yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

clanModules: add garage module

Browse Source 
The garage module sets up backups for metadata automatically and
generates keys needed for deployment automatically.

What is still needed in a distributed deployment is sharing of the
generated rpc keys with other garage instances.
This commit is contained in:
a-kenji
2024-08-14 15:50:28 +02:00
parent 8084211fe4
commit f12c268110
4 changed files with 53 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
clanModules/garage/default.nix Normal file
View File

@@ -0,0 +1,33 @@
{ config, pkgs, ... }:
{
systemd.services.garage.serviceConfig = {
LoadCredential = [
"rpc_secret_path:${config.clan.core.vars.generators.garage.files.rpc_secret.path}"
"admin_token_path:${config.clan.core.vars.generators.garage.files.admin_token.path}"
"metrics_token_path:${config.clan.core.vars.generators.garage.files.metrics_token.path}"
];
Environment = [
"GARAGE_ALLOW_WORLD_READABLE_SECRETS=true"
"GARAGE_RPC_SECRET_FILE=%d/rpc_secret_path"
"GARAGE_ADMIN_TOKEN_FILE=%d/admin_token_path"
"GARAGE_METRICS_TOKEN_FILE=%d/metrics_token_path"
];
};
clan.core.vars.generators.garage = {
files.rpc_secret = { };
files.admin_token = { };
files.metrics_token = { };
runtimeInputs = [
pkgs.coreutils
pkgs.openssl
];
script = ''
openssl rand -hex -out $out/rpc_secret 32
openssl rand -base64 -out $out/admin_token 32
openssl rand -base64 -out $out/metrics_token 32
'';
};
clan.core.state.garage.folders = [ config.services.garage.settings.metadata_dir ];
}