tstarr/dotfiles
1
0
Fork 0
mirror of https://github.com/starr-dusT/dotfiles.git synced 2025-05-19 10:56:05 -07:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: tstarr:a9bd38f54fadc27a0aabab004d7b92487c51ba67
Branches Tags
tstarr:master
tstarr:v23.05
..
compare: tstarr:145678ae78e81cc2241c24f62d10e162c5f0d65f
Branches Tags
tstarr:master
tstarr:v23.05

No commits in common. "a9bd38f54fadc27a0aabab004d7b92487c51ba67" and "145678ae78e81cc2241c24f62d10e162c5f0d65f" have entirely different histories.
a9bd38f54f ... 145678ae78

10 changed files with 7 additions and 58 deletions
Show Stats Expand all files Collapse all files

12
home/dot_config/borgmatic.d/torus_bulk.yaml
View File

@ -1,18 +1,10 @@
source_directories: source_directories:
- /engi/backup # Static files and service dumps - /engi/backup # Static files and service dumps
- /var/lib/nextcloud # nextcloud files (besides sql dump) #- /home/tstarr/Sync # Syncthing files
- /home/tstarr/sync # Syncthing backups
before_backup: before_backup:
- "tree /engi > /engi/backup/tree.txt" - "tree /engi > /engi/backup/tree.txt"
- sudo -u gitea dump-gitea - sudo -u gitea backup-dump-gitea
- sudo -u nextcloud dump-nextcloud
- sudo -u miniflux dump-miniflux
- nextcloud-occ maintenance:mode --on
after_backup:
- restore-docker-containers
- nextcloud-occ maintenance:mode --off
archive_name_format: 'torus_bulk.borg-{now}' archive_name_format: 'torus_bulk.borg-{now}'

1
provision/hosts/bulwark/configuration.nix
View File

@ -41,7 +41,6 @@
certPath = ../../secrets/syncthing/bulwark/cert.pem.age; certPath = ../../secrets/syncthing/bulwark/cert.pem.age;
devices = { devices = {
"kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; }; "kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
"torus" = { id = "ZVABUCA-3SA5QKR-OZSCIS5-RDAHR2V-D4R4NFK-ZBYOKDP-6HQUG2M-BNL3DAO"; };
}; };
}; };
}; };

2
provision/hosts/kestrel/configuration.nix
View File

@ -36,6 +36,7 @@
desktop = { desktop = {
enable = true; enable = true;
gnome.enable = true; gnome.enable = true;
peripherals.enable = true;
}; };
devel = { devel = {
engineering.enable = true; engineering.enable = true;
@ -62,7 +63,6 @@
certPath = ../../secrets/syncthing/kestrel/cert.pem.age; certPath = ../../secrets/syncthing/kestrel/cert.pem.age;
devices = { devices = {
"bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; }; "bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; };
"torus" = { id = "ZVABUCA-3SA5QKR-OZSCIS5-RDAHR2V-D4R4NFK-ZBYOKDP-6HQUG2M-BNL3DAO"; };
}; };
}; };
}; };

9
provision/hosts/torus/configuration.nix
View File

@ -102,15 +102,6 @@
}; };
services = { services = {
ssh.enable = true; ssh.enable = true;
syncthing = {
enable = true;
keyPath = ../../secrets/syncthing/torus/key.pem.age;
certPath = ../../secrets/syncthing/torus/cert.pem.age;
devices = {
"bulwark" = { id = "YKPOWTQ-XMXG3SD-XKLPVEC-H4SO345-2ZZQK65-EBISRED-ISKCFMQ-T74P6Q5"; };
"kestrel" = { id = "5WWL4FE-ARZ4FHP-J33HQCH-CZKEXLN-2RAY4KW-PDI754F-3HVPZYI-VC3ESAF"; };
};
};
}; };
}; };
} }

2
provision/hosts/torus/gitea.nix
View File

@ -11,7 +11,7 @@ in {
]; ];
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writeScriptBin "dump-gitea" '' (pkgs.writeScriptBin "backup-dump-gitea" ''
#!/bin/sh #!/bin/sh
cd ${dumpFolder} cd ${dumpFolder}
[ -e gitea-dump.zip ] && rm gitea-dump.zip [ -e gitea-dump.zip ] && rm gitea-dump.zip

23
provision/hosts/torus/nextcloud.nix
View File

@ -1,24 +1,7 @@
{ config, lib, pkgs, user, ... }: { config, lib, pkgs, user, ... }:
let {
dumpFolder = "/engi/backup/dumps/nextcloud";
domain = "cloud.tstarr.us";
in {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
cron cron
zip
rsync
(pkgs.writeScriptBin "dump-nextcloud" ''
#!/bin/sh
cd ${dumpFolder}
[ -e nextcloud-sql ] && rm nextcloud-sql
nextcloud-occ maintenance:mode --on
mysqldump --single-transaction nextcloud > ${dumpFolder}/nextcloud-sql
nextcloud-occ maintenance:mode --off
'')
];
systemd.tmpfiles.rules = [
"d ${dumpFolder} 0775 nextcloud nextcloud -"
]; ];
# nextcloud secrets # nextcloud secrets
@ -30,7 +13,7 @@ in {
services = { services = {
nginx.virtualHosts = { nginx.virtualHosts = {
"${domain}" = { "cloud.tstarr.us" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
}; };
@ -38,7 +21,7 @@ in {
nextcloud = { nextcloud = {
enable = true; enable = true;
hostName = "${domain}"; hostName = "cloud.tstarr.us";
# Need to manually increment with every major upgrade. # Need to manually increment with every major upgrade.
package = pkgs.nextcloud29; package = pkgs.nextcloud29;

14
provision/hosts/torus/rss.nix
View File

@ -1,22 +1,8 @@
{ config, lib, pkgs, user, ... }: { config, lib, pkgs, user, ... }:
let let
domain = "rssbridge.tstarr.us"; domain = "rssbridge.tstarr.us";
dumpFolder = "/engi/backup/dumps/miniflux";
in in
{ {
systemd.tmpfiles.rules = [
"d ${dumpFolder} 0775 miniflux miniflux -"
];
environment.systemPackages = [
(pkgs.writeScriptBin "dump-miniflux" ''
#!/bin/sh
cd ${dumpFolder}
[ -e miniflux-sql ] && rm miniflux-sql
pg_dump miniflux > ${dumpFolder}/miniflux-sql
'')
];
services.postgresql = { services.postgresql = {
enable = true; enable = true;
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''

2
provision/secrets/secrets.nix
View File

@ -24,7 +24,5 @@ in
"syncthing/kestrel/cert.pem.age".publicKeys = systems; "syncthing/kestrel/cert.pem.age".publicKeys = systems;
"syncthing/bulwark/key.pem.age".publicKeys = systems; "syncthing/bulwark/key.pem.age".publicKeys = systems;
"syncthing/bulwark/cert.pem.age".publicKeys = systems; "syncthing/bulwark/cert.pem.age".publicKeys = systems;
"syncthing/torus/key.pem.age".publicKeys = systems;
"syncthing/torus/cert.pem.age".publicKeys = systems;
} }

BIN
provision/secrets/syncthing/torus/cert.pem.age
View File

Binary file not shown.

BIN
provision/secrets/syncthing/torus/key.pem.age
View File

Binary file not shown.