Migrate danflix to hetzner
This commit is contained in:
@@ -3,21 +3,21 @@
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
mountdir = "/var/media/dungflix";
|
||||
mountdir = "/var/media/danflix";
|
||||
|
||||
rclone_config = pkgs.writeText "" ''
|
||||
[dungflix]
|
||||
type = b2
|
||||
[danflix-storage-box]
|
||||
type = sftp
|
||||
|
||||
[dungflix-vault]
|
||||
[danflix-crypto]
|
||||
type = crypt
|
||||
remote = dungflix:dungflix-bucket
|
||||
remote = danflix-storage-box:danflix
|
||||
'';
|
||||
in {
|
||||
age.secrets = {
|
||||
dungflix_bucket_account_id.file = ../../secrets/dungflix_bucket_account_id.age;
|
||||
dungflix_bucket_account_key.file = ../../secrets/dungflix_bucket_account_key.age;
|
||||
dungflix_crypt_remote_obscured_pass.file = ../../secrets/dungflix_crypt_remote_obscured_pass.age;
|
||||
danflix_storage_box_crypt_obscured_pw.file = ../../secrets/danflix_storage_box_crypt_obscured_pw.age;
|
||||
danflix_hetzner_storage_box_pub_key.file = ../../secrets/danflix_hetzner_storage_box_pub_key.age;
|
||||
danflix_env_file.file = ../../secrets/danflix_env_file.age;
|
||||
};
|
||||
|
||||
services = {
|
||||
@@ -40,27 +40,27 @@ in {
|
||||
MemoryMax = "1G";
|
||||
};
|
||||
|
||||
systemd.services.dungflix-mount = {
|
||||
description = "Mount the Backblaze B2 media store";
|
||||
systemd.services.danflix-mount = {
|
||||
description = "Mount the Hetzner Storage Box media store";
|
||||
wantedBy = ["multi-user.target"];
|
||||
path = [pkgs.fuse3];
|
||||
preStart = ''
|
||||
mkdir -p -m 777 ${mountdir}
|
||||
'';
|
||||
environment = {
|
||||
"RCLONE_SFTP_KEY_FILE" = config.age.secrets.danflix_hetzner_storage_box_pub_key.path;
|
||||
};
|
||||
script = ''
|
||||
export RCLONE_B2_ACCOUNT=''$(cat ${config.age.secrets.dungflix_bucket_account_id.path})
|
||||
export RCLONE_B2_KEY=''$(cat ${config.age.secrets.dungflix_bucket_account_key.path})
|
||||
export RCLONE_CRYPT_PASSWORD=''$(cat ${config.age.secrets.dungflix_crypt_remote_obscured_pass.path})
|
||||
${pkgs.rclone}/bin/rclone --config="${rclone_config}" mount dungflix-vault: ${mountdir} \
|
||||
--transfers 32 \
|
||||
--vfs-cache-mode full \
|
||||
--vfs-cache-max-age 336h \
|
||||
--vfs-cache-max-size 120G \
|
||||
--allow-other \
|
||||
--no-modtime \
|
||||
--rc \
|
||||
--rc-no-auth \
|
||||
-vv
|
||||
${pkgs.rclone}/bin/rclone --config="${rclone_config}" mount danflix-crypto: ${mountdir} \
|
||||
--vfs-cache-mode full \
|
||||
--vfs-cache-max-age 336h \
|
||||
--vfs-cache-max-size 60G \
|
||||
--allow-other \
|
||||
--no-modtime \
|
||||
--rc \
|
||||
--rc-addr=localhost:5573 \
|
||||
--rc-no-auth \
|
||||
-v
|
||||
'';
|
||||
postStart = ''
|
||||
sleep 5
|
||||
@@ -71,6 +71,7 @@ in {
|
||||
fusermount -u ${mountdir}
|
||||
'';
|
||||
serviceConfig = {
|
||||
EnvironmentFile = config.age.secrets.danflix_env_file.path;
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
@@ -29,15 +29,15 @@
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "caddy";
|
||||
scrape_interval = "15s";
|
||||
static_configs = [
|
||||
{
|
||||
targets = ["localhost:2019"];
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "caddy";
|
||||
scrape_interval = "15s";
|
||||
static_configs = [
|
||||
{
|
||||
targets = ["localhost:2019"];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
@@ -29,13 +29,13 @@ in {
|
||||
|
||||
services.matrix-synapse = {
|
||||
enable = true;
|
||||
sliding-sync = {
|
||||
enable = true;
|
||||
environmentFile = config.age.secrets.sliding_sync_env_file.path;
|
||||
settings = {
|
||||
SYNCV3_SERVER = "http://localhost:8008";
|
||||
};
|
||||
};
|
||||
sliding-sync = {
|
||||
enable = true;
|
||||
environmentFile = config.age.secrets.sliding_sync_env_file.path;
|
||||
settings = {
|
||||
SYNCV3_SERVER = "http://localhost:8008";
|
||||
};
|
||||
};
|
||||
settings = {
|
||||
enable_metrics = true;
|
||||
server_name = "broccoli.town";
|
||||
|
||||
Reference in New Issue
Block a user