From 6d16b93530d6bb2c1a20f6d5491e0453a0edd368 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Sun, 7 Jul 2024 14:03:52 +0200 Subject: [PATCH] zaatar died, move hass and restic to tahina --- configs/zsh.nix | 2 +- lib/default.nix | 2 +- secrets | 2 +- systems/makanek/monitoring/default.nix | 8 +- systems/{zaatar => tahina}/atuin.nix | 0 systems/{zaatar => tahina}/backup.nix | 0 systems/tahina/configuration.nix | 78 +++++++++---------- systems/{zaatar => tahina}/home-assistant.nix | 5 +- 8 files changed, 48 insertions(+), 49 deletions(-) rename systems/{zaatar => tahina}/atuin.nix (100%) rename systems/{zaatar => tahina}/backup.nix (100%) rename systems/{zaatar => tahina}/home-assistant.nix (88%) diff --git a/configs/zsh.nix b/configs/zsh.nix index 8ec7c00..c163dd6 100644 --- a/configs/zsh.nix +++ b/configs/zsh.nix @@ -11,7 +11,7 @@ environment.variables.ATUIN_CONFIG_DIR = toString (pkgs.writeTextDir "/config.toml" '' auto_sync = true update_check = false - sync_address = "http://zaatar.r:8888" + sync_address = "http://tahina.r:8888" sync_frequency = 0 style = "compact" ''); diff --git a/lib/default.nix b/lib/default.nix index fb01bbf..71b6e02 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -11,7 +11,7 @@ restic = rec { port = 3571; - host = "zaatar.r"; + host = "tahina.r"; repository = "rest:http://${host}:${toString port}/"; }; diff --git a/secrets b/secrets index ecdc95a..0fe6463 160000 --- a/secrets +++ b/secrets @@ -1 +1 @@ -Subproject commit ecdc95abf8eb321d3a57341fc7da449614b31bad +Subproject commit 0fe64633aeb7ac8dee086865d94121a6db17348e diff --git a/systems/makanek/monitoring/default.nix b/systems/makanek/monitoring/default.nix index 68d8013..aa216c2 100644 --- a/systems/makanek/monitoring/default.nix +++ b/systems/makanek/monitoring/default.nix @@ -317,12 +317,12 @@ in { ]; } { - job_name = "zaatar"; + job_name = "tahina"; static_configs = [ { targets = [ - "zaatar.r:${toString config.services.prometheus.exporters.node.port}" - "zaatar.r:${toString restic.port}" + "tahina.r:${toString config.services.prometheus.exporters.node.port}" + "tahina.r:${toString restic.port}" ]; } ]; @@ -332,7 +332,7 @@ in { scrape_interval = "60s"; metrics_path = "/api/prometheus"; scheme = "http"; - static_configs = [{targets = ["zaatar.r:8123"];}]; + static_configs = [{targets = ["tahina.r:8123"];}]; bearer_token_file = config.age.secrets.home-assistant-token.path; } { diff --git a/systems/zaatar/atuin.nix b/systems/tahina/atuin.nix similarity index 100% rename from systems/zaatar/atuin.nix rename to systems/tahina/atuin.nix diff --git a/systems/zaatar/backup.nix b/systems/tahina/backup.nix similarity index 100% rename from systems/zaatar/backup.nix rename to systems/tahina/backup.nix diff --git a/systems/tahina/configuration.nix b/systems/tahina/configuration.nix index aaa90ef..8df0936 100644 --- a/systems/tahina/configuration.nix +++ b/systems/tahina/configuration.nix @@ -3,15 +3,22 @@ pkgs, ... }: let - inherit (import ../../lib) retiolumAddresses; + inherit (import ../../lib) retiolumAddresses restic; in { imports = [ ./hardware-configuration.nix + ./home-assistant.nix + ./backup.nix + ./atuin.nix ../../configs/spacetime.nix ../../configs/sshd.nix + ../../configs/printing.nix + ../../configs/monitoring.nix + ../../configs/tmux.nix ../../configs/retiolum.nix ../../configs/nix.nix ../../configs/admin-essentials.nix + ../../configs/wpa_supplicant.nix ]; age.secrets = { @@ -27,47 +34,40 @@ in { owner = "tinc-retiolum"; group = "tinc-retiolum"; }; - }; - - console.keyMap = "de"; - i18n.defaultLocale = "de_DE.UTF-8"; - services.xserver = { - layout = "de"; - libinput.enable = true; - }; - - users.users.xenos = { - name = "xenos"; - password = "xenos"; - isNormalUser = true; - extraGroups = ["networkmanager"]; - }; - - services.xserver = { - enable = true; - desktopManager.pantheon.enable = true; - displayManager = { - lightdm = { - enable = true; - greeters.pantheon.enable = true; - }; - autoLogin = { - enable = true; - user = "xenos"; - }; + restic = { + file = ../../secrets/restic.age; + mode = "400"; + owner = "restic"; + group = "restic"; }; }; - boot.plymouth.enable = true; - environment.systemPackages = [ - pkgs.libreoffice - pkgs.gimp - pkgs.inkscape - pkgs.firefox - pkgs.audacity - pkgs.pidgin - pkgs.git - ]; + services.restic.backups.niveum = { + initialize = true; + inherit (restic) repository; + timerConfig = { + OnCalendar = "daily"; + RandomizedDelaySec = "1h"; + }; + passwordFile = config.age.secrets.restic.path; + paths = [ + "/var/lib/moodle-dl" + "/var/lib/containers/storage/volumes/home-assistant" + config.services.postgresqlBackup.location + ]; + }; + + services.logind = { + lidSwitch = "ignore"; + lidSwitchDocked = "ignore"; + lidSwitchExternalPower = "ignore"; + suspendKey = "ignore"; + suspendKeyLongPress = "ignore"; + hibernateKey = "ignore"; + hibernateKeyLongPress = "ignore"; + }; + + services.illum.enable = true; networking = { useDHCP = false; diff --git a/systems/zaatar/home-assistant.nix b/systems/tahina/home-assistant.nix similarity index 88% rename from systems/zaatar/home-assistant.nix rename to systems/tahina/home-assistant.nix index d916ccc..7ce601f 100644 --- a/systems/zaatar/home-assistant.nix +++ b/systems/tahina/home-assistant.nix @@ -1,10 +1,9 @@ {config, ...}: let port = 8123; inherit (import ../../lib) restic; - influxPort = 9100; - volumeName = "home-assistant.bak"; + volumeName = "home-assistant"; in { - networking.firewall.allowedTCPPorts = [port influxPort]; + networking.firewall.allowedTCPPorts = [port]; services.nginx.virtualHosts."home.kmein.r" = { locations."/" = {