baseDomain = "youthlic.social";
radicle-explorer.enable = true;
outer-wilds-text-adventure.enable = true;
garage = {
enable = true;
target = "100.73.250.25";
};
};
juicity.server.enable = true;
};

1
nixos/configurations/Tytonidae/default.nix
View file

@ -55,6 +55,7 @@
owncast.enable = true;
wshowkeys.enable = true;
obs.enable = true;
garage.enable = true;
};
};

1
nixos/modules/programs/caddy/default.nix
View file

@ -8,6 +8,7 @@ in {
imports = [
./radicle-explorer.nix
./OuterWildsTextAdventure.nix
./garage.nix
];
options = {
youthlic.programs.caddy = {

32
nixos/modules/programs/caddy/garage.nix Normal file
View file

@ -0,0 +1,32 @@
{
config,
lib,
...
}: let
cfg = config.youthlic.programs.caddy.garage;
caddy-cfg = config.youthlic.programs.caddy;
in {
options = {
youthlic.programs.caddy.garage = {
enable = lib.mkEnableOption "caddy.garage";
target = lib.mkOption {
type = lib.types.str;
example = "127.0.0.1";
};
};
};
config = lib.mkIf (cfg.enable && caddy-cfg.enable) {
services.caddy.virtualHosts = {
"wallpaper.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy ${cfg.target}:8494
'';
};
"s3.${caddy-cfg.baseDomain}" = {
extraConfig = ''
reverse_proxy ${cfg.target}:8491
'';
};
};
};
}

1
nixos/modules/programs/default.nix
View file

@ -28,5 +28,6 @@
./bash.nix
./obs.nix
./sudo-rs.nix
./garage.nix
];
}

45
nixos/modules/programs/garage.nix Normal file
View file

@ -0,0 +1,45 @@
{
pkgs,
lib,
config,
...
}: let
cfg = config.youthlic.programs.garage;
in {
options = {
youthlic.programs.garage = {
enable = lib.mkEnableOption "garage";
};
};
config = lib.mkIf cfg.enable {
sops.secrets."garage" = {
};
services.garage = {
enable = true;
package = pkgs.garage_2;
environmentFile = config.sops.secrets."garage".path;
settings = {
replication_factor = 1;
db_engine = "sqlite";
rpc_bind_addr = "[::]:8490";
use_local_tz = true;
allow_punycode = true;
s3_api = {
s3_region = "garage";
api_bind_addr = "[::]:8491";
root_domain = ".s3.youthlic.social";
};
s3_web = {
root_domain = ".youthlic.social";
bind_addr = "[::]:8494";
};
k2v_api = {
api_bind_addr = "[::]:8493";
};
admin = {
api_bind_addr = "127.0.0.1:8492";
};
};
};
};
}

6
secrets/general.yaml
View file

@ -1,3 +1,5 @@
awscli: ENC[AES256_GCM,data:YoeIPrKEMvjMrF/obs08hqnsVIPO1ojBKQpb+XapH20Rzo1Cw1ytIMf+MMcDLuZqvI8SeEqs0EtjBqqzqA0RvDVOGHWurQlC67MInkDdpN/p5xwTbAQgtv/dV6fKYySQgqG2LaKh6hEPKqNeT0TTW7e7Dd5TbA6em5YppPrKtmJK/8KDyTbCrrBo68bUZUV+WBiu055qXTm3ZA==,iv:d5c1imjlZGRWjrxJS1ibNucwZxoW7nHIXFnlEP51aOo=,tag:OQN5cKd7AqXk+lBqJ6eF+g==,type:str]
garage: ENC[AES256_GCM,data:KEcOZUNa8aBKpp/m1xUZeNdZ4WABC0FnhN3x9hlof3sI0mj8Hm1NZabUgDpiYZPaCuvFwAN+P1cNXkT6DMtEyLeLDfNjuVpFMENAsPSVrBAiRvGhqpuYWjyPboDV/qHc1EnIPO73z7O6tbDfTGze42dIIlROGUtwlr78DCSWZZIR82dDQkcQkik7lc3soAnsYKdEd/93bs8EJPLlOdmmBfV79binI+8VchT/pYhypnaMqxHCK1FOfIo31Fn7Ym6Oqp9T0w+uA4Lkh03RlhWo0oAUbbY=,iv:NtaAeX3td8tEIDoLybjtB8azsHj6JsTw4WPD5jQHaHs=,tag:XqGDWf5+RkCseExHPiszNw==,type:str]
minio: ENC[AES256_GCM,data:rJRE7HAI3t3CFn08mVe3t9slBGJMH2Jzzsrlbs2jkj+5fn3412NqVB8JheVy3+zrTd+09M1uJFZpeWcOkUw=,iv:x+JUOhYkXqLwNOuT5ZZ8JaX+spM/h0zszwun5kF0U3o=,tag:SyscCkZc78PsLAHIyLQ3QQ==,type:str]
rustypaste:
auth: ENC[AES256_GCM,data:DORM12zY0wQQxqBNFYG3oYodhevUJXNjdqJcnyOnuPnZQIsUdEtm4TyNHokUKYoc30s8c6INOFoAB+7210y0dQE3hfg=,iv:Kms90lNPaL5fvQjD31+DZGJf+YQU/tTGLTxrqkvsbDY=,tag:5voNZlwGf2adVQoVqgyRqA==,type:str]
@ -54,7 +56,7 @@ sops:
a1Y1NU9CK2h1SS83VW42bzBMa01yMXMKI1DBtgNlkNCrxUQvnD6a45mQKNfg5gM4
Zb5buo9Jofj4dn/HFwng3T3gxKTrP2Dh74CAH4L0M5yrF9fzk5TCcQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-30T16:32:22Z"
mac: ENC[AES256_GCM,data:UwwvC6a6RRp5ALYhuJyCsRl5NSM8DUnLGsVRPF0Gj43aoMqFAGWioqAaGLhkY2Wdg24rSAKGEBKYL6LHG1ckS/AlCl4QhkuobvkbhWtquCuKQqCn9UfGB6KqKjz7SA74W7OYINkGsPJOLMdIKThbrnFc7WoOjnQw6dlUgyxS32I=,iv:XIivVoeuXyT2CgjfQUMo3dj9jMSGv7KQ9w8zdFBJEPw=,tag:tV9kP8cDpqjtYY7PRifY5Q==,type:str]
lastmodified: "2025-07-03T21:52:43Z"
mac: ENC[AES256_GCM,data:i9I6MZQKqxll4n4puhZ/wqnOFL/9Nvhlyh017bz1S+VApqKLmkf+Rd3LpjV8nAdWpwD3T+sL4VL2OQKN3hofKWo19QZNt1H2YGXNSb3Y6OqG15M5fDCglziWlxu+BIr/sG6NmwPnnlEXfb9qVvSAHjl0OzZyPm7IXxH/IbJITTI=,iv:L178iYVRCBca2yBF7OdDbVt5DBpf6l/H2MIcjxXpzFY=,tag:+v/kj/lLjeVGkt1xiJqZtQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2