nixos/hosts/db-mdb11/default.nix

{
  config,
  lib,
  pkgs,
  pkgsUnstable,
  inputs,
  ...
}:
{
  network.routingType = "dynamic";
  network.hardwareAddress = "BC:24:11:27:01:4B";
  network.staticAddresses = [
    "/24"
    "/64"
  ];
  qemu.enable = true;
  spice.enable = true;

  dbserver-mariadb = {
    enable = true;
  };

  sops.secrets."borgmatic_pass/local" = { };
  sops.secrets."borgmatic_pass/remote" = { };
  sops.secrets."mariadb_databases/bookstack" = { };
  sops.secrets."mariadb_databases/hortusfox" = { };

  services.borgmatic = {
    enable = true;
    enableConfigCheck = true;

    configurations = {
      local = {
        repositories = [
          {
            label = "local";
            path = "ssh://borg@borg-01.tail755c5.ts.net/./";
          }
        ];
        encryption_passcommand = ''cat ${config.sops.secrets."borgmatic_pass/local".path}'';

        mariadb_databases = [
          {
            name = "bookstackapp";
            username = "bookstack";
            password = ''{credential file ${config.sops.secrets."mariadb_databases/bookstack".path}}'';
          }
          {
            name = "hortusfox";
            username = "hortusfox";
            password = ''{credential file ${config.sops.secrets."mariadb_databases/hortusfox".path}}'';
          }
        ];

        keep_daily = 7;
        keep_weekly = 4;
        keep_monthly = 12;
        keep_yearly = 3;

        unknown_unencrypted_repo_access_is_ok = false;

        ssh_command = "ssh -i /etc/ssh/ssh_host_ed25519_key";

        healthchecks = {
          ping_url = "https://hc.its-et.me/ping/PlGPBqq-0rLI4N4ya3jYmg/backup-databases-db-mdb11";
        };
      };
    };
  };

  base.userSSHKeys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDyi9TFKaEVrO4Gl7/t47PERjOiN3WHMD29UgZV5gm4G etorres@xenon"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPWS4JI7h2B89m8bFT4CUzNmWViVy74CLDQXdhgxVnBk etorres@radon"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE3hrHq0AgKTJ3Pvu6/wC0LbroKbIMGbTNrWdCG/YIM/ etorres@erics-mac"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkmFY7Z1OQMTQGDfIpu3FLCWB6pTGZV6ijV0zUSNOVX etorres@iphone"
  ];
}