bring back garage

make it work with my fork
nixvim dont remap gt
2025-01-11 23:17:37 -05:00 · 2025-01-11 22:50:00 -05:00
9 changed files with 111 additions and 1 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -98,3 +98,8 @@ creation_rules:
      - age:
          - *chunk
          - *cy
+  - path_regex: secrets/services/garage.yaml
+    key_groups:
+      - age:
+          - *chunk
+          - *cy
--- a/flake.lock
+++ b/flake.lock
@ -422,6 +422,22 @@
        "type": "github"
      }
    },
+    "nixpkgs-garage": {
+      "locked": {
+        "lastModified": 1736655158,
+        "narHash": "sha256-1ZVtf+4BvqJrGGXBQEjAxjKWSaoySVt46un4pN1zH5g=",
+        "owner": "cything",
+        "repo": "nixpkgs",
+        "rev": "b7bc158e553db4031ce6242e341e64e1023ec86a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cything",
+        "ref": "garage-module",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1710695816,
@ -525,6 +541,7 @@
        "nixpkgs": "nixpkgs",
        "nixpkgs-borg": "nixpkgs-borg",
        "nixpkgs-btrbk": "nixpkgs-btrbk",
+        "nixpkgs-garage": "nixpkgs-garage",
        "nixvim": "nixvim",
        "sops-nix": "sops-nix",
        "treefmt": "treefmt"
--- a/flake.nix
+++ b/flake.nix
@ -31,6 +31,7 @@
    nixpkgs-borg.url = "github:cything/nixpkgs/borg"; # unmerged PR
    nixpkgs-btrbk.url = "github:cything/nixpkgs/btrbk"; # unmerged PR
    eza.url = "github:nixos/nixpkgs/d722e8ce81cf103280ce1ff65accb3fc25cbd2ba";
+    nixpkgs-garage.url = "github:cything/nixpkgs/garage-module";
  };

  nixConfig = {
@ -142,10 +143,14 @@
            modules = [
              {
                nixpkgs = { inherit pkgs; };
+                disabledModules = [
+                  "services/web-servers/garage.nix"
+                ];
              }
              ./hosts/chunk
              inputs.sops-nix.nixosModules.sops
              ./modules
+              (inputs.nixpkgs-garage + "/nixos/modules/services/web-servers/garage.nix")
            ];
          };

--- a/home/nixvim/default.nix
+++ b/home/nixvim/default.nix
@ -140,7 +140,8 @@
        "K" = "hover";
        "gd" = "definition";
        "gD" = "references";
-        "gt" = "type_definition";
+        # "gt" = "type_definition"; # conflicts with switch tab
+        "gI" = "type_definition";
        "gi" = "implementation";
      };
      servers = {
--- a/hosts/chunk/Caddyfile
+++ b/hosts/chunk/Caddyfile
@ -77,3 +77,13 @@ cache.cything.io {
  import common
  reverse_proxy localhost:8090
 }
+
+s3.cy7.sh {
+  import common
+  reverse_proxy localhost:3900
+}
+
+admin.s3.cy7.sh {
+  import common
+  reverse_proxy localhost:3903
+}
--- a/hosts/chunk/default.nix
+++ b/hosts/chunk/default.nix
@ -25,6 +25,7 @@
    ./element.nix
    ./attic.nix
    ./forgejo.nix
+    ./garage.nix
  ];

  sops.age.keyFile = "/root/.config/sops/age/keys.txt";
@ -65,6 +66,10 @@
    "attic/env" = {
      sopsFile = ../../secrets/services/attic.yaml;
    };
+
+    "garage/env" = {
+      sopsFile = ../../secrets/services/garage.yaml;
+    };
  };

  boot.loader.grub.enable = true;
--- a/hosts/chunk/garage.nix
+++ b/hosts/chunk/garage.nix
@ -0,0 +1,18 @@
+{config, pkgs, ...}: {
+  services.garage = {
+    enable = true;
+    package = pkgs.garage;
+    settings = {
+      data_dir = "/mnt/garage";
+      s3_api = {
+        s3_region = "earth";
+        api_bind_addr = "[::]:3900";
+      };
+      admin.api_bind_addr = "[::]:3903";
+      rpc_bind_addr = "[::]:3901";
+      replication_factor = 1;
+      db_engine = "lmdb";
+    };
+    environmentFile = config.sops.secrets."garage/env".path;
+  };
+}
--- a/hosts/chunk/rclone.nix
+++ b/hosts/chunk/rclone.nix
@ -38,5 +38,23 @@
      ExecStop = "${lib.getExe' pkgs.fuse "fusermount"} -u /mnt/attic";
    };
  };
+
+  systemd.services.garage-mount = {
+    enable = true;
+    description = "Mount the garage data remote";
+    requires = [ "network-online.target" ];
+    after = [ "network-online.target" ];
+    requiredBy = [ "garage.service" ];
+    before = [ "garage.service" ];
+    serviceConfig = {
+      Type = "notify";
+      ExecStartPre = "/usr/bin/env mkdir -p /mnt/garage";
+      ExecStart = "${lib.getExe pkgs.rclone} mount --config ${
+        config.sops.secrets."rclone/config".path
+      } --cache-dir /var/cache/rclone --transfers=32 --checkers=32 --vfs-cache-mode writes --vfs-cache-max-size 5G --allow-other rsyncnet:garage /mnt/garage ";
+      ExecStop = "${lib.getExe' pkgs.fuse "fusermount"} -u /mnt/garage";
+    };
+  };
+
  programs.fuse.userAllowOther = true;
 }
--- a/secrets/services/garage.yaml
+++ b/secrets/services/garage.yaml
@ -0,0 +1,31 @@
+garage:
+    env: ENC[AES256_GCM,data:miNp4SJ9xuMXSEIJYCZFWM96enAh8uwCxv0ySn2Jbp5V4Iso2uZ2R9dXqSS7y60pRq+bbXPYbBxBnmb+fhjvB7TdCLPom9CKSY8zMI7n/p1IE4qUFvzCG4ejV6BIsh/887BjzAx1UNcRG/9eUNcMfTu58wQwKmIzr1iu5pD+IlLHa+0/orpZKssQ2Ba1hMwLOAXp,iv:zgkGikunB4zQ4CfGgEd1DmLgYpEREJhoX4oT/zK3mI8=,tag:ohpZWF/lPHQc010mteJZDw==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1eg6sxflw6l44fp20sl068sampwd95fm0mnh4ssegrhtktgm50ptqcuspyn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIemdMVVE4alZ2MElWeUpj
+            TjNhL2VYL2dwMmN0VzJxVGwzWHgvbm82QWtjCk1pem5SdzFpR0dRci80emo1VlVu
+            VWtWMVpoN2M4NUphcTgxeTB6aU83bjAKLS0tIGlJanA1TFBnaE9PTmRnQWVidE53
+            elRZaFVaZ1VTRU1MbWlqSkJNZG1oRW8K8IupEpJzC0CJGpxSTssiFrQgdHAzCW4I
+            IlvYdZkUou/6km5OMnsFqhqEqIjAwVuJ08YiNzAv67ZzTG0ThD133A==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age10h6pg5qdpc4t0rpmksfv788a57f04n83zgqaezkjjn65nkhv547s0vxfdn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiemRZRmF1NWozM1RFS2Z2
+            bld5V0lTS3V1OW1SU0VaR2IzZjJmbEtJVkhjCnBVKzFYUXYveGdkSTVmbzRldGRo
+            eVAxWXQ1TzczVjZiQ2NsUEk3YmhGNk0KLS0tIG04d0FDYXF1MU5ab3ZMTmpCUWNa
+            WTQ3dWs4enQrc2F3K3AvMUQvWEh6RDgKxJl3ftSpIrK+45LzjX9gIy41Lv+bcZsV
+            7rriUhKAtaCXsQcO6Povif7zJyCROYhC0sgpRhmMKoN76TAH3zxvag==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-01-08T20:44:32Z"
+    mac: ENC[AES256_GCM,data:rVv9sNYb9Fttm5IjonAZBmcrCqC1cAp2sjMJDZ3JMt+YeyiCUI6jsXSGAc3pgP+7vvaTvDvdNwlAa5axxA72omE4eAK+9me0RLI75vA4UGrh3KiB4qrHK6H6qMUFg92uhKFo+uhtxERIV5/HSwbZPBT2R0pbSSQzTKk5U9UuJsY=,iv:CRSEqphlBsHwPvwXlTQui5U4fsXWgWnZ+8KYFAyVRlg=,tag:82mxRsp5uCo235jzJNK8LQ==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.2
Author	SHA1	Message	Date
cy	396886a028	bring back garage make it work with my fork	2025-01-11 23:17:37 -05:00
cy	0dd68a7d25	nixvim dont remap gt	2025-01-11 22:50:00 -05:00