From 374964c7e563b041757b72b7229cae2017b34b78 Mon Sep 17 00:00:00 2001 From: TheWanderingCrow Date: Sun, 9 Feb 2025 00:10:02 -0500 Subject: [PATCH] add attic --- modules/users/overseer/services/attic.nix | 38 +++++++++++++++++++++ modules/users/overseer/services/default.nix | 1 + 2 files changed, 39 insertions(+) create mode 100644 modules/users/overseer/services/attic.nix diff --git a/modules/users/overseer/services/attic.nix b/modules/users/overseer/services/attic.nix new file mode 100644 index 0000000..8eec0a3 --- /dev/null +++ b/modules/users/overseer/services/attic.nix @@ -0,0 +1,38 @@ +{ + lib, + config, + ... +}: +lib.mkIf config.user.overseer.enable { + sops = { + secrets."attic/server_token" = {}; + secrets."aws/access_key" = {}; + secrets."aws/secret_key" = {}; + secrets."aws/region" = {}; + templates."attic-env".content = '' + ATTIC_SERVER_TOKEN_RS256_SECRET_BASE64=${config.sops.placeholder."attic/server_token"} + AWS_ACCESS_KEY_ID=${config.sops.placeholder."aws/access_key"} + AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."aws/secret_key"} + ''; + }; + services.atticd = { + enable = true; + mode = "monolithic"; + environmentFile = config.sops.templates."attic-env".path; + settings = { + listen = "[::]:8080"; + jwt = {}; + chunking = { + nar-size-threshold = 64 * 1024; # 64 KiB + min-size = 16 * 1024; # 16 KiB + avg-size = 64 * 1024; # 64 KiB + max-size = 256 * 1024; # 256 KiB + }; + storage = { + type = "s3"; + region = builtins.readFile config.sops.secrets."aws/region".path; + bucket = "wce-20250209044958802100000001"; + }; + }; + }; +} diff --git a/modules/users/overseer/services/default.nix b/modules/users/overseer/services/default.nix index a79a5db..5edd594 100644 --- a/modules/users/overseer/services/default.nix +++ b/modules/users/overseer/services/default.nix @@ -5,5 +5,6 @@ ./homepage.nix ./bookstack.nix ./grocy.nix + ./attic.nix ]; }