7 files changed, 63 insertions, 26 deletions

diff --git a/machines/fra01/default.nix b/machines/fra01/default.nix
index f296fc1..9d94143 100644
--- a/machines/fra01/default.nix
+++ b/machines/fra01/default.nix
@@ -11,14 +11,6 @@ in
   pubKey =
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9rBu7L0ktMFpYOqvKyjDoO8a5Y0CfqnCJCGEdE6cOV";
 
-  kubernetes = {
-    role = "agent";
-    externalIP = {
-      v4 = endpoint;
-      v6 = "2001:19f0:6c01:28e5:5400:3ff:fed7:7a2a";
-    };
-  };
-
   services.powerdns.role = "secondary";
 
   wireguard = {
diff --git a/machines/nyc01/default.nix b/machines/nyc01/default.nix
index 8331c8f..b295d1a 100644
--- a/machines/nyc01/default.nix
+++ b/machines/nyc01/default.nix
@@ -11,14 +11,6 @@ in
   pubKey =
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC00bSIp5oydOY/SFxPULYFtij5nsZCugdiR3q7PxNqC";
 
-  kubernetes = {
-    role = "agent";
-    externalIP = {
-      v4 = endpoint;
-      v6 = "2001:19f0:5:13df:5400:3ff:fed5:f26c";
-    };
-  };
-
   services.powerdns.role = "secondary";
 
   wireguard = {
diff --git a/machines/sin01/default.nix b/machines/sin01/default.nix
index ab70162..5cf3d72 100644
--- a/machines/sin01/default.nix
+++ b/machines/sin01/default.nix
@@ -11,14 +11,6 @@ in
   pubKey =
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJG9bqNAbHaWgiRgvNMntyW9IeLedXCF11KGB0iQsrJH";
 
-  kubernetes = {
-    role = "agent";
-    externalIP = {
-      v4 = endpoint;
-      v6 = "2001:19f0:4400:7d6a:5400:3ff:fed5:f26d";
-    };
-  };
-
   services.powerdns.role = "secondary";
 
   wireguard = {
diff --git a/modules/bgp/default.nix b/modules/bgp/default.nix
index 3eecd86..1f33aad 100644
--- a/modules/bgp/default.nix
+++ b/modules/bgp/default.nix
@@ -33,7 +33,7 @@
       enable = true;
       config = ''
         router bgp 64716
-          bgp router-id ${config.kubernetes.externalIP.v4}
+          bgp router-id ${config.deploy.host}
           bgp ebgp-requires-policy
           no bgp default ipv4-unicast
           no bgp network import-check
diff --git a/modules/common/default.nix b/modules/common/default.nix
index 05c395f..26f42c4 100644
--- a/modules/common/default.nix
+++ b/modules/common/default.nix
@@ -15,7 +15,7 @@
   systemd.enableEmergencyMode = false;
 
   # Default Packages Set
-  environment.systemPackages = with pkgs; [ git vim htop wget nftables wireguard-tools tmux ];
+  environment.systemPackages = with pkgs; [ git vim htop wget nftables wireguard-tools tmux fd ripgrep ];
 
   nixpkgs.config.allowUnfree = true;
 
diff --git a/modules/default.nix b/modules/default.nix
index dc6de23..baa7cd2 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -21,4 +21,7 @@
   hydra = import ./hydra;
   tlmp = import ./tlmp;
   homeassistant = import ./homeassistant;
+  garage = import ./garage;
+
+  palworld = import ./palworld;
 }
diff --git a/modules/garage/default.nix b/modules/garage/default.nix
new file mode 100644
index 0000000..9bc2998
--- /dev/null
+++ b/modules/garage/default.nix
@@ -0,0 +1,58 @@
+{ self, config, lib, pkgs, ... }:
+
+with self.lib.nginx;
+{
+  services.garage = {
+    enable = true;
+    package = pkgs.garage_0_9_0;
+    settings = {
+      replication_mode = 3;
+      metadata_dir = "/var/lib/garage/meta";
+      data_dir = "/var/lib/garage/data";
+      db_engine = "lmdb";
+
+      compression_level = 2;
+
+      rpc_bind_addr = "${config.wireguard.v4.address}:3901";
+      rpc_public_addr = "${config.wireguard.v4.address}:3901";
+      rpc_secret = "37e1edc5a5eefb8901ca314bcfbd21cb803fbfb0a780b80a547fddf641284503";
+
+      bootstrap_peers = [ ];
+
+      s3_api = {
+        s3_region = "cdn";
+        api_bind_addr = "127.0.0.1:3900";
+        root_domain = "s3.vapor.systems";
+      };
+
+      s3_web = {
+        bind_addr = "127.0.0.1:3902";
+        root_domain = "web.vapor.systems";
+        index = "index.html";
+      };
+    };
+  };
+
+  security.acme.certs = {
+    "vapor.systems" = {
+      extraDomainNames = [ "*.vapor.systems" ];
+    };
+    "gnulag.net" = {
+      extraDomainNames = [ "*.gnulag.net" ];
+    };
+    "linuxmasterrace.org" = {
+      extraDomainNames = [ "*.linuxmasterrace.org" ];
+    };
+  };
+
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "s3.vapor.systems" = (proxyDomain "vapor.systems" "http://127.0.0.1:3900/");
+      "web.vapor.systems" = (proxyDomain "vapor.systems" "http://127.0.0.1:3902/");
+      "gnulag.net" = (proxyDomain "gnulag.net" "http://127.0.0.1:3902/");
+      "linuxmasterrace.org" = (proxyDomain "linuxmasterrace.org" "http://127.0.0.1:3902/");
+      "dash.linuxmasterrace.org" = (proxyDomain "linuxmasterrace.org" "http://127.0.0.1:3902/");
+    };
+  };
+}