57 lines
1.4 KiB
Nix
57 lines
1.4 KiB
Nix
{ config, pkgs, lib, inputs, ... }: {
|
|
imports = [
|
|
inputs.attic.nixosModules.atticd
|
|
];
|
|
age.secrets.attic.file = ../../../secrets/attic.env.age;
|
|
|
|
services.nginx.virtualHosts."cache.yori.cc" = {
|
|
onlySSL = true;
|
|
useACMEHost = "wildcard.yori.cc";
|
|
locations."/" = {
|
|
proxyPass = "http://[::]:8091";
|
|
recommendedProxySettings = true;
|
|
};
|
|
extraConfig = ''
|
|
client_max_body_size 8000M;
|
|
proxy_request_buffering off;
|
|
proxy_read_timeout 600s;
|
|
'';
|
|
};
|
|
services.atticd = {
|
|
enable = true;
|
|
credentialsFile = config.age.secrets.attic.path;
|
|
settings = {
|
|
storage = {
|
|
type = "local";
|
|
path = "/attic";
|
|
};
|
|
database.url = "postgresql:///atticd";
|
|
listen = "[::]:8091";
|
|
chunking = {
|
|
nar-size-threshold = 128 * 1024;
|
|
min-size = 32 * 1024;
|
|
avg-size = 128 * 1024;
|
|
max-size = 512 * 1024;
|
|
};
|
|
};
|
|
};
|
|
systemd.tmpfiles.rules = with config.services.atticd; [
|
|
"d /attic 0770 ${user} ${group}"
|
|
];
|
|
users.users.${config.services.atticd.user} = {
|
|
isSystemUser = true;
|
|
createHome = false;
|
|
group = config.services.atticd.group;
|
|
};
|
|
users.groups.${config.services.atticd.group} = {};
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_15;
|
|
ensureDatabases = [ "atticd" ];
|
|
ensureUsers = [ {
|
|
name = "atticd";
|
|
ensureDBOwnership = true;
|
|
} ];
|
|
};
|
|
}
|