From 0f12e5577a44c5c5fb305310ebd18843a4cc29d8 Mon Sep 17 00:00:00 2001
From: m3tam3re <m@m3tam3re.com>
Date: Tue, 28 Mar 2023 12:03:26 +0200
Subject: [PATCH] + minio

---
 flake.lock                             |  18 +++++++++---------
 home/features/coding/emacs.nix         |   1 +
 hosts/lkk-nix-1/default.nix            |   8 ++++++++
 hosts/lkk-nix-1/services/#netbird.nix# |   5 -----
 hosts/lkk-nix-1/services/minio.nix     |   9 +++++++++
 hosts/lkk-nix-1/services/n8n.nix       |   3 +++
 hosts/lkk-nix-1/services/traefik.nix   |  11 +++++++++++
 secrets.nix                            |   2 ++
 secrets/minio-root-cred.age            | Bin 0 -> 804 bytes
 9 files changed, 43 insertions(+), 14 deletions(-)
 delete mode 100644 hosts/lkk-nix-1/services/#netbird.nix#
 create mode 100644 hosts/lkk-nix-1/services/minio.nix
 create mode 100644 secrets/minio-root-cred.age

diff --git a/flake.lock b/flake.lock
index 8532861..f435b4f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -85,11 +85,11 @@
         "utils": "utils_2"
       },
       "locked": {
-        "lastModified": 1678729503,
-        "narHash": "sha256-j+h4Bdqbe+qjzhxdhkRmVgSx2lxJ8HnKeYcAhhnd1zM=",
+        "lastModified": 1679992839,
+        "narHash": "sha256-q3mABQYZeIvznM4tjfcgN4pxI2uJ5HkPF47TZODlNdU=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "24c1a6335e3da6a3ecf82f33ac50c2ad66aee346",
+        "rev": "deb2f59b5c1fd11bec00600517ba7f51984c3090",
         "type": "github"
       },
       "original": {
@@ -116,11 +116,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1678654296,
-        "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=",
+        "lastModified": 1679865578,
+        "narHash": "sha256-sYQmxxqIYL3QFsRYjW0AufhGur8qWfwoOGPGHRJZlGc=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b",
+        "rev": "4361baa782dc3d3b35fd455a1adc370681d9187c",
         "type": "github"
       },
       "original": {
@@ -148,11 +148,11 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1678703398,
-        "narHash": "sha256-Y1mW3dBsoWLHpYm+UIHb5VZ7rx024NNHaF16oZBx++o=",
+        "lastModified": 1679878071,
+        "narHash": "sha256-7U5sTaebhjtlTYQI+q1FrbS2YXAhEsbLIcqirQ/kXJk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "67f26c1cfc5d5783628231e776a81c1ade623e0b",
+        "rev": "44302d48a0b26421d23ee375ade3e47f9aab21df",
         "type": "github"
       },
       "original": {
diff --git a/home/features/coding/emacs.nix b/home/features/coding/emacs.nix
index 3b0ede7..b7ecef1 100644
--- a/home/features/coding/emacs.nix
+++ b/home/features/coding/emacs.nix
@@ -76,6 +76,7 @@
       epkgs.org-download
       epkgs.org-gcal
       epkgs.org-ql
+      epkgs.org-present
       epkgs.org-roam
       epkgs.org-roam-ui
       epkgs.pass
diff --git a/hosts/lkk-nix-1/default.nix b/hosts/lkk-nix-1/default.nix
index 06d26ff..a9be04e 100644
--- a/hosts/lkk-nix-1/default.nix
+++ b/hosts/lkk-nix-1/default.nix
@@ -43,11 +43,19 @@
         mode = "770";
         owner = "traefik";
       };
+
+      minio-root-cred = {
+        file = ../../secrets/minio-root-cred.age;
+        mode = "770";
+        owner = "minio";
+      };
+
       searx-environmentFile = {
         file = ../../secrets/searx-environmentFile.age;
         mode = "770";
         owner = "searx";
       };
+
       wg-easy-environmentFile = {
         file = ../../secrets/wg-easy-environmentFile.age;
         mode = "770";
diff --git a/hosts/lkk-nix-1/services/#netbird.nix# b/hosts/lkk-nix-1/services/#netbird.nix#
deleted file mode 100644
index 9296743..0000000
--- a/hosts/lkk-nix-1/services/#netbird.nix#
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-  services.netbird = {
-    enable = true;
-  };
-}
\ No newline at end of file
diff --git a/hosts/lkk-nix-1/services/minio.nix b/hosts/lkk-nix-1/services/minio.nix
new file mode 100644
index 0000000..a648547
--- /dev/null
+++ b/hosts/lkk-nix-1/services/minio.nix
@@ -0,0 +1,9 @@
+{ config, ... }: {
+
+  services.minio = {
+    enable = true;
+    region = "eu-central-1";
+    rootCredentialsFile = config.age.secrets.minio-root-cred.path;
+    dataDir = [ "/var/backup/s3" ];
+  };
+}
diff --git a/hosts/lkk-nix-1/services/n8n.nix b/hosts/lkk-nix-1/services/n8n.nix
index 216d903..46f7b1a 100644
--- a/hosts/lkk-nix-1/services/n8n.nix
+++ b/hosts/lkk-nix-1/services/n8n.nix
@@ -11,4 +11,7 @@
   systemd.services.n8n.environment = {
     BILLBEE_API_KEY = config.age.secrets.billbee-api-key.path; # TODO env file for systemd service
   };
+  systemd.services.traefik.serviceConfig = {
+    EnvironmentFile="${config.age.secrets.traefik-env.path}";
+  };
 }
diff --git a/hosts/lkk-nix-1/services/traefik.nix b/hosts/lkk-nix-1/services/traefik.nix
index 1aa3d89..61dd9f6 100644
--- a/hosts/lkk-nix-1/services/traefik.nix
+++ b/hosts/lkk-nix-1/services/traefik.nix
@@ -81,6 +81,8 @@
             [{ url = "http://localhost:3012/"; }];
           syncthing.loadBalancer.servers =
             [{ url = "http://localhost:8384/"; }];
+          minio.loadBalancer.servers =
+            [{ url = "http://localhost:9000/"; }];
         };
         routers = {
           api = {
@@ -141,6 +143,15 @@
             service = "matomo";
             entrypoints = "websecure";
           };
+          minio = {
+            rule = "Host(`s3.lanakk.com`)";
+            tls = {
+              certResolver = "godaddy";
+              domains = "s3.lanakk.com";
+            };
+            service = "matomo";
+            entrypoints = "websecure";
+          };
           searx = {
             rule = "Host(`search.lanakk.com`)";
             tls = {
diff --git a/secrets.nix b/secrets.nix
index 7cb6af3..1c84dd8 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -19,4 +19,6 @@ in {
   "littlelink-m3tam3re-env.age".publicKeys = [ root ];
 
   "traefik-env.age".publicKeys = [ root ];
+
+  "minio-root-cred.age".publicKeys = [ root ];
 }
diff --git a/secrets/minio-root-cred.age b/secrets/minio-root-cred.age
new file mode 100644
index 0000000000000000000000000000000000000000..4fca41112efdbb9205238da56091a1956487de77
GIT binary patch
literal 804
zcmWlXxvSfD0D$x8QUq<6(jk+Vl7MinTYeBi<x7@zTDL`W$g(V1mUSOLyYPlL1TqF*
zARRh{Kp^eb(xG(dSSW4!rjk7&OR{8WLOS*JANYpv``p0q`iWQUvucwjU!+CQYfz|r
zy;GK9w<z7tXdaL07UGjpU()IRgkRAb5>hETwbWeI6&@XmEMDOaie$9X2gDw8YS-Fe
zu!n78LKkqP9HRoHnmk^q<skNu*p`(@RAD&Vio=`?@-^p0BiXjS4X~WF@FJY>_e_HJ
zK*a6H7Fj6b5@K5yZO8atu7;GUl{;Trxi%9f+;CA&QgIDrN2$2k;Mi<I<D~jXi)Zp-
zI^bl5oJ3&(<?ivUg@YJ`O%m0#4ttGglDz2HnqGU$$)@yuzO+g^@5gM;+mW_zD4F5c
zD6Kl`T!JJv$H_z5w3)N8^V$Ib2R=cFgvY>1W(*G@!ja6OmGI1}kBP89aV6EHLQ@eU
zh4Or8g|^Zd5fX!TM6KQT=FKi%3Mo5H5obZdGUhb6Q83%4Vy#FS>f9dJ%~4R#8C}dt
zcLkM)U91+kl7$;zW*vh~=fMS!KF%5}W<}b9D}whBj>a0R9js_;q(^-_g$+s=+C*(Z
znohE;J2x;O$g8C<iQ3jJorpH(6SfBgn~qVp)DbO5`ip=8$r5Nxh-a#Trjc@(=FtCZ
znBAc8-O}$|zu6gN{s8;(q;tdV3_XZkA8<|{^|FOO6RG4P^CVnh(@ew2rf#Zwh3ng8
zqis2$N4%%RL|RBQI@;OkICB}O+wFFG7nU)d=JRs1OERz)jD0;PDx<F0-gd;TBUMp}
z5T2=R3VnLI|2V>Wf4=|v?q6R`-rWj6`u(3P&u`<uJSmjvqtDM?oI_8Y&wl;)=!aL|
zo}av)UJY)s-?aBWyhKg^@KtmB_tE|Qrz`QDYu}xPZ-4ycg9lfCd-L$<GWh=4rI*>y
N(&^);)Xj77@;`)#7s>zt

literal 0
HcmV?d00001