nix fmt

2024-02-08 20:53:22 +01:00 · 2024-02-08 20:53:22 +01:00 · 7137e93805
commit 7137e93805
parent a9218a80e6
49 changed files with 2034 additions and 2002 deletions
--- a/nix/os/devices/sj-srv1/system.nix
+++ b/nix/os/devices/sj-srv1/system.nix
@ -1,12 +1,11 @@
-{ pkgs
-, lib
-, config
-, repoFlake
-, nodeName
-, ...
-}:
-
 {
+  pkgs,
+  lib,
+  config,
+  repoFlake,
+  nodeName,
+  ...
+}: {
  imports = [
    ../../snippets/systemd-resolved.nix
  ];
@ -28,52 +27,50 @@

  networking.nat = {
    enable = true;
-    internalInterfaces = [ "ve-*" ];
+    internalInterfaces = ["ve-*"];
    externalInterface = "eth0";
  };

  # virtualization
-  virtualisation = { docker.enable = false; };
+  virtualisation = {docker.enable = false;};

-  nix.gc = { automatic = true; };
+  nix.gc = {automatic = true;};

  sops.secrets.restic-password.sopsFile = ../../../../secrets/${nodeName}/secrets.yaml;

  # adapted from https://github.com/lilyinstarlight/foosteros/blob/5c75ded111878970fd4f600c7adc013f971d5e71/config/restic.nix
-  services.restic.backups.${nodeName} =
-    let
-      btrfs = "${pkgs.btrfs-progs}/bin/btrfs";
-    in
-    {
-      initialize = true;
-      repository = "sftp://u217879-sub3@u217879-sub3.your-storagebox.de:23/restic/${nodeName}";
+  services.restic.backups.${nodeName} = let
+    btrfs = "${pkgs.btrfs-progs}/bin/btrfs";
+  in {
+    initialize = true;
+    repository = "sftp://u217879-sub3@u217879-sub3.your-storagebox.de:23/restic/${nodeName}";

-      paths = [
-        "/backup"
-      ];
+    paths = [
+      "/backup"
+    ];

-      pruneOpts = [
-        "--keep-daily 7"
-        "--keep-weekly 5"
-        "--keep-monthly 12"
-        "--keep-yearly 2"
-      ];
+    pruneOpts = [
+      "--keep-daily 7"
+      "--keep-weekly 5"
+      "--keep-monthly 12"
+      "--keep-yearly 2"
+    ];

-      timerConfig = {
-        OnCalendar = lib.mkDefault "daily";
-        Persistent = true;
-      };
-
-      passwordFile = config.sops.secrets.restic-password.path;
-
-      backupPrepareCommand = ''
-        ${btrfs} su snapshot -r /var/lib/container-volumes /backup/container-volumes
-      '';
-      backupCleanupCommand = ''
-        ${btrfs} su delete /backup/container-volumes
-      '';
+    timerConfig = {
+      OnCalendar = lib.mkDefault "daily";
+      Persistent = true;
    };

+    passwordFile = config.sops.secrets.restic-password.path;
+
+    backupPrepareCommand = ''
+      ${btrfs} su snapshot -r /var/lib/container-volumes /backup/container-volumes
+    '';
+    backupCleanupCommand = ''
+      ${btrfs} su delete /backup/container-volumes
+    '';
+  };
+
  containers = {
    mailserver = import ../../containers/mailserver.nix {
      inherit repoFlake;
@ -89,17 +86,17 @@

    webserver =
      import ../../containers/webserver.nix
-        {
-          inherit repoFlake;
+      {
+        inherit repoFlake;

-          autoStart = true;
+        autoStart = true;

-          hostAddress = "192.168.100.12";
-          localAddress = "192.168.100.13";
+        hostAddress = "192.168.100.12";
+        localAddress = "192.168.100.13";

-          httpPort = 80;
-          httpsPort = 443;
-        };
+        httpPort = 80;
+        httpsPort = 443;
+      };

    syncthing = import ../../containers/syncthing.nix {
      autoStart = true;