robi migration
This commit is contained in:
parent
e8492a17bb
commit
340ec98c0f
16 changed files with 212 additions and 94 deletions
12
nixos/configs/robi/bitwarden.nix
Normal file
12
nixos/configs/robi/bitwarden.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ config, pkgs, lib, ... }: {
|
||||||
|
services.bitwarden_rs = {
|
||||||
|
enable = true;
|
||||||
|
config = {
|
||||||
|
domain = "https://bitwarden.ingolf-wagner.de";
|
||||||
|
signupsAllowed = false;
|
||||||
|
rocketPort = 8222;
|
||||||
|
rocketLog = "critical";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
#backup.dirs = [ "/var/lib/bitwarden_rs" ];
|
||||||
|
}
|
34
nixos/configs/robi/codimd.nix
Normal file
34
nixos/configs/robi/codimd.nix
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
domain = "md.ingolf-wagner.de";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
services.nginx.enable = true;
|
||||||
|
services.nginx.virtualHosts.hedgedoc = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
serverName = domain;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${toString config.services.hedgedoc.configuration.port}";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.hedgedoc = {
|
||||||
|
enable = true;
|
||||||
|
configuration = {
|
||||||
|
db = {
|
||||||
|
dialect = "sqlite";
|
||||||
|
storage = "/var/lib/hedgedoc/db.sqlite";
|
||||||
|
useCDN = false;
|
||||||
|
};
|
||||||
|
allowFreeURL = true;
|
||||||
|
domain = domain;
|
||||||
|
port = 3091;
|
||||||
|
useCDN = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
|
@ -6,16 +6,20 @@
|
||||||
../../system/server/netdata.nix
|
../../system/server/netdata.nix
|
||||||
|
|
||||||
./hetzner.nix
|
./hetzner.nix
|
||||||
|
|
||||||
./packages.nix
|
./packages.nix
|
||||||
./tinc.nix
|
./tinc.nix
|
||||||
./syncthing.nix
|
./syncthing.nix
|
||||||
./taskserver.nix
|
./taskserver.nix
|
||||||
./transmission.nix
|
./transmission.nix
|
||||||
./nextcloud.nix
|
./nextcloud.nix
|
||||||
|
./codimd.nix
|
||||||
|
|
||||||
|
|
||||||
# todo
|
# todo
|
||||||
./gitlab.nix
|
./gitea.nix
|
||||||
|
#./gitlab.nix
|
||||||
|
#./bitwarden.nix
|
||||||
|
|
||||||
|
|
||||||
#../../system/server
|
#../../system/server
|
||||||
|
|
||||||
|
|
33
nixos/configs/robi/gitea.nix
Normal file
33
nixos/configs/robi/gitea.nix
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
statusPage = true;
|
||||||
|
virtualHosts = {
|
||||||
|
"git.ingolf-wagner.de" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${toString config.services.gogs.httpPort}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.gitea = {
|
||||||
|
enable = true;
|
||||||
|
appName = "git.ingolf-wagner.de";
|
||||||
|
cookieSecure = true;
|
||||||
|
disableRegistration = true;
|
||||||
|
domain = "git.ingolf-wagner.de";
|
||||||
|
dump.enable = true;
|
||||||
|
rootUrl = "https://git.ingolf-wagner.de/";
|
||||||
|
settings = {
|
||||||
|
other = {
|
||||||
|
SHOW_FOOTER_VERSION = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
#backup.dirs = [ config.services.gogs.repositoryRoot ];
|
||||||
|
}
|
|
@ -7,8 +7,8 @@
|
||||||
../../system/server/packages.nix
|
../../system/server/packages.nix
|
||||||
./nginx.nix
|
./nginx.nix
|
||||||
./tinc.nix
|
./tinc.nix
|
||||||
./codimd.nix
|
|
||||||
./bitwarden.nix
|
./bitwarden.nix
|
||||||
|
#./codimd.nix
|
||||||
#./syncplay.nix
|
#./syncplay.nix
|
||||||
./grocy.nix
|
./grocy.nix
|
||||||
|
|
||||||
|
|
|
@ -65,58 +65,57 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
"git.ingolf-wagner.de" = {
|
#"git.ingolf-wagner.de" = {
|
||||||
#listen = [
|
# #listen = [
|
||||||
# {
|
# # {
|
||||||
# addr = "0.0.0.0";
|
# # addr = "0.0.0.0";
|
||||||
# port = 4443;
|
# # port = 4443;
|
||||||
# ssl = true;
|
# # ssl = true;
|
||||||
|
# # }
|
||||||
|
# # {
|
||||||
|
# # addr = "0.0.0.0";
|
||||||
|
# # port = 80;
|
||||||
|
# # ssl = false;
|
||||||
|
# # }
|
||||||
|
# #];
|
||||||
|
# forceSSL = true;
|
||||||
|
# enableACME = true;
|
||||||
|
# extraConfig = error.extraConfig;
|
||||||
|
# locations = {
|
||||||
|
# "/" = {
|
||||||
|
# proxyPass = "http://workhorse.private:3000";
|
||||||
|
# extraConfig = ''
|
||||||
|
# if ($request_method = 'OPTIONS') {
|
||||||
|
# add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
# add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
|
# #
|
||||||
|
# # Custom headers and headers various browsers *should* be OK with but aren't
|
||||||
|
# #
|
||||||
|
# add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
||||||
|
# #
|
||||||
|
# # Tell client that this pre-flight info is valid for 20 days
|
||||||
|
# #
|
||||||
|
# add_header 'Access-Control-Max-Age' 1728000;
|
||||||
|
# add_header 'Content-Type' 'text/plain; charset=utf-8';
|
||||||
|
# add_header 'Content-Length' 0;
|
||||||
|
# return 204;
|
||||||
# }
|
# }
|
||||||
# {
|
# if ($request_method = 'POST') {
|
||||||
# addr = "0.0.0.0";
|
# add_header 'Access-Control-Allow-Origin' '*';
|
||||||
# port = 80;
|
# add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
# ssl = false;
|
# add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
||||||
|
# add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
|
||||||
# }
|
# }
|
||||||
#];
|
# if ($request_method = 'GET') {
|
||||||
forceSSL = true;
|
# add_header 'Access-Control-Allow-Origin' '*';
|
||||||
enableACME = true;
|
# add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
extraConfig = error.extraConfig;
|
# add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
||||||
|
# add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
|
||||||
locations = {
|
# }
|
||||||
"/" = {
|
# '';
|
||||||
proxyPass = "http://workhorse.private:3000";
|
# };
|
||||||
extraConfig = ''
|
# } // error.locations;
|
||||||
if ($request_method = 'OPTIONS') {
|
#};
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
||||||
#
|
|
||||||
# Custom headers and headers various browsers *should* be OK with but aren't
|
|
||||||
#
|
|
||||||
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
|
||||||
#
|
|
||||||
# Tell client that this pre-flight info is valid for 20 days
|
|
||||||
#
|
|
||||||
add_header 'Access-Control-Max-Age' 1728000;
|
|
||||||
add_header 'Content-Type' 'text/plain; charset=utf-8';
|
|
||||||
add_header 'Content-Length' 0;
|
|
||||||
return 204;
|
|
||||||
}
|
|
||||||
if ($request_method = 'POST') {
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
||||||
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
|
||||||
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
|
|
||||||
}
|
|
||||||
if ($request_method = 'GET') {
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
||||||
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
|
||||||
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
} // error.locations;
|
|
||||||
};
|
|
||||||
|
|
||||||
#"grocy.ingolf-wagner.de" = {
|
#"grocy.ingolf-wagner.de" = {
|
||||||
# listen = [
|
# listen = [
|
||||||
|
@ -447,13 +446,13 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services."socat-gogs-ssh" = {
|
#systemd.services."socat-gogs-ssh" = {
|
||||||
wantedBy = [ "multi-user.target" ];
|
# wantedBy = [ "multi-user.target" ];
|
||||||
script =
|
# script =
|
||||||
let port = "2222";
|
# let port = "2222";
|
||||||
in ''
|
# in ''
|
||||||
${pkgs.socat}/bin/socat TCP-LISTEN:${port},fork TCP:workhorse.private:${port}
|
# ${pkgs.socat}/bin/socat TCP-LISTEN:${port},fork TCP:workhorse.private:${port}
|
||||||
'';
|
# '';
|
||||||
};
|
#};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,4 +10,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.users."tinc.secret".group = "tinc.secret";
|
||||||
|
users.groups."tinc.secret" = { };
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,8 +24,16 @@
|
||||||
sops.secrets.tinc_retiolum_rsa_key = { };
|
sops.secrets.tinc_retiolum_rsa_key = { };
|
||||||
|
|
||||||
security.wrappers = {
|
security.wrappers = {
|
||||||
pmount.source = "${pkgs.pmount}/bin/pmount";
|
pmount = {
|
||||||
pumount.source = "${pkgs.pmount}/bin/pumount";
|
source = "${pkgs.pmount}/bin/pmount";
|
||||||
|
owner = config.users.users.mainUser.name;
|
||||||
|
group = "nogroup";
|
||||||
|
};
|
||||||
|
pumount = {
|
||||||
|
source = "${pkgs.pmount}/bin/pumount";
|
||||||
|
owner = config.users.users.mainUser.name;
|
||||||
|
group = "nogroup";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# keybase
|
# keybase
|
||||||
|
|
|
@ -36,7 +36,7 @@ in
|
||||||
imagemagick
|
imagemagick
|
||||||
|
|
||||||
bitwig-studio3
|
bitwig-studio3
|
||||||
sononym-crawler
|
#sononym-crawler
|
||||||
darktable
|
darktable
|
||||||
|
|
||||||
# rust development environment
|
# rust development environment
|
||||||
|
|
|
@ -20,5 +20,9 @@ with lib;
|
||||||
connectTo = [ "sputnik" ];
|
connectTo = [ "sputnik" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
users.users."tinc.retiolum".group = "tinc.retiolum";
|
||||||
|
users.groups."tinc.retiolum" = { };
|
||||||
|
users.users."tinc.secret".group = "tinc.secret";
|
||||||
|
users.groups."tinc.secret" = { };
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -55,7 +55,9 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"doom-emacs": "doom-emacs",
|
"doom-emacs": "doom-emacs",
|
||||||
"doom-snippets": "doom-snippets",
|
"doom-snippets": "doom-snippets",
|
||||||
"emacs-overlay": "emacs-overlay",
|
"emacs-overlay": [
|
||||||
|
"emacs-overlay"
|
||||||
|
],
|
||||||
"emacs-so-long": "emacs-so-long",
|
"emacs-so-long": "emacs-so-long",
|
||||||
"evil-markdown": "evil-markdown",
|
"evil-markdown": "evil-markdown",
|
||||||
"evil-org-mode": "evil-org-mode",
|
"evil-org-mode": "evil-org-mode",
|
||||||
|
@ -108,11 +110,11 @@
|
||||||
"emacs-overlay": {
|
"emacs-overlay": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1626972035,
|
"lastModified": 1642012880,
|
||||||
"narHash": "sha256-YhBtnKmLDYiEzP5ZEMEQMg6oMP5EV+ToCkku7ZYfL+A=",
|
"narHash": "sha256-TOjm/NVua9SC7t+qi5AWBMwH2J3Sz5jrQBEqw8K+krk=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "emacs-overlay",
|
"repo": "emacs-overlay",
|
||||||
"rev": "be04b45efb35db58e6ac6aa86b84f850c85b5dfe",
|
"rev": "5db3fa544f264e5b5a11162475228446498827b2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -401,11 +403,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641528457,
|
"lastModified": 1641887635,
|
||||||
"narHash": "sha256-FyU9E63n1W7Ql4pMnhW2/rO9OftWZ37pLppn/c1aisY=",
|
"narHash": "sha256-kDGpufwzVaiGe5e1sBUBPo9f1YN+nYHJlYqCaVpZTQQ=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ff377a78794d412a35245e05428c8f95fef3951f",
|
"rev": "b2737d4980a17cc2b7d600d7d0b32fd7333aca88",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -417,11 +419,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641593416,
|
"lastModified": 1641870998,
|
||||||
"narHash": "sha256-Vn/vqQtYnVuZlbGGO0gSzLjmtFwb6OPvakwyoG1D/MY=",
|
"narHash": "sha256-6HkxR2WZsm37VoQS7jgp6Omd71iw6t1kP8bDbaqCDuI=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "36480448d470bf41bb21267cf9062a1542c4a95f",
|
"rev": "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -569,11 +571,11 @@
|
||||||
"rev": "b39c539f9e720cc144c9ad7fe0d72cd46f793dab",
|
"rev": "b39c539f9e720cc144c9ad7fe0d72cd46f793dab",
|
||||||
"revCount": 22,
|
"revCount": 22,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://gitlab@gitlab.ingolf-wagner.de/palo/polygon-art"
|
"url": "https://gitlab.ingolf-wagner.de/palo/polygon-art.git"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://gitlab@gitlab.ingolf-wagner.de/palo/polygon-art"
|
"url": "https://gitlab.ingolf-wagner.de/palo/polygon-art.git"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"revealjs": {
|
"revealjs": {
|
||||||
|
@ -596,6 +598,7 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"cluster-module": "cluster-module",
|
"cluster-module": "cluster-module",
|
||||||
"doom-emacs-nix": "doom-emacs-nix",
|
"doom-emacs-nix": "doom-emacs-nix",
|
||||||
|
"emacs-overlay": "emacs-overlay",
|
||||||
"grocy-scanner": "grocy-scanner",
|
"grocy-scanner": "grocy-scanner",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"home-manager-utils": "home-manager-utils",
|
"home-manager-utils": "home-manager-utils",
|
||||||
|
|
|
@ -5,13 +5,16 @@
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-21.11";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-21.11";
|
||||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
polygon-art = {
|
polygon-art = {
|
||||||
url = "git+ssh://gitlab@gitlab.ingolf-wagner.de/palo/polygon-art";
|
url = "git+https://gitlab.ingolf-wagner.de/palo/polygon-art.git";
|
||||||
#url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
|
};
|
||||||
#inputs.nixpkgs.follows = "nixpkgs";
|
emacs-overlay = {
|
||||||
|
url = "github:nix-community/emacs-overlay";
|
||||||
|
flake = false;
|
||||||
};
|
};
|
||||||
doom-emacs-nix = {
|
doom-emacs-nix = {
|
||||||
url = "github:vlaci/nix-doom-emacs";
|
url = "github:vlaci/nix-doom-emacs";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
inputs.emacs-overlay.follows = "emacs-overlay";
|
||||||
};
|
};
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager/release-21.11";
|
url = "github:nix-community/home-manager/release-21.11";
|
||||||
|
@ -40,6 +43,7 @@
|
||||||
, nixpkgs
|
, nixpkgs
|
||||||
, home-manager
|
, home-manager
|
||||||
, home-manager-utils
|
, home-manager-utils
|
||||||
|
, emacs-overlay
|
||||||
, doom-emacs-nix
|
, doom-emacs-nix
|
||||||
, nixpkgs-unstable
|
, nixpkgs-unstable
|
||||||
, cluster-module
|
, cluster-module
|
||||||
|
@ -82,7 +86,10 @@
|
||||||
desktopModules = [
|
desktopModules = [
|
||||||
{
|
{
|
||||||
home-manager.users.mainUser = {
|
home-manager.users.mainUser = {
|
||||||
imports = [ doom-emacs-nix.hmModule home-manager-utils.hmModule ];
|
imports = [
|
||||||
|
doom-emacs-nix.hmModule
|
||||||
|
home-manager-utils.hmModule
|
||||||
|
];
|
||||||
};
|
};
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
nixpkgs-fmt.defaultPackage."x86_64-linux"
|
nixpkgs-fmt.defaultPackage."x86_64-linux"
|
||||||
|
|
|
@ -25,6 +25,8 @@ in
|
||||||
# see https://nixos.wiki/wiki/Fonts
|
# see https://nixos.wiki/wiki/Fonts
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
|
||||||
|
services.xserver.dpi = cfg.dpi;
|
||||||
|
|
||||||
fonts = {
|
fonts = {
|
||||||
|
|
||||||
enableDefaultFonts = true;
|
enableDefaultFonts = true;
|
||||||
|
@ -32,7 +34,7 @@ in
|
||||||
fontDir.enable = true;
|
fontDir.enable = true;
|
||||||
|
|
||||||
fontconfig = {
|
fontconfig = {
|
||||||
dpi = cfg.dpi;
|
#dpi = cfg.dpi;
|
||||||
subpixel = {
|
subpixel = {
|
||||||
lcdfilter = "default";
|
lcdfilter = "default";
|
||||||
rgba = "rgb";
|
rgba = "rgb";
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }:
|
||||||
|
# borg core setup
|
||||||
|
# ---------------
|
||||||
|
# provides an easy interface for all services
|
||||||
|
# to append it's files to be backuped
|
||||||
|
{
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
backup.dirs = lib.mkOption {
|
backup.dirs = lib.mkOption {
|
||||||
|
@ -24,10 +29,10 @@
|
||||||
let
|
let
|
||||||
|
|
||||||
servers = [
|
servers = [
|
||||||
{
|
#{
|
||||||
name = "workhorse";
|
# name = "robi";
|
||||||
host = "workhorse.private";
|
# host = "robi.private";
|
||||||
}
|
#}
|
||||||
{
|
{
|
||||||
name = "pepe";
|
name = "pepe";
|
||||||
host = "pepe.private";
|
host = "pepe.private";
|
||||||
|
@ -45,11 +50,9 @@
|
||||||
repo = "borg@${server}:./${myHostname}";
|
repo = "borg@${server}:./${myHostname}";
|
||||||
encryption = {
|
encryption = {
|
||||||
mode = "repokey-blake2";
|
mode = "repokey-blake2";
|
||||||
passCommand =
|
passCommand = "cat ${config.sops.secrets.backup_repository_passphrase.path}";
|
||||||
"cat ${config.sops.secrets.backup_repository_passphrase.path}";
|
|
||||||
};
|
};
|
||||||
environment.BORG_RSH =
|
environment.BORG_RSH = "ssh -i ${toString config.sops.secrets.backup_ssh_rsa_private.path}";
|
||||||
"ssh -i ${toString config.sops.secrets.backup_ssh_rsa_private.path}";
|
|
||||||
compression = "auto,lzma";
|
compression = "auto,lzma";
|
||||||
startAt = "daily";
|
startAt = "daily";
|
||||||
prune.keep = {
|
prune.keep = {
|
||||||
|
|
|
@ -10,8 +10,8 @@
|
||||||
--rsh='ssh -i ~/.ssh/card_rsa.pub' borg@${host}.private:${repository}/. \
|
--rsh='ssh -i ~/.ssh/card_rsa.pub' borg@${host}.private:${repository}/. \
|
||||||
"$@"
|
"$@"
|
||||||
'';
|
'';
|
||||||
hosts = [ "workhorse" "pepe" ];
|
hosts = [ "pepe" "robi" ];
|
||||||
repositories = [ "workhorse" "pepe" "sterni" "workout" ];
|
repositories = [ "pepe" "sterni" "robi" ];
|
||||||
commands = [ "list" ];
|
commands = [ "list" ];
|
||||||
in
|
in
|
||||||
lib.flatten (map
|
lib.flatten (map
|
||||||
|
|
|
@ -3,6 +3,12 @@
|
||||||
programs.doom-emacs = {
|
programs.doom-emacs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
doomPrivateDir = ./doom.d;
|
doomPrivateDir = ./doom.d;
|
||||||
|
|
||||||
|
emacsPackagesOverlay = self: super: {
|
||||||
|
# fixes https://github.com/vlaci/nix-doom-emacs/issues/394
|
||||||
|
gitignore-mode = pkgs.emacsPackages.git-modes;
|
||||||
|
gitconfig-mode = pkgs.emacsPackages.git-modes;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
|
Loading…
Reference in a new issue