about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEmile <git@emile.space>2024-08-03 13:33:52 +0200
committerEmile <git@emile.space>2024-08-03 13:33:52 +0200
commitdcfc18774fe2d4207c2996b2d16ea67499b70228 (patch)
treece47dc856535e4339d01f6339a666764e41b1fdc
parent285644fbb46f6d8ff21acbe28f16b7b5b70ddd9b (diff)
(corrino): s3.emile.space init
-rw-r--r--nix/hosts/corrino/configuration.nix1
-rw-r--r--nix/hosts/corrino/ports.nix4
-rw-r--r--nix/hosts/corrino/secrets/minio_root_credz.age7
-rw-r--r--nix/hosts/corrino/www/s3.emile.space.nix39
4 files changed, 51 insertions, 0 deletions
diff --git a/nix/hosts/corrino/configuration.nix b/nix/hosts/corrino/configuration.nix
index f6dc404..d23b6bf 100644
--- a/nix/hosts/corrino/configuration.nix
+++ b/nix/hosts/corrino/configuration.nix
@@ -32,6 +32,7 @@ in {
       ./www/md.emile.space.nix
       ./www/social.emile.space.nix
       ./www/sso.emile.space.nix
+      ./www/s3.emile.space.nix
 
       ./www/ctf.emile.space.nix
       # ./www/magic-hash.emile.space.nix
diff --git a/nix/hosts/corrino/ports.nix b/nix/hosts/corrino/ports.nix
index 3dcf72a..6be514d 100644
--- a/nix/hosts/corrino/ports.nix
+++ b/nix/hosts/corrino/ports.nix
@@ -15,6 +15,10 @@
 		magic-hash = 8339;
 		tickets = 8349;
 		talks = 8350;
+		minio = {
+			s3 = 9000;
+			web = 9001;
+		};
 		authelia = 9091;
 		prometheus = 9003;
 		gitDaemon = 9418;
diff --git a/nix/hosts/corrino/secrets/minio_root_credz.age b/nix/hosts/corrino/secrets/minio_root_credz.age
new file mode 100644
index 0000000..3e0e4ad
--- /dev/null
+++ b/nix/hosts/corrino/secrets/minio_root_credz.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 gvwQ2Q 005KgOqy4V/8DaENCRb0dcyzQPdF9RPuKLh0K/qlVwo
+BaHM2MxYXr+23dqGDtn4ozSLUy9PEfWSsZWB5x7ryJU
+-> ssh-ed25519 m8VklA ax7m3QQEK6oJ+md8yEhlGOrcviitxGZDdXuHBQGKqwQ
+bmc1WeVILBXko8dwrjTWlEr8H0YnTo7TXWxc+q/N9QU
+--- 0hc9UBB5gmaV+QXetWAbkqLbd7oRrvgi5oct6AqT540
+.PCښz_]ە[E{:{WPkkLD;gI7LI嗄)rrN]xcL=	8tؗÒbס[k
\ No newline at end of file
diff --git a/nix/hosts/corrino/www/s3.emile.space.nix b/nix/hosts/corrino/www/s3.emile.space.nix
new file mode 100644
index 0000000..f1300f7
--- /dev/null
+++ b/nix/hosts/corrino/www/s3.emile.space.nix
@@ -0,0 +1,39 @@
+{ config, ... }:
+
+{
+  services.nginx.virtualHosts."s3.emile.space" = {
+    forceSSL = true;
+    enableACME = true;
+    locations = {
+      "/" = {
+        proxyPass = "http://[::1]:${toString config.emile.ports.minio.s3}";
+      };
+    };
+  };
+
+  services.nginx.virtualHosts."s3-web.emile.space" = {
+    forceSSL = true;
+    enableACME = true;
+    locations = {
+      "/" = {
+        proxyPass = "http://[::1]:${toString config.emile.ports.minio.web}";
+      };
+    };
+  };
+
+	services.minio = {
+		enable = true;
+		region = "eu-north-1-hel-1a"; # corrino is in the helsinki hetzner dc
+
+		listenAddress = "[::1]:${toString config.emile.ports.minio.s3}";
+
+		browser = true;
+		consoleAddress = "[::1]:${toString config.emile.ports.minio.web}";
+
+		dataDir = [ "/minio/data" ];
+		configDir = "/minio/config";
+
+		rootCredentialsFile = config.age.secrets.minio_root_credz.path;
+		# accessKey
+	};
+}