forked from Deuxfleurs/nixcfg
Remove mount garage using rclone systemd service
This commit is contained in:
parent
7d486b3907
commit
02ed668286
4 changed files with 10 additions and 30 deletions
|
@ -11,6 +11,10 @@ output.elasticsearch:
|
|||
username: "apm"
|
||||
password: "{{ key "secrets/telemetry/elastic_passwords/apm" }}"
|
||||
|
||||
instrumentation:
|
||||
enabled: true
|
||||
environment: staging
|
||||
|
||||
logging:
|
||||
level: warning
|
||||
to_stderr: true
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
[staging]
|
||||
type = s3
|
||||
provider = Other
|
||||
env_auth = false
|
||||
access_key_id = GK...
|
||||
secret_access_key = ...
|
||||
endpoint = http://127.0.0.1:3990
|
||||
region = garage-staging
|
|
@ -38,6 +38,10 @@
|
|||
"vm.max_map_count" = 262144;
|
||||
};
|
||||
|
||||
services.journald.extraConfig = ''
|
||||
SystemMaxUse=1G
|
||||
'';
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
@ -72,24 +76,6 @@
|
|||
|
||||
# ---- CONFIG FOR DEUXFLEURS CLUSTER ----
|
||||
|
||||
# Mount Garage using Rclone
|
||||
systemd.services.mountgarage = {
|
||||
enable = false;
|
||||
description = "Mount the Garage data store";
|
||||
path = [
|
||||
pkgs.fuse
|
||||
pkgs.rclone
|
||||
];
|
||||
unitConfig = {
|
||||
Type = "simple";
|
||||
};
|
||||
serviceConfig = {
|
||||
ExecStartPre = "${pkgs.bash}/bin/sh -c \"mkdir -p /mnt/garage-staging; fusermount -u /mnt/garage-staging || exit 0\"";
|
||||
ExecStart = "${pkgs.rclone}/bin/rclone --config /root/rclone.conf mount --vfs-cache-mode full --vfs-cache-max-size 1G --cache-dir /root/mountgarage-cache staging: /mnt/garage-staging";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
|
|
|
@ -46,8 +46,8 @@ for NIXHOST in $NIXHOSTLIST; do
|
|||
cat cluster/$CLUSTER/node/$NIXHOST.site.nix | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/site.nix > /dev/null
|
||||
|
||||
echo "Sending secret files"
|
||||
for SECRET in rclone.conf \
|
||||
pki/consul-ca.crt pki/consul$YEAR.crt pki/consul$YEAR.key pki/consul$YEAR-client.crt pki/consul$YEAR-client.key \
|
||||
for SECRET in pki/consul-ca.crt pki/consul$YEAR.crt pki/consul$YEAR.key \
|
||||
pki/consul$YEAR-client.crt pki/consul$YEAR-client.key \
|
||||
pki/nomad-ca.crt pki/nomad$YEAR.crt pki/nomad$YEAR.key; do
|
||||
test -f cluster/$CLUSTER/secrets/$SECRET && (cat cluster/$CLUSTER/secrets/$SECRET | ssh -F $SSH_CONFIG $SSH_DEST tee $TMP_PATH/$SECRET > /dev/null)
|
||||
done
|
||||
|
@ -62,8 +62,6 @@ mv deuxfleurs.nix remote-unlock.nix configuration.nix cluster.nix node.nix site.
|
|||
|
||||
nixos-rebuild switch
|
||||
|
||||
test -f rclone.conf && (mv rclone.conf /root; chmod 600 /root/rclone.conf)
|
||||
|
||||
mkdir -p /var/lib/nomad/pki /var/lib/consul/pki
|
||||
|
||||
if [ -f pki/consul-ca.crt ]; then
|
||||
|
|
Loading…
Add table
Reference in a new issue