services.garage -> fediversity.garage

for the options that are ours; we want to avoid clashes if possible
2025-02-14 16:25:52 +01:00 · 2025-02-14 16:25:52 +01:00 · d9188427ed
commit d9188427ed
parent b68a821b77
9 changed files with 81 additions and 86 deletions
--- a/services/fediversity/garage/default.nix
+++ b/services/fediversity/garage/default.nix
@ -7,7 +7,6 @@ let
  };
 in
 # TODO: expand to a multi-machine setup
 {
  config,
  lib,
@ -66,7 +65,7 @@ let
        garage bucket deny --read --write --owner ${bucketArg} --key tmp
      ''}
    '';
-  ensureBucketsScript = concatMapAttrs ensureBucketScriptFn cfg.ensureBuckets;
+  ensureBucketsScript = concatMapAttrs ensureBucketScriptFn config.fediversity.garage.ensureBuckets;
  ensureAccessScriptFn =
    key: bucket:
    {
@ -90,7 +89,7 @@ let
      garage key import --yes -n ${escapeShellArg key} ${escapeShellArg id} ${escapeShellArg secret} || :
      ${concatMapAttrs (ensureAccessScriptFn key) ensureAccess}
    '';
-  ensureKeysScript = concatMapAttrs ensureKeyScriptFn cfg.ensureKeys;
+  ensureKeysScript = concatMapAttrs ensureKeyScriptFn config.fediversity.garage.ensureKeys;
 in
 {
@ -149,7 +148,7 @@ in
      mapAttrs' (bucket: _: {
        name = fedicfg.web.domainForBucket bucket;
        inherit value;
-      }) (filterAttrs (_: { website, ... }: website) cfg.ensureBuckets);
+      }) (filterAttrs (_: { website, ... }: website) config.fediversity.garage.ensureBuckets);
    systemd.services.ensure-garage = {
      after = [ "garage.service" ];
--- a/services/fediversity/garage/options.nix
+++ b/services/fediversity/garage/options.nix
@ -5,8 +5,7 @@ let
 in
 {
-  options = {
+  options.fediversity.garage = {
    services.garage = {
    ensureBuckets = mkOption {
      type = types.attrsOf (
        types.submodule {
@ -40,6 +39,7 @@ in
      );
      default = { };
    };
    ensureKeys = mkOption {
      type = types.attrsOf (
        types.submodule {
@ -76,5 +76,4 @@ in
      default = { };
    };
  };
  };
 }
--- a/services/fediversity/mastodon.nix
+++ b/services/fediversity/mastodon.nix
@ -9,7 +9,7 @@ in
 lib.mkIf (config.fediversity.enable && config.fediversity.mastodon.enable) {
  #### garage setup
-  services.garage = {
+  fediversity.garage = {
    ensureBuckets = {
      mastodon = {
        website = true;
--- a/services/fediversity/peertube.nix
+++ b/services/fediversity/peertube.nix
@ -17,7 +17,7 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
    1936
  ];
-  services.garage = {
+  fediversity.garage = {
    ensureBuckets = {
      peertube-videos = {
        website = true;
--- a/services/fediversity/pixelfed.nix
+++ b/services/fediversity/pixelfed.nix
@ -13,7 +13,7 @@ in
 }:
 lib.mkIf (config.fediversity.enable && config.fediversity.pixelfed.enable) {
-  services.garage = {
+  fediversity.garage = {
    ensureBuckets = {
      pixelfed = {
        website = true;
--- a/services/tests/mastodon.nix
+++ b/services/tests/mastodon.nix
@ -69,8 +69,8 @@ pkgs.nixosTest {
          expect
        ];
        environment.variables = {
-          AWS_ACCESS_KEY_ID = config.services.garage.ensureKeys.mastodon.id;
+          AWS_ACCESS_KEY_ID = config.fediversity.garage.ensureKeys.mastodon.id;
-          AWS_SECRET_ACCESS_KEY = config.services.garage.ensureKeys.mastodon.secret;
+          AWS_SECRET_ACCESS_KEY = config.fediversity.garage.ensureKeys.mastodon.secret;
        };
      };
  };
--- a/services/tests/peertube.nix
+++ b/services/tests/peertube.nix
@ -197,8 +197,8 @@ pkgs.nixosTest {
        systemd.services.postgresql.serviceConfig.TimeoutSec = lib.mkForce 3600;
        environment.variables = {
-          AWS_ACCESS_KEY_ID = config.services.garage.ensureKeys.peertube.id;
+          AWS_ACCESS_KEY_ID = config.fediversity.garage.ensureKeys.peertube.id;
-          AWS_SECRET_ACCESS_KEY = config.services.garage.ensureKeys.peertube.secret;
+          AWS_SECRET_ACCESS_KEY = config.fediversity.garage.ensureKeys.peertube.secret;
          PT_INITIAL_ROOT_PASSWORD = "testtest";
        };
      };
--- a/services/tests/pixelfed-garage.nix
+++ b/services/tests/pixelfed-garage.nix
@ -1,4 +1,5 @@
 { pkgs, self }:
 let
  lib = pkgs.lib;
@ -160,8 +161,8 @@ pkgs.nixosTest {
        ];
        environment.variables = {
          POST_MEDIA = ./fediversity.png;
-          AWS_ACCESS_KEY_ID = config.services.garage.ensureKeys.pixelfed.id;
+          AWS_ACCESS_KEY_ID = config.fediversity.garage.ensureKeys.pixelfed.id;
-          AWS_SECRET_ACCESS_KEY = config.services.garage.ensureKeys.pixelfed.secret;
+          AWS_SECRET_ACCESS_KEY = config.fediversity.garage.ensureKeys.pixelfed.secret;
          ## without this we get frivolous errors in the logs
          MC_REGION = "garage";
        };
--- a/services/vm/garage-vm.nix
+++ b/services/vm/garage-vm.nix
@ -8,10 +8,6 @@
 let
  inherit (lib) mkVMOverride mapAttrs' filterAttrs;
  cfg = config.services.garage;
  fedicfg = config.fediversity.internal.garage;
 in
 {
  imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
@ -24,21 +20,21 @@ in
      };
    in
    mapAttrs' (bucket: _: {
-      name = fedicfg.web.domainForBucket bucket;
+      name = config.fediversity.internal.garage.web.domainForBucket bucket;
      inherit value;
-    }) (filterAttrs (_: { website, ... }: website) cfg.ensureBuckets);
+    }) (filterAttrs (_: { website, ... }: website) config.fediversity.garage.ensureBuckets);
  virtualisation.diskSize = 2048;
  virtualisation.forwardPorts = [
    {
      from = "host";
-      host.port = fedicfg.rpc.port;
+      host.port = config.fediversity.internal.garage.rpc.port;
-      guest.port = fedicfg.rpc.port;
+      guest.port = config.fediversity.internal.garage.rpc.port;
    }
    {
      from = "host";
-      host.port = fedicfg.web.internalPort;
+      host.port = config.fediversity.internal.garage.web.internalPort;
-      guest.port = fedicfg.web.internalPort;
+      guest.port = config.fediversity.internal.garage.web.internalPort;
    }
  ];
 }