feat: migrate m3-atlas from MinIO to RustFS

- Replace minio.nix with rustfs.nix using rustfs-flake NixOS module - Add rustfs flake input (github:rustfs/rustfs-flake) - Reuse same ports (API: 3008, Console: 3007) and data dir (/var/storage/s3) - Add separate agenix secrets for access-key and secret-key - Keep Traefik routes unchanged (s3.m3tam3re.com, minio.m3tam3re.com) - MinIO had 6 unfixed CVEs and is abandoned upstream
2026-05-02 11:44:32 +02:00
parent 90e417525b
commit b7dd7f2bf7
8 changed files with 467 additions and 66 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -74,6 +74,11 @@
      flake = false;
    };
    hermes-agent.url = "github:NousResearch/hermes-agent/v2026.4.30";
+
+    rustfs = {
+      url = "github:rustfs/rustfs-flake";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
  };

  outputs = {
@@ -127,6 +132,7 @@
          inputs.disko.nixosModules.disko
          agenix.nixosModules.default
          m3ta-nixpkgs.nixosModules.default
+          inputs.rustfs.nixosModules.rustfs
        ];
      };
      m3-kratos = nixpkgs.lib.nixosSystem {