2025-05-19 10:56:05 -07:00
10 changed files with 7 additions and 58 deletions
--- a/home/dot_config/borgmatic.d/torus_bulk.yaml
+++ b/home/dot_config/borgmatic.d/torus_bulk.yaml
@ -1,18 +1,10 @@
 source_directories:
    - /engi/backup # Static files and service dumps
-    - /var/lib/nextcloud # nextcloud files (besides sql dump)
-    - /home/tstarr/sync # Syncthing backups
+    #- /home/tstarr/Sync # Syncthing files
    
 before_backup:
  - "tree /engi > /engi/backup/tree.txt"
-  - sudo -u gitea dump-gitea
-  - sudo -u nextcloud dump-nextcloud
-  - sudo -u miniflux dump-miniflux
-  - nextcloud-occ maintenance:mode --on
-
-after_backup:
-  - restore-docker-containers
-  - nextcloud-occ maintenance:mode --off
+  - sudo -u gitea backup-dump-gitea

 archive_name_format: 'torus_bulk.borg-{now}'

--- a/provision/hosts/bulwark/configuration.nix
+++ b/provision/hosts/bulwark/configuration.nix
@ -41,7 +41,6 @@
        certPath = ../../secrets/syncthing/bulwark/cert.pem.age;
        devices = {
          "kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
-          "torus" = { id = "ZVABUCA-3SA5QKR-OZSCIS5-RDAHR2V-D4R4NFK-ZBYOKDP-6HQUG2M-BNL3DAO"; };
        };
      };
    };
--- a/provision/hosts/kestrel/configuration.nix
+++ b/provision/hosts/kestrel/configuration.nix
@ -36,6 +36,7 @@
    desktop = {
      enable = true;
      gnome.enable = true;
+      peripherals.enable = true;
    };
    devel = {
      engineering.enable = true;
@ -62,7 +63,6 @@
        certPath = ../../secrets/syncthing/kestrel/cert.pem.age;
        devices = {
          "bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; };
-          "torus" = { id = "ZVABUCA-3SA5QKR-OZSCIS5-RDAHR2V-D4R4NFK-ZBYOKDP-6HQUG2M-BNL3DAO"; };
        };
      };
    };
--- a/provision/hosts/torus/configuration.nix
+++ b/provision/hosts/torus/configuration.nix
@ -102,15 +102,6 @@
    };
    services = {
      ssh.enable = true;
-      syncthing = {
-        enable = true;
-        keyPath = ../../secrets/syncthing/torus/key.pem.age;
-        certPath = ../../secrets/syncthing/torus/cert.pem.age;
-        devices = {
-          "bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; };
-          "kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
-        };
-      };
    };
  };
 }
--- a/provision/hosts/torus/gitea.nix
+++ b/provision/hosts/torus/gitea.nix
@ -11,7 +11,7 @@ in {
  ];

  environment.systemPackages = [
-    (pkgs.writeScriptBin "dump-gitea" ''
+    (pkgs.writeScriptBin "backup-dump-gitea" ''
      #!/bin/sh
      cd ${dumpFolder}
      [ -e gitea-dump.zip ] && rm gitea-dump.zip
--- a/provision/hosts/torus/nextcloud.nix
+++ b/provision/hosts/torus/nextcloud.nix
@ -1,24 +1,7 @@
 { config, lib, pkgs, user, ... }:
-let
-  dumpFolder = "/engi/backup/dumps/nextcloud";
-  domain = "cloud.tstarr.us";
-in {
+{
  environment.systemPackages = with pkgs; [
    cron
-    zip
-    rsync
-    (pkgs.writeScriptBin "dump-nextcloud" ''
-      #!/bin/sh
-      cd ${dumpFolder}
-      [ -e nextcloud-sql ] && rm nextcloud-sql 
-      nextcloud-occ maintenance:mode --on
-      mysqldump --single-transaction nextcloud > ${dumpFolder}/nextcloud-sql
-      nextcloud-occ maintenance:mode --off
-    '')
-  ];
-
-  systemd.tmpfiles.rules = [
-    "d ${dumpFolder} 0775 nextcloud nextcloud -"
  ];
  
  # nextcloud secrets
@ -30,7 +13,7 @@ in {

  services = {
    nginx.virtualHosts = {
-      "${domain}" = {
+      "cloud.tstarr.us" = {
        forceSSL = true;
        enableACME = true;
      };
@ -38,7 +21,7 @@ in {

    nextcloud = {
      enable = true;
-      hostName = "${domain}";
+      hostName = "cloud.tstarr.us";

       # Need to manually increment with every major upgrade.
      package = pkgs.nextcloud29;
--- a/provision/hosts/torus/rss.nix
+++ b/provision/hosts/torus/rss.nix
@ -1,22 +1,8 @@
 { config, lib, pkgs, user, ... }:
 let
  domain = "rssbridge.tstarr.us";
-  dumpFolder = "/engi/backup/dumps/miniflux";
 in 
 {
-  systemd.tmpfiles.rules = [
-    "d ${dumpFolder} 0775 miniflux miniflux -"
-  ];
-
-  environment.systemPackages = [
-    (pkgs.writeScriptBin "dump-miniflux" ''
-      #!/bin/sh
-      cd ${dumpFolder}
-      [ -e miniflux-sql ] && rm miniflux-sql
-      pg_dump miniflux > ${dumpFolder}/miniflux-sql
-    '')
-  ];
-
  services.postgresql = {
    enable = true;
    authentication = pkgs.lib.mkOverride 10 ''
--- a/provision/secrets/secrets.nix
+++ b/provision/secrets/secrets.nix
@ -24,7 +24,5 @@ in
  "syncthing/kestrel/cert.pem.age".publicKeys = systems;
  "syncthing/bulwark/key.pem.age".publicKeys = systems;
  "syncthing/bulwark/cert.pem.age".publicKeys = systems;
-  "syncthing/torus/key.pem.age".publicKeys = systems;
-  "syncthing/torus/cert.pem.age".publicKeys = systems;
 }

--- a/provision/secrets/syncthing/torus/cert.pem.age
+++ b/provision/secrets/syncthing/torus/cert.pem.age
--- a/provision/secrets/syncthing/torus/key.pem.age
+++ b/provision/secrets/syncthing/torus/key.pem.age