Add systemd service to mount garage
This commit is contained in:
parent
424e7ae22c
commit
a6c4828cb6
6 changed files with 38 additions and 4 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -1 +1,3 @@
|
||||||
notes/
|
notes/
|
||||||
|
secrets/*
|
||||||
|
!secrets/*.sample
|
||||||
|
|
|
@ -29,7 +29,7 @@ job "im" {
|
||||||
|
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "litestream/litestream"
|
image = "litestream/litestream:0.3.7"
|
||||||
args = [
|
args = [
|
||||||
"restore", "-config", "/etc/litestream.yml", "/ephemeral/homeserver.db"
|
"restore", "-config", "/etc/litestream.yml", "/ephemeral/homeserver.db"
|
||||||
]
|
]
|
||||||
|
@ -109,7 +109,7 @@ job "im" {
|
||||||
task "replicate-db" {
|
task "replicate-db" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "litestream/litestream"
|
image = "litestream/litestream:0.3.7"
|
||||||
args = [
|
args = [
|
||||||
"replicate", "-config", "/etc/litestream.yml"
|
"replicate", "-config", "/etc/litestream.yml"
|
||||||
]
|
]
|
||||||
|
|
|
@ -176,6 +176,7 @@ in
|
||||||
htop
|
htop
|
||||||
links
|
links
|
||||||
git
|
git
|
||||||
|
rclone
|
||||||
docker
|
docker
|
||||||
docker-compose
|
docker-compose
|
||||||
];
|
];
|
||||||
|
@ -243,6 +244,24 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Mount Garage using Rclone
|
||||||
|
systemd.services.mountgarage = {
|
||||||
|
enable = true;
|
||||||
|
description = "Mount the Garage data store";
|
||||||
|
path = [
|
||||||
|
pkgs.fuse
|
||||||
|
pkgs.rclone
|
||||||
|
];
|
||||||
|
unitConfig = {
|
||||||
|
Type = "simple";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStartPre = "${pkgs.bash}/bin/sh -c \"mkdir -p /mnt/garage-staging; fusermount -u /mnt/garage-staging || exit 0\"";
|
||||||
|
ExecStart = "${pkgs.rclone}/bin/rclone --config /root/rclone.conf mount --vfs-cache-mode full --vfs-cache-max-size 1G --cache-dir /root/mountgarage-cache staging: /mnt/garage-staging";
|
||||||
|
};
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
};
|
||||||
|
|
||||||
# Open ports in the firewall.
|
# Open ports in the firewall.
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -19,10 +19,15 @@ for NIXHOST in $NIXHOSTLIST; do
|
||||||
|
|
||||||
echo "==== DOING $NIXHOST ===="
|
echo "==== DOING $NIXHOST ===="
|
||||||
|
|
||||||
echo "generating NixOS config"
|
echo "Sending NixOS config files"
|
||||||
|
|
||||||
cat configuration.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/configuration.nix > /dev/null
|
cat configuration.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/configuration.nix > /dev/null
|
||||||
cat node/$NIXHOST.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/node.nix > /dev/null
|
cat node/$NIXHOST.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/node.nix > /dev/null
|
||||||
cat node/$NIXHOST.site.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/site.nix > /dev/null
|
cat node/$NIXHOST.site.nix | ssh -F ssh_config $SSH_DEST sudo tee /etc/nixos/site.nix > /dev/null
|
||||||
echo "rebuilding NixOS"
|
|
||||||
|
echo "Sending secret files"
|
||||||
|
test -f secrets/rclone.conf && (cat secrets/rclone.conf | ssh -F ssh_config $SSH_DEST sudo tee /root/rclone.conf > /dev/null)
|
||||||
|
|
||||||
|
echo "Rebuilding NixOS"
|
||||||
ssh -F ssh_config $SSH_DEST sudo nixos-rebuild switch
|
ssh -F ssh_config $SSH_DEST sudo nixos-rebuild switch
|
||||||
done
|
done
|
||||||
|
|
8
secrets/rclone.conf.sample
Normal file
8
secrets/rclone.conf.sample
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
[staging]
|
||||||
|
type = s3
|
||||||
|
provider = Other
|
||||||
|
env_auth = false
|
||||||
|
access_key_id = GK...
|
||||||
|
secret_access_key = ...
|
||||||
|
endpoint = http://127.0.0.1:3990
|
||||||
|
region = garage-staging
|
Loading…
Reference in a new issue