emelie/nix-deploy
1
0
Fork 0
Code Issues 1 Pull requests 1 Projects Releases Wiki Activity

Restructure folders

Browse source
This commit is contained in:
Emelie Graven 2021-12-18 09:48:12 +01:00
parent 76edda7833
commit bb394d63a6
Signed by: emelie
GPG key ID: C11123726DBB55A1
79 changed files with 7 additions and 331 deletions
Download patch file Download diff file Expand all files Collapse all files

9
config/hosts/rudiger/services/acme.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, ... }:
{
security.acme = {
acceptTerms = true;
email = "admin+certs@graven.dev";
};
}

22
config/hosts/rudiger/services/nextcloud.nix Normal file
View file

@ -0,0 +1,22 @@
{ config, pkgs, ... }:
{
services.nextcloud = {
enable = true;
hostName = "cloud.graven.dev";
https = true;
package = pkgs.nextcloud22;
autoUpdateApps.enable = true;
maxUploadSize = "10G";
webfinger = true;
caching.redis = true;
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
defaultPhoneRegion = "DK";
adminpassFile = builtins.toString config.secrets.files.nc_admin_pass.file;
adminuser = "root";
};
};
}

8
config/hosts/rudiger/services/nginx.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
imports = [ ../../../common/services/nginx.nix ];
services.nginx.virtualHosts."cloud.graven.dev" = {
enableACME = true;
forceSSL = true;
};
}

21
config/hosts/rudiger/services/postgres.nix Normal file
View file

@ -0,0 +1,21 @@
{ ... }:
{
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{ name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};
services.postgresqlBackup = {
enable = true;
location = "/var/lib/postgresql/backup";
databases = [ "synapse" ];
startAt = "02:30";
compression = "none";
};
}

10
config/hosts/rudiger/services/redis.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
services.redis = {
enable = true;
unixSocket = "/run/redis/redis.sock";
vmOverCommit = true;
unixSocketPerm = 770;
#requirePassfile = config.secrets.files.redis_pass.file;
};
}

26
config/hosts/rudiger/services/restic.nix Normal file
View file

@ -0,0 +1,26 @@
{ config, ... }:
{
services.restic.backups = {
"postgres" = {
paths = [ "/var/lib/postgresql/backup" ];
repository = "sftp:restic@despondos.nao.sh:/etheria/backup/rudiger/postgres";
initialize = true;
pruneOpts = [ "--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ];
timerConfig = { "OnCalendar" = "04:15"; };
extraOptions = [ "sftp.command='ssh restic@despondos.nao.sh -i ${config.secrets.files.ssh_key.file} -s sftp'" ];
passwordFile = builtins.toString config.secrets.files.restic_pass.file;
user = "postgres";
};
"nextcloud" = {
paths = [ "/var/lib/nextcloud/data" ];
repository = "sftp:restic@despondos.nao.sh:/etheria/backup/rudiger/nextcloud";
initialize = true;
pruneOpts = [ "--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ];
timerConfig = { "OnCalendar" = "04:30"; };
extraOptions = [ "sftp.command='ssh restic@despondos.nao.sh -i ${config.secrets.files.ssh_key.file} -s sftp'" ];
passwordFile = builtins.toString config.secrets.files.restic_pass.file;
user = "nextcloud";
};
};
}