storage server for media & updates
This commit is contained in:
Chaos
parent
5efb7ad372
commit
4508af4787
24
flake.lock
24
flake.lock
|
|
@ -9,11 +9,11 @@
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668453806,
|
"lastModified": 1668797197,
|
||||||
"narHash": "sha256-rDyF0essyFdCIo336gI6nPjWhjoczGn701D1JID5wl8=",
|
"narHash": "sha256-0w6iD3GSSQbIeSFVDzAAQZB+hDq670ZTms3d9XI+BtM=",
|
||||||
"owner": "serokell",
|
"owner": "serokell",
|
||||||
"repo": "deploy-rs",
|
"repo": "deploy-rs",
|
||||||
"rev": "be40823735bbdc40c1f6b7725c8b74d5a85d8023",
|
"rev": "2a3c5f70eee04a465aa534d8bd4fcc9bb3c4a8ce",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -100,11 +100,11 @@
|
||||||
"utils": "utils_3"
|
"utils": "utils_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668332334,
|
"lastModified": 1668900402,
|
||||||
"narHash": "sha256-YT1qcE/MCqBO1Bi/Yr6GcFpNKsvmzrBKh8juyXDbxQc=",
|
"narHash": "sha256-IhVlueHoQNoN0SOHZIceKU3LyEL00g2ei0aUlaNypbQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "bc90de24d898655542589237cc0a6ada7564cb6c",
|
"rev": "c0f9cbcf93ca22e4f0ca66843be61a4bdf6f0a44",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -137,11 +137,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668596599,
|
"lastModified": 1668765800,
|
||||||
"narHash": "sha256-rhHyZTGI31/OfgYa9xF49UTchDXTI94pEsSNa0fOkpk=",
|
"narHash": "sha256-rC40+/W6Hio7b/RsY8SvQPKNx4WqNcTgfYv8cUMAvJk=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "b457130e8a21608675ddf12c7d85227b22a27112",
|
"rev": "52b2ac8ae18bbad4374ff0dd5aeee0fdf1aea739",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -153,11 +153,11 @@
|
||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668680510,
|
"lastModified": 1668923022,
|
||||||
"narHash": "sha256-5O/8cXku2/JxY3AglxnzWRb3I8kFZSQRh3YHLeegYA8=",
|
"narHash": "sha256-95GW/QXMczzMZ0wSz/rRGQwi2nx5BVi0qSI6aGG4OrY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "6970572e6143893eab37a8aacfe9dd872d48a867",
|
"rev": "43fd9acff9fe06264ff2c045ec95cb3078c80352",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,12 @@
|
||||||
{ }: {
|
{ }: {
|
||||||
rclone_serve_webdav_main = 4242;
|
rclone_serve_webdav_main = 4242;
|
||||||
rclone_serve_webdav_music_ro = 4243;
|
rclone_serve_webdav_media = 4243;
|
||||||
|
rclone_serve_webdav_music_ro = 4244;
|
||||||
|
|
||||||
rclone_serve_restic_hvm = 4244;
|
rclone_serve_restic_hvm = 4245;
|
||||||
rclone_serve_restic_music = 4245;
|
rclone_serve_restic_music = 4246;
|
||||||
rclone_serve_restic_vault = 4246;
|
rclone_serve_restic_vault = 4247;
|
||||||
|
|
||||||
rclone_serve_http_music = 4247;
|
|
||||||
rclone_serve_http_public = 4248;
|
|
||||||
|
|
||||||
|
rclone_serve_http_music = 4248;
|
||||||
|
rclone_serve_http_public = 4249;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,12 @@ let
|
||||||
secrets = config.services.secrets.secrets;
|
secrets = config.services.secrets.secrets;
|
||||||
ports = (import ../ports.nix { });
|
ports = (import ../ports.nix { });
|
||||||
in {
|
in {
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d /caches - storage storage"
|
||||||
|
"d /caches/main_webdav_serve - storage storage"
|
||||||
|
"d /caches/media_webdav_serve - storage storage"
|
||||||
|
];
|
||||||
|
|
||||||
services.rclone-serve = let
|
services.rclone-serve = let
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
after = [ "secrets-init.service" ];
|
after = [ "secrets-init.service" ];
|
||||||
|
|
@ -24,6 +30,19 @@ in {
|
||||||
];
|
];
|
||||||
inherit serviceConfig;
|
inherit serviceConfig;
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
user = "storage";
|
||||||
|
remote = "Media-Combine-Serve:";
|
||||||
|
type = "webdav";
|
||||||
|
extraArgs = [
|
||||||
|
"--addr=:${toString ports.rclone_serve_webdav_media}"
|
||||||
|
"--htpasswd=${secrets.webdav_media_htpasswd.path}"
|
||||||
|
"--baseurl=/media/"
|
||||||
|
"--cache-dir=/caches/media_webdav_serve"
|
||||||
|
"--vfs-cache-mode=full"
|
||||||
|
];
|
||||||
|
inherit serviceConfig;
|
||||||
|
}
|
||||||
{
|
{
|
||||||
user = "storage";
|
user = "storage";
|
||||||
remote = "StorageBox:Music";
|
remote = "StorageBox:Music";
|
||||||
|
|
@ -101,6 +120,8 @@ in {
|
||||||
locations = {
|
locations = {
|
||||||
"/main/".proxyPass =
|
"/main/".proxyPass =
|
||||||
"http://localhost:${toString ports.rclone_serve_webdav_main}";
|
"http://localhost:${toString ports.rclone_serve_webdav_main}";
|
||||||
|
"/media/".proxyPass =
|
||||||
|
"http://localhost:${toString ports.rclone_serve_webdav_media}";
|
||||||
"/music_ro/".proxyPass =
|
"/music_ro/".proxyPass =
|
||||||
"http://localhost:${toString ports.rclone_serve_webdav_music_ro}";
|
"http://localhost:${toString ports.rclone_serve_webdav_music_ro}";
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -59,4 +59,15 @@ hard_delete = true
|
||||||
|
|
||||||
[B2-Phoenix-Cryptidz-Storage]
|
[B2-Phoenix-Cryptidz-Storage]
|
||||||
type = alias
|
type = alias
|
||||||
remote = B2-Phoenix-Cryptidz-Storage-Source:
|
remote = B2-Phoenix-Cryptidz-Storage-Source:
|
||||||
|
|
||||||
|
[PutIO-WebDAV]
|
||||||
|
type = webdav
|
||||||
|
url = https://webdav.put.io
|
||||||
|
vendor = nextcloud
|
||||||
|
user = chaoticryptidz
|
||||||
|
pass = PUTIO_PASSWORD
|
||||||
|
|
||||||
|
[Media-Combine-Serve]
|
||||||
|
type = combine
|
||||||
|
upstreams = "Media=StorageBox:Media" "PutIO=PutIO-WebDAV:"
|
||||||
|
|
@ -67,6 +67,16 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
webdav_media_htpasswd = {
|
||||||
|
user = "storage";
|
||||||
|
group = "storage";
|
||||||
|
fetchScript = ''
|
||||||
|
username=$(simple_get "/api-keys/storage/webdav/media" .username)
|
||||||
|
password=$(simple_get "/api-keys/storage/webdav/media" .password)
|
||||||
|
htpasswd -bc "$secretFile" "$username" "$password" 2>&1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
rclone_config = {
|
rclone_config = {
|
||||||
user = "storage";
|
user = "storage";
|
||||||
group = "storage";
|
group = "storage";
|
||||||
|
|
@ -85,6 +95,10 @@
|
||||||
simple_get_replace_b2 "/api-keys/backblaze/Chaos-Music" "B2_CHAOS_MUSIC" ./template
|
simple_get_replace_b2 "/api-keys/backblaze/Chaos-Music" "B2_CHAOS_MUSIC" ./template
|
||||||
simple_get_replace_b2 "/api-keys/backblaze/Phoenix-Cryptidz-Storage" "B2_PHOENIX_CRYPTIDZ_STORAGE" ./template
|
simple_get_replace_b2 "/api-keys/backblaze/Phoenix-Cryptidz-Storage" "B2_PHOENIX_CRYPTIDZ_STORAGE" ./template
|
||||||
|
|
||||||
|
PUTIO_PASSWORD="token/$(simple_get /api-keys/putio .oauth_token)"
|
||||||
|
PUTIO_PASSWORD="$(rclone obscure "$PUTIO_PASSWORD")"
|
||||||
|
sed -i "s/PUTIO_PASSWORD/$PUTIO_PASSWORD/" ./template
|
||||||
|
|
||||||
cp ./template $secretFile
|
cp ./template $secretFile
|
||||||
|
|
||||||
popd
|
popd
|
||||||
|
|
|
||||||
|
|
@ -22,9 +22,6 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
"d /caches - storage storage"
|
|
||||||
"d /caches/main_webdav_serve - storage storage"
|
|
||||||
|
|
||||||
"d /root/.config - root root"
|
"d /root/.config - root root"
|
||||||
"d /root/.config/rclone - root root"
|
"d /root/.config/rclone - root root"
|
||||||
"L /root/.config/rclone/rclone.conf - - - - ${secrets.rclone_config.path}"
|
"L /root/.config/rclone/rclone.conf - - - - ${secrets.rclone_config.path}"
|
||||||
|
|
|
||||||
|
|
@ -4,9 +4,9 @@
|
||||||
"sha256": "sha256-EU6T9yQCdOLx98Io8o01rEsgxDFF/Xoy42LgPopD2/A="
|
"sha256": "sha256-EU6T9yQCdOLx98Io8o01rEsgxDFF/Xoy42LgPopD2/A="
|
||||||
},
|
},
|
||||||
"invidious": {
|
"invidious": {
|
||||||
"rev": "47cc26cb3c5862e6ae96f89882ee08c6a8185672",
|
"rev": "516efd2df3f7d242c2d1df416053b4991a554116",
|
||||||
"sha256": "sha256-0Cb1Qsn6vnrzd4pZm1GZxlVQNn5dYKUR/xWMCG37GSk=",
|
"sha256": "sha256-0Cb1Qsn6vnrzd4pZm1GZxlVQNn5dYKUR/xWMCG37GSk=",
|
||||||
"version": "unstable-2022-11-16"
|
"version": "unstable-2022-11-17"
|
||||||
},
|
},
|
||||||
"lsquic": {
|
"lsquic": {
|
||||||
"sha256": "sha256-hG8cUvhbCNeMOsKkaJlgGpzUrIx47E/WhmPIdI5F3qM=",
|
"sha256": "sha256-hG8cUvhbCNeMOsKkaJlgGpzUrIx47E/WhmPIdI5F3qM=",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue