Remove mount garage using rclone systemd service

This commit is contained in:
Alex 2022-02-27 14:18:43 +01:00
parent 7d486b3907
commit 02ed668286
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
4 changed files with 10 additions and 30 deletions

View file

@ -11,6 +11,10 @@ output.elasticsearch:
username: "apm" username: "apm"
password: "{{ key "secrets/telemetry/elastic_passwords/apm" }}" password: "{{ key "secrets/telemetry/elastic_passwords/apm" }}"
instrumentation:
enabled: true
environment: staging
logging: logging:
level: warning level: warning
to_stderr: true to_stderr: true

View file

@ -1,8 +0,0 @@
[staging]
type = s3
provider = Other
env_auth = false
access_key_id = GK...
secret_access_key = ...
endpoint = http://127.0.0.1:3990
region = garage-staging

View file

@ -38,6 +38,10 @@
"vm.max_map_count" = 262144; "vm.max_map_count" = 262144;
}; };
services.journald.extraConfig = ''
SystemMaxUse=1G
'';
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -72,24 +76,6 @@
# ---- CONFIG FOR DEUXFLEURS CLUSTER ---- # ---- CONFIG FOR DEUXFLEURS CLUSTER ----
# Mount Garage using Rclone
systemd.services.mountgarage = {
enable = false;
description = "Mount the Garage data store";
path = [
pkgs.fuse
pkgs.rclone
];
unitConfig = {
Type = "simple";
};
serviceConfig = {
ExecStartPre = "${pkgs.bash}/bin/sh -c \"mkdir -p /mnt/garage-staging; fusermount -u /mnt/garage-staging || exit 0\"";
ExecStart = "${pkgs.rclone}/bin/rclone --config /root/rclone.conf mount --vfs-cache-mode full --vfs-cache-max-size 1G --cache-dir /root/mountgarage-cache staging: /mnt/garage-staging";
};
wantedBy = [ "multi-user.target" ];
};
# Open ports in the firewall. # Open ports in the firewall.
networking.firewall = { networking.firewall = {
enable = true; enable = true;

View file

@ -46,8 +46,8 @@ for NIXHOST in $NIXHOSTLIST; do
cat cluster/$CLUSTER/node/$NIXHOST.site.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/site.nix > /dev/null cat cluster/$CLUSTER/node/$NIXHOST.site.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/site.nix > /dev/null
echo "Sending secret files" echo "Sending secret files"
for SECRET in rclone.conf \ for SECRET in pki/consul-ca.crt pki/consul$YEAR.crt pki/consul$YEAR.key \
pki/consul-ca.crt pki/consul$YEAR.crt pki/consul$YEAR.key pki/consul$YEAR-client.crt pki/consul$YEAR-client.key \ pki/consul$YEAR-client.crt pki/consul$YEAR-client.key \
pki/nomad-ca.crt pki/nomad$YEAR.crt pki/nomad$YEAR.key; do pki/nomad-ca.crt pki/nomad$YEAR.crt pki/nomad$YEAR.key; do
test -f cluster/$CLUSTER/secrets/$SECRET && (cat cluster/$CLUSTER/secrets/$SECRET | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/$SECRET > /dev/null) test -f cluster/$CLUSTER/secrets/$SECRET && (cat cluster/$CLUSTER/secrets/$SECRET | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/$SECRET > /dev/null)
done done
@ -62,8 +62,6 @@ mv deuxfleurs.nix remote-unlock.nix configuration.nix cluster.nix node.nix site.
nixos-rebuild switch nixos-rebuild switch
test -f rclone.conf && (mv rclone.conf /root; chmod 600 /root/rclone.conf)
mkdir -p /var/lib/nomad/pki /var/lib/consul/pki mkdir -p /var/lib/nomad/pki /var/lib/consul/pki
if [ -f pki/consul-ca.crt ]; then if [ -f pki/consul-ca.crt ]; then