2
2
mirror of https://git.feal.no/felixalb/nixos-config.git synced 2024-12-21 11:47:29 +01:00

challenger: more minor migrations

This commit is contained in:
Felix Albrigtsen 2024-07-04 00:04:40 +02:00
parent 0e3e8218a7
commit 4adae24732
4 changed files with 47 additions and 7 deletions

View File

@ -26,13 +26,13 @@ Other installed packages and tools are described in the config files (like ./hos
## Public / important services
- Matrix ([source](./hosts/defiant/services/matrix/default.nix)) - Decentralized, encrypted chat - Contact me at @felixalb:feal.no
- [Nextcloud](https://cloud.feal.no) ([source](./hosts/voyager/services/nextcloud.nix)) - Personal cloud services and "google replacements", including file hosting, notes, calendar and webmail
- [Nextcloud](https://cloud.feal.no) ([source](./hosts/challenger/services/nextcloud.nix)) - Personal cloud services and "google replacements", including file hosting, notes, calendar and webmail
- [Gitea](https://git.feal.no) ([source](./hosts/defiant/services/gitea.nix)) - Software forge / git server
- [Hedgedoc](https://md.feal.no) ([source](./hosts/defiant/services/hedgedoc.nix)) - Collaborative markdown notes editor
- HomeAssistant ([source](./hosts/defiant/services/home-assistant.nix))- Home automation / IOT controller
- [VaultWarden](https://pw.feal.no) ([source](./hosts/defiant/services/vaultwarden.nix)) - BitWarden Password Manager backend
- [KeyCloak](https://iam.feal.no) ([source](./hosts/defiant/services/nextcloud.nix)) - Authentication provider, giving SSO with OIDC or SAML
- [Jellyfin](https://jf.feal.no) ([source](./hosts/voyager/services/jellyfin.nix)) - Local media streaming
- [Jellyfin](https://jf.feal.no) ([source](./hosts/challenger/services/jellyfin.nix)) - Local media streaming
## Networking

View File

@ -0,0 +1,38 @@
{ config, pkgs, lib, ... }:
{
services.borgbackup.jobs =
let
borgJob = name: {
environment.BORG_RSH = "ssh -i /root/.ssh/fealsyn1";
environment.BORG_REMOTE_PATH = "/usr/local/bin/borg";
repo = "ssh://backup@feal-syn1.home.feal.no/volume2/backup/borg/voyager/${name}";
compression = "auto,zstd";
};
in {
postgresDaily = borgJob "postgres::daily" // {
paths = "/var/backup/postgres";
startAt = "*-*-* 05:15:00"; # 2 hours after postgresqlBackup
extraInitArgs = "--storage-quota 10G";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
};
};
postgresWeekly = borgJob "postgres::weekly" // {
paths = "/var/backup/postgres";
startAt = "Mon *-*-* 05:15:00"; # 2 hours after postgresqlBackup
extraInitArgs = "--storage-quota 10G";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
};
};
# TODO: timemachine, nextcloud, komga, calibre
};
sops.secrets."borg/postgres" = { };
sops.secrets."borg/transmission" = { };
}

View File

@ -3,9 +3,11 @@
{
imports =
[
./hardware-configuration.nix
../../base.nix
../../common/metrics-exporters.nix
./hardware-configuration.nix
./backup.nix
./exports.nix
./filesystems.nix

View File

@ -17,13 +17,13 @@ in {
static_configs = [
{
targets = [
"voyager.home.feal.no:9100"
"sulu.home.feal.no:9100"
"mccoy.home.feal.no:9100"
"challenger.home.feal.no:9100"
"defiant.home.feal.no:9100"
"dlink-feal.home.feal.no:9100"
"edison.home.feal.no:9100"
"defiant.home.feal.no:9100"
"mccoy.home.feal.no:9100"
"scotty.home.feal.no:9100"
"sulu.home.feal.no:9100"
];
}
];