2024-08-11 08:29:46 -05:00
|
|
|
{
|
2024-11-28 19:15:05 -06:00
|
|
|
config,
|
2024-08-11 08:29:46 -05:00
|
|
|
enabled,
|
|
|
|
enableAttrs,
|
2024-08-12 11:39:14 -05:00
|
|
|
listify,
|
2024-08-11 08:29:46 -05:00
|
|
|
...
|
|
|
|
}:
|
2024-01-23 11:51:13 -06:00
|
|
|
{
|
2024-03-19 08:56:51 -05:00
|
|
|
oizys = {
|
2024-05-06 15:30:10 -05:00
|
|
|
rune.motd = enabled;
|
2024-08-12 11:39:14 -05:00
|
|
|
languages = "nim|node|python|nushell" |> listify;
|
|
|
|
} // ("docker|backups|nix-ld" |> listify |> enableAttrs);
|
2024-01-23 15:50:42 -06:00
|
|
|
|
2024-01-23 11:51:13 -06:00
|
|
|
services.restic.backups.gdrive = {
|
|
|
|
# directories created by gitea and soft-serve aren't world readable
|
|
|
|
user = "root";
|
|
|
|
rcloneConfigFile = "/home/daylin/.config/rclone/rclone.conf";
|
|
|
|
repository = "rclone:g:archives/algiz";
|
2024-11-28 19:15:05 -06:00
|
|
|
# passwordFile = "/home/daylin/.config/restic/algiz-pass";
|
|
|
|
passwordFile = config.sops.secrets.restic-algiz.path;
|
2024-05-06 14:32:00 -05:00
|
|
|
paths = [
|
|
|
|
"/home/daylin/services/git/"
|
|
|
|
"/home/daylin/services/gotosocial/"
|
2024-07-08 12:29:16 -05:00
|
|
|
"/home/daylin/services/caddy/"
|
|
|
|
"/home/daylin/services/wedding-website/"
|
2024-05-06 14:32:00 -05:00
|
|
|
];
|
2024-01-23 11:51:13 -06:00
|
|
|
};
|
|
|
|
|
2024-08-11 08:29:46 -05:00
|
|
|
# git user handles the forgjo ssh authentication
|
|
|
|
users.users.git.isNormalUser = true;
|
2024-11-28 19:15:05 -06:00
|
|
|
|
|
|
|
sops = {
|
|
|
|
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
|
|
defaultSopsFile = ./secrets.yaml;
|
|
|
|
# by default is accessible only by root:root which should work with above service
|
|
|
|
secrets.restic-algiz = { };
|
|
|
|
};
|
2024-01-23 11:51:13 -06:00
|
|
|
}
|