2d57db8182
check / flake-check (pull_request) Has been cancelled
Lays out the agreed shape from the design discussion: one flake at the root with three nixosConfigurations (mqtt-ingest, db-host, app-host), vendored Supabase docker-compose pointed at the external db-host, Caddy → Kong → PostgREST/GoTrue, a Go MQTT→Postgres ingester stub, deploy-rs node map, and a Gitea Actions workflow that deploys in db → app → ingest order on push to main. No real implementation yet — every host module has TODOs marking the gaps (real hardware config, actual hostnames, HiveMQ packaging, vendor the full upstream Supabase compose, etc.).
49 lines
1.0 KiB
YAML
49 lines
1.0 KiB
YAML
_format_version: "2.1"
|
|
|
|
# Declarative Kong config — vanilla Supabase routing, no surprises.
|
|
# Lives at /home/kong/kong.yml inside the container.
|
|
|
|
consumers:
|
|
- username: anon
|
|
keyauth_credentials:
|
|
- key: ${ANON_KEY}
|
|
- username: service_role
|
|
keyauth_credentials:
|
|
- key: ${SERVICE_ROLE_KEY}
|
|
|
|
services:
|
|
- name: auth-v1
|
|
url: http://auth:9999/
|
|
routes:
|
|
- name: auth-v1-route
|
|
strip_path: true
|
|
paths: [ /auth/v1/ ]
|
|
plugins:
|
|
- name: cors
|
|
|
|
- name: rest-v1
|
|
url: http://rest:3000/
|
|
routes:
|
|
- name: rest-v1-route
|
|
strip_path: true
|
|
paths: [ /rest/v1/ ]
|
|
plugins:
|
|
- name: cors
|
|
- name: key-auth
|
|
config:
|
|
hide_credentials: true
|
|
key_names: [ apikey ]
|
|
|
|
- name: rpc
|
|
url: http://rest:3000/rpc/
|
|
routes:
|
|
- name: rpc-route
|
|
strip_path: true
|
|
paths: [ /rpc/ ]
|
|
plugins:
|
|
- name: cors
|
|
- name: key-auth
|
|
config:
|
|
hide_credentials: true
|
|
key_names: [ apikey ]
|