will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

Compare commits

merge into: will-holdsworth:update_flake_lock_action
Branches Tags
will-holdsworth:main
will-holdsworth:100
will-holdsworth:update_flake_lock_action
will-holdsworth:71
will-holdsworth:enhancement/32
will-holdsworth:enhancement/6
...
pull from: will-holdsworth:main
Branches Tags
will-holdsworth:main
will-holdsworth:100
will-holdsworth:update_flake_lock_action
will-holdsworth:71
will-holdsworth:enhancement/32
will-holdsworth:enhancement/6
Sign in to create a new pull request.

8 commits
update_fla ... main

Author SHA1 Message Date
Will Holdsworth
81bf6d1c45
feat(tailscale): disable for now, ssh works without 2026-03-12 20:02:34 +11:00
Will Holdsworth
9d3c2336dc Merge pull request 'Install LibreWolf' (#137) from 99 into main 
Reviewed-on: #137
 2026-03-12 20:01:30 +11:00
Will Holdsworth
7483af690a
feat(firefox): remove for now in favour of librewolf 2026-03-12 19:49:14 +11:00
Will Holdsworth
d7196bb746
feat(firefox): update config based on librewolf config 2026-03-12 19:49:00 +11:00
Will Holdsworth
5acabc9745
feat(librewolf): install 2026-03-12 19:48:50 +11:00
Will Holdsworth
f98b6fe4a7
fix(syncthing): alternative config should be empty set, not null 2026-03-12 19:01:05 +11:00
Will Holdsworth
6328d80bdf
fix(lazygit): allow rewording signed commits 2026-03-09 14:36:45 +11:00
Will Holdsworth
a2d43c4dd9
feat(borgbackup): replace borgmatic 2026-03-09 14:09:06 +11:00
23 changed files with 519 additions and 238 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hosts/server/configuration.nix
View file

@ -15,7 +15,7 @@
] ]
++ (util.toImports ../../modules/nixos/features [ ++ (util.toImports ../../modules/nixos/features [
# keep-sorted start # keep-sorted start
"borgmatic" "borgbackup"
"intel-gpu" "intel-gpu"
# keep-sorted end # keep-sorted end
]) ])

2
modules/home-manager/bundles/gui.nix
View file

@ -6,7 +6,7 @@
imports = util.toImports ../features [ imports = util.toImports ../features [
# keep-sorted start # keep-sorted start
"alacritty" "alacritty"
"firefox" "librewolf"
"obsidian" "obsidian"
# "zen-browser" # "zen-browser"
# keep-sorted end # keep-sorted end

281
modules/home-manager/features/firefox.nix
View file

@ -12,6 +12,7 @@
"browser.aboutwelcome.enabled" = false; "browser.aboutwelcome.enabled" = false;
"browser.bookmarks.addedImportButton" = false; "browser.bookmarks.addedImportButton" = false;
"browser.bookmarks.restore_default_bookmarks" = false; "browser.bookmarks.restore_default_bookmarks" = false;
"browser.download.useDownloadDir" = true;
"browser.newtabpage.enabled" = false; "browser.newtabpage.enabled" = false;
"browser.safebrowsing.downloads.enabled" = false; "browser.safebrowsing.downloads.enabled" = false;
"browser.safebrowsing.malware.enabled" = false; "browser.safebrowsing.malware.enabled" = false;
@ -22,6 +23,8 @@
"browser.startup.homepage" = "chrome://browser/content/blanktab.html"; "browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.startup.page" = 3; "browser.startup.page" = 3;
"browser.tabs.groups.smart.userEnabled" = false; "browser.tabs.groups.smart.userEnabled" = false;
"browser.tabs.warnOnClose" = true;
"browser.tabs.warnOnOpen" = false;
"browser.toolbars.bookmarks.visibility" = "never"; "browser.toolbars.bookmarks.visibility" = "never";
"browser.urlbar.suggest.searches" = false; "browser.urlbar.suggest.searches" = false;
"datareporting.healthreport.uploadEnabled" = false; "datareporting.healthreport.uploadEnabled" = false;
@ -35,18 +38,20 @@
"network.trr.uri" = "https://firefox.dns.nextdns.io/"; "network.trr.uri" = "https://firefox.dns.nextdns.io/";
"privacy.annotate_channels.strict_list.enabled" = true; "privacy.annotate_channels.strict_list.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1; "privacy.bounceTrackingProtection.mode" = 1;
"privacy.clearOnShutdown_v2.formdata" = true;
"privacy.fingerprintingProtection" = true; "privacy.fingerprintingProtection" = true;
"privacy.globalprivacycontrol.enabled" = true; "privacy.globalprivacycontrol.enabled" = true;
"privacy.globalprivacycontrol.was_ever_enabled" = true; "privacy.globalprivacycontrol.was_ever_enabled" = true;
"privacy.history.custom" = false;
"privacy.query_stripping.enabled " = true; "privacy.query_stripping.enabled " = true;
"privacy.query_stripping.enabled.pbmode" = true; "privacy.query_stripping.enabled.pbmode" = true;
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.trackingprotection.allow_list.baseline.enabled" = true; "privacy.trackingprotection.allow_list.baseline.enabled" = true;
"privacy.trackingprotection.allow_list.convenience.enabled" = false; "privacy.trackingprotection.allow_list.convenience.enabled" = false;
"privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false; "privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false;
"privacy.trackingprotection.emailtracking.enabled" = true; "privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.enabled" = true; "privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true; "privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.engine.passwords" = false;
"sidebar.main.tools" = "syncedtabs,history,bookmarks"; "sidebar.main.tools" = "syncedtabs,history,bookmarks";
"sidebar.new-sidebar.has-used" = true; "sidebar.new-sidebar.has-used" = true;
"sidebar.position_start" = false; "sidebar.position_start" = false;
@ -86,144 +91,144 @@
# keep-sorted start block=yes # keep-sorted start block=yes
# sponsorblock # sponsorblock
"sponsorBlocker@ajay.app".settings = { "sponsorBlocker@ajay.app".settings = {
hideSegmentCreationInPopup = false; hideSegmentCreationInPopup = false;
autoSkipOnMusicVideosUpdate = true; autoSkipOnMusicVideosUpdate = true;
changeChapterColor = true; changeChapterColor = true;
autoSkipOnMusicVideos = false; autoSkipOnMusicVideos = false;
hideVideoPlayerControls = false; hideVideoPlayerControls = false;
useVirtualTime = true; useVirtualTime = true;
categoryPillColors = { }; categoryPillColors = { };
payments = { payments = {
chaptersAllowed = false; chaptersAllowed = false;
freeAccess = false; freeAccess = false;
lastCheck = 0; lastCheck = 0;
lastFreeCheck = 0; lastFreeCheck = 0;
licenseKey = null; licenseKey = null;
};
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
}; };
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
};
# ublock-origin # ublock-origin
"uBlock0@raymondhill.net".settings = { "uBlock0@raymondhill.net".settings = {
advancedUserEnabled = true; advancedUserEnabled = true;

1
modules/home-manager/features/lazygit.nix
View file

@ -5,6 +5,7 @@
programs.lazygit = { programs.lazygit = {
enable = true; enable = true;
settings = { settings = {
git.overrideGpg = true;
log = { log = {
localBranchSortOrder = "recency"; localBranchSortOrder = "recency";
remoteBranchSortOrder = "recency"; remoteBranchSortOrder = "recency";

255
modules/home-manager/features/librewolf.nix Normal file
View file

@ -0,0 +1,255 @@
{
pkgs,
...
}:
{
programs.librewolf = {
enable = true;
languagePacks = [ "en-GB" ];
profiles.will = {
settings = {
# keep-sorted start
"browser.aboutwelcome.enabled" = false;
"browser.bookmarks.addedImportButton" = false;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.download.useDownloadDir" = true;
"browser.newtabpage.enabled" = false;
"browser.safebrowsing.downloads.enabled" = false;
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.safebrowsing.remote.block_potentially_unwanted" = false;
"browser.safebrowsing.remote.block_uncommon" = false;
"browser.search.suggest.enabled" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.startup.page" = 3;
"browser.tabs.groups.smart.userEnabled" = false;
"browser.tabs.warnOnClose" = true;
"browser.tabs.warnOnOpen" = false;
"browser.toolbars.bookmarks.visibility" = "never";
"browser.urlbar.suggest.searches" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.usage.uploadEnabled" = false;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_ever_enabled" = true;
"extensions.formautofill.creditCards.enabled" = false;
"general.autoScroll" = true;
"identity.fxaccounts.enabled" = true;
"intl.locale.requested" = "en-GB";
"network.trr.mode" = 3;
"network.trr.uri" = "https://firefox.dns.nextdns.io/";
"privacy.annotate_channels.strict_list.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1;
"privacy.fingerprintingProtection" = true;
"privacy.globalprivacycontrol.enabled" = true;
"privacy.globalprivacycontrol.was_ever_enabled" = true;
"privacy.history.custom" = false;
"privacy.query_stripping.enabled " = true;
"privacy.query_stripping.enabled.pbmode" = true;
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.trackingprotection.allow_list.baseline.enabled" = true;
"privacy.trackingprotection.allow_list.convenience.enabled" = false;
"privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.engine.passwords" = false;
"sidebar.main.tools" = "syncedtabs,history,bookmarks";
"sidebar.new-sidebar.has-used" = true;
"sidebar.position_start" = false;
"sidebar.revamp" = true;
"sidebar.verticalTabs" = true;
"sidebar.verticalTabs.dragToPinPromo.dismissed" = true;
"signon.autofillForms" = false;
"signon.firefoxRelay.feature" = "disabled";
"signon.generation.enabled" = false;
"signon.management.page.breach-alerts.enabled" = false;
"signon.rememberSignons" = false;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
# keep-sorted end
};
search = {
default = "ddg";
privateDefault = "ddg";
engines = { };
order = [ ];
force = true;
};
extensions = {
force = true;
packages = with pkgs.nur.repos.rycee.firefox-addons; [
# keep-sorted start sticky_comments=no
# detect-cloudflare
bitwarden
dearrow
nixpkgs-pr-tracker
react-devtools
return-youtube-dislikes
sponsorblock
ublock-origin
# keep-sorted end
];
settings = {
# keep-sorted start block=yes
# sponsorblock
"sponsorBlocker@ajay.app".settings = {
hideSegmentCreationInPopup = false;
autoSkipOnMusicVideosUpdate = true;
changeChapterColor = true;
autoSkipOnMusicVideos = false;
hideVideoPlayerControls = false;
useVirtualTime = true;
categoryPillColors = { };
payments = {
chaptersAllowed = false;
freeAccess = false;
lastCheck = 0;
lastFreeCheck = 0;
licenseKey = null;
};
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
};
# ublock-origin
"uBlock0@raymondhill.net".settings = {
advancedUserEnabled = true;
selectedFilterLists = [
"user-filters"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-quick-fixes"
"ublock-unbreak"
"easylist"
"easyprivacy"
"adguard-spyware-url"
"urlhaus-1"
"plowe-0"
];
};
# keep-sorted end
};
};
};
};
}

5
modules/nixos/bundles/server.nix
View file

@ -34,5 +34,8 @@
# keep-sorted end # keep-sorted end
]; ];
services.borgmatic.settings.source_directories = [ "/srv" ]; services.borgbackup.jobs = {
onsite.paths = [ "/srv" ];
offsite.paths = [ "/srv" ];
};
} }

3
modules/nixos/default.nix
View file

@ -16,7 +16,6 @@
"nixvim" "nixvim"
"syncthing" "syncthing"
"systemd-boot" "systemd-boot"
"tailscale"
# keep-sorted end # keep-sorted end
]; ];
@ -61,7 +60,7 @@
ticker # stock ticker ticker # stock ticker
tldr # cheat sheets tldr # cheat sheets
tmpmail # temporary email address tmpmail # temporary email address
topydo # todo.txt helper tool # topydo # todo.txt helper tool
tt # typing test tt # typing test
wtfutil # terminal homepage wtfutil # terminal homepage
xh # curl xh # curl

57
modules/nixos/features/borgbackup.nix Normal file
View file

@ -0,0 +1,57 @@
{
config,
pkgs,
...
}:
let
jobConfig = {
compression = "auto,zlib";
doInit = false;
preHook = ''
/run/wrappers/bin/sudo -u postgres ${pkgs.postgresql}/bin/pg_dumpall > /srv/backup/database/postgres/dump.sql
'';
postHook = ''
rm /srv/backup/database/postgres/dump.sql
'';
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
yearly = 1;
};
readWritePaths = [
"/srv/backup"
];
startAt = "*-*-* 03:00:00";
extraCreateArgs = [ "-v" ];
};
in
{
services.borgbackup = {
jobs = {
onsite = {
encryption = {
passCommand = "cat ${config.age.secrets.borgbackup-onsite.path}";
mode = "repokey-blake2";
};
removableDevice = true;
repo = "/mnt/external/backup/take2";
}
// jobConfig;
offsite = {
encryption = {
passCommand = "cat ${config.age.secrets.borgbackup-offsite.path}";
mode = "repokey-blake2";
};
environment.BORG_RSH = "ssh -i /home/srv/.ssh/id_ed25519";
repo = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
}
// jobConfig;
};
};
age.secrets = {
borgbackup-onsite.file = ../../../secrets/borgbackup-onsite.age;
borgbackup-offsite.file = ../../../secrets/borgbackup-offsite.age;
};
}

4
modules/nixos/features/borgmatic.nix
View file

@ -42,12 +42,10 @@
{ {
path = "/mnt/external/backup/repo"; path = "/mnt/external/backup/repo";
label = "onsite"; label = "onsite";
# encryption = "repokey-blake2";
} }
{ {
path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo"; path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
label = "offsite"; label = "offsite";
# encryption = "repokey-blake2";
} }
]; ];
retries = 3; retries = 3;
@ -75,8 +73,6 @@
"borgmatic-pg:${config.age.secrets.borgmatic-pg.path}" "borgmatic-pg:${config.age.secrets.borgmatic-pg.path}"
]; ];
# onsite drive
# secrets # secrets
age.secrets = { age.secrets = {
"borgmatic".file = ../../../secrets/borgmatic.age; "borgmatic".file = ../../../secrets/borgmatic.age;

7
modules/nixos/features/firefly.nix
View file

@ -24,13 +24,6 @@ in
}; };
}; };
borgmatic.settings.sqlite_databases = [
{
name = "firefly";
path = "/srv/firefly/storage/database/database.sqlite";
}
];
caddy.virtualHosts."firefly.fi33.buzz".extraConfig = '' caddy.virtualHosts."firefly.fi33.buzz".extraConfig = ''
root * ${config.services.firefly-iii.package}/public root * ${config.services.firefly-iii.package}/public
php_fastcgi unix//${config.services.phpfpm.pools.firefly-iii.socket} php_fastcgi unix//${config.services.phpfpm.pools.firefly-iii.socket}

9
modules/nixos/features/immich.nix
View file

@ -27,15 +27,6 @@ in
} }
]; ];
borgmatic.settings.postgresql_databases = [
{
name = "immich";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem { tls ${certloc}/cert.pem ${certloc}/key.pem {

21
modules/nixos/features/mealie.nix
View file

@ -1,5 +1,5 @@
{ {
config, pkgs,
... ...
}: }:
let let
@ -34,17 +34,14 @@ in
} }
]; ];
# borgmatic.settings = { borgbackup.jobs = {
# source_directories = [ ]; onsite = {
# postgresql_databases = [ paths = [ "/var/lib/mealie" ];
# { };
# name = "mealie"; offsite = {
# hostname = "localhost"; paths = [ "/var/lib/mealie" ];
# username = "root"; };
# password = "{credential systemd borgmatic-pg}"; };
# }
# ];
# };
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}

9
modules/nixos/features/miniflux.nix
View file

@ -34,15 +34,6 @@ in
} }
]; ];
borgmatic.settings.postgresql_databases = [
{
name = "miniflux";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem { tls ${certloc}/cert.pem ${certloc}/key.pem {

9
modules/nixos/features/ntfy-sh.nix
View file

@ -20,11 +20,9 @@ in
auth-default-access = "deny-all"; auth-default-access = "deny-all";
auth-users = [ auth-users = [
"Debit3885:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:admin" "Debit3885:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:admin"
"borgmatic:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:user"
"gatus:$2a$12$OswG3sB8oDaB.KpawKM3P.78dID.Tj/0y5qeVD5BE6EH5bpGKe.na:user" "gatus:$2a$12$OswG3sB8oDaB.KpawKM3P.78dID.Tj/0y5qeVD5BE6EH5bpGKe.na:user"
]; ];
auth-access = [ auth-access = [
"borgmatic:backups:wo"
"gatus:services:wo" "gatus:services:wo"
]; ];
}; };
@ -44,10 +42,9 @@ in
} }
]; ];
borgmatic.settings = { borgbackup.jobs = {
source_directories = [ onsite.paths = [ "/var/lib/ntfy-sh" ];
"/var/lib/ntfy-sh/user.db" offsite.paths = [ "/var/lib/ntfy-sh" ];
];
}; };
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''

11
modules/nixos/features/paperless.nix
View file

@ -36,17 +36,6 @@ in
} }
]; ];
borgmatic.settings = {
postgresql_databases = [
{
name = "paperless";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem { tls ${certloc}/cert.pem ${certloc}/key.pem {

13
modules/nixos/features/prowlarr.nix
View file

@ -1,3 +1,7 @@
{
pkgs,
...
}:
let let
port = 5009; port = 5009;
certloc = "/var/lib/acme/fi33.buzz"; certloc = "/var/lib/acme/fi33.buzz";
@ -28,7 +32,14 @@ in
} }
]; ];
borgmatic.settings.source_directories = [ "/var/lib/prowlarr" ]; borgbackup.jobs = {
onsite = {
paths = [ "/var/lib/prowlarr" ];
};
offsite = {
paths = [ "/var/lib/prowlarr" ];
};
};
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}

12
modules/nixos/features/syncthing.nix
View file

@ -73,16 +73,20 @@ in
} }
]; ];
borgmatic.settings = borgbackup.jobs =
if userName == "srv" then if userName == "srv" then
{ {
source_directories = [ onsite.paths = [
"/home/srv/.config/syncthing" "/home/srv/.config/syncthing"
"/home/srv/Sync" "/home/srv/Sync/"
];
offsite.paths = [
"/home/srv/.config/syncthing"
"/home/srv/Sync/"
]; ];
} }
else else
null; { };
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy http://localhost:${toString port} reverse_proxy http://localhost:${toString port}

15
modules/templates/web-feature.nix
View file

@ -25,17 +25,10 @@ in
} }
]; ];
# borgmatic.settings = { borgbackup.jobs = {
# source_directories = [ ]; onsite.paths = [ "" ];
# postgresql_databases = [ offsite.paths = [ "" ];
# { };
# name = "feature";
# hostname = "localhost";
# username = "root";
# password = "{credential systemd borgmatic-pg}";
# }
# ];
# };
caddy.virtualHosts.${hostname}.extraConfig = '' caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port} reverse_proxy localhost:${toString port}

9
secrets/borgbackup-offsite.age Normal file
View file

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 qLT+DQ NuEGxxieL0H7mUFKft+fuH1jd0XFDf3xESLrVcb9GAg
KxJcj9P/+cr63TmqEIPwfykz07luqe9VLRLzs3CWx9Y
-> ssh-ed25519 NanIwQ HRHMV4jFn7vJVHd6gFqcOTA14VI6+QaITXMpZbeGoDg
aANuHXv4O1KKwPCClatphXgWDFnsCy/AoQJT0+D560o
-> ssh-ed25519 LtK9yQ NHLTdStEdoXSGKxoz4/gR+oT9bLq8wwz4XRHS2rd9Xo
lndB74KBkWrfNuZyuQufl35lQIPNqbppLfSZRerIDaA
--- dro8ECdWcFtleQv5nffX/Wh97w/FGXQZwSIjPE9WIX8
8…ƒÄRé#ÇÉç;ÒrpEÚ÷hȾW8-.ÿ é `OÎW¸']Úk§JdõC žÛï.ÿÆßT)Nø_ÅkqüëÕ_=Ï°ç

9
secrets/borgbackup-onsite.age Normal file
View file

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 qLT+DQ 3UW3CErZDv6UkjXJZldymqYmmJoQcbSjVX4IUX7KRn8
pnbegKpKiNW8QY9rD7pD1mrhOSdD+cxUxcNKtLM5uOQ
-> ssh-ed25519 NanIwQ qAl2RheS1lTOU60xeodc4/WvyzYRGiWR+55QvsVE5H0
j/UoLITpRpMF2t0J/Y0zL0kAgz5nJ02I/nwUp+pEowg
-> ssh-ed25519 LtK9yQ sbldK/F2u6MMgIR8F6c5ZFkMesq+GHKRmlqt3n6L2yw
GTSzhGfj+Shg+MQ3hde12pKi6zfeGNw6RXwSAoGyaak
--- 6WmdTjpwgwb6/1o06i5xtvnOQcvNztwpBmvH/9wYbmo
K®öò<EFBFBD>°^¼Ñ­þ¢Ubù|œ:m@*Þ±Žö<>ÚСg1ž>)±–Çã«ÚqëÐs,n{™ DdvÅöÉœÿEuH<j4Ëì

9
secrets/borgmatic-pg.age
View file

@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 qLT+DQ C3A3TKOyIWzbW8JupvhTmLKetnr+0uzkPq985NA0DCs
ahrHVR7WadjOfOXBWOqBAf9L0UdCNeD0Ynk6sKDF7WM
-> ssh-ed25519 7+xRyQ evZ6zSS3olbORnqiCnEAL68D1FNPgg2oBoJSaquLAAA
BYoo9AVOHsRsTbXkRQdS/7WN25vBuJOAb0YfnSY+hGQ
-> ssh-ed25519 LtK9yQ jLIdKPvVhPsRIJevWLmads3P2hM29c0B143OWoINzlY
ziCUQ1TtB6BUgbNZ/zFXoaOtpxyrbKobsTvXo/dSpSA
--- Q6JHS+5vuYLIqyIb6x3qCbIJvsjk2++ovL1zkVGs69o
<EFBFBD>ã쇽NM1±WBýy•M.ù²ø-Ø|GlºÈ]¡8Z,(5è±²P¶èè!ÿpmp¡¢°Eaû¤;<3B>Ôâ¿Ä(tq!ÊKÕU4×m

9
secrets/borgmatic.age
View file

@ -1,9 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 qLT+DQ zfLZc8A30KjoMrhUSl4OgTp+Yg11fmVjDioxtIYMqDU
URhJwUCElaJcSd+k5wBQAXvdC/68ZcCA5WbHGAJTYfY
-> ssh-ed25519 7+xRyQ mrGrjW0fQIRNMDdw4Hoc9N/xAEm1P0IFukShfeVdKE8
yLUmj7LBfHQ/i4buBB57ktNUOnHpoC8NYTQUnK5e5y4
-> ssh-ed25519 LtK9yQ THjOsSIr/DQTulFlwd4r5DYb73VQ0vWgyDHkfJV3NR0
Dl8FwK1WciiEMs5MdrFcUIOFGmlbZf3APOWzLN6rkOE
--- 3mjYPT9APy0F5NNbbCIQhzZ0XjKBtB9YGGS3t37eoRU
ôT^væ—U‹§òÏ{™>[÷õ¦dhé§PC6þZ|é£ûýK|~lÝ<6C>bŒÀD¢ûÖÙt”΄¨ø]¨1P$ø10¨ ¿ïAý±$

5
secrets/secrets.nix
View file

@ -15,9 +15,8 @@ let
in in
{ {
# keep-sorted start # keep-sorted start
"borgmatic-ntfy.age".publicKeys = users; "borgbackup-offsite.age".publicKeys = users;
"borgmatic-pg.age".publicKeys = users; "borgbackup-onsite.age".publicKeys = users;
"borgmatic.age".publicKeys = users;
"copyparty.age".publicKeys = users; "copyparty.age".publicKeys = users;
"gatus.age".publicKeys = users; "gatus.age".publicKeys = users;
"git_signing_key.age".publicKeys = users; "git_signing_key.age".publicKeys = users;