kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 20:39:18 -08:00
Code Issues Projects Releases Packages Wiki Activity
nixfiles/services/minio.nix
kat 61a4117362
fix: misc minio fixes
2022-10-06 10:19:53 -07:00

42 lines
1.3 KiB
Nix
Raw Blame History

{ config, lib, tf, ... }: let
inherit (lib.modules) mkIf mkDefault;
inherit (lib.options) mkEnableOption;
inherit (lib.attrsets) mapAttrs' genAttrs nameValuePair;
cfg = config.services.minio;
in {
options.services.minio.isNAS = mkEnableOption "NAS lack of defaults";
config = {
secrets = {
variables = mapAttrs' (name: value: nameValuePair "minio-${name}-key" value) (genAttrs ["access" "secret"] (name: {
path = "gensokyo/minio";
field = "${name}-key";
}));
files = {
minio-root-credentials = {
text = ''
MINIO_ROOT_USER=${tf.variables.minio-access-key.ref}
MINIO_ROOT_PASSWORD=${tf.variables.minio-secret-key.ref}
'';
owner = "minio";
group = "minio";
};
};
};
systemd.tmpfiles.rules = mkIf (!cfg.isNAS) [
"v /minio 700 minio minio"
];
services = {
minio = {
region = config.services.cockroachdb.locality;
enable = true;
dataDir = lib.optional (!cfg.isNAS) "/minio";
listenAddress = "${config.networks.tailscale.ipv4}:9000";
consoleAddress = "${config.networks.tailscale.ipv4}:9001";
rootCredentialsFile = config.secrets.files.minio-root-credentials.path;
};
};
};
}
Reference in a new issue View git blame Copy permalink