etorres/nixos
0
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2a4246e8668b587e60b04998df3be98bed4281e0
nixos/hosts/db-pg17/default.nix

120 lines
3.7 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
pkgsUnstable,
inputs,
...
}:
{
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
network-dhcp = {
enable = true;
hardwareAddress = "BC:24:11:15:D0:D4";
};
qemu.enable = true;
spice.enable = true;
dbserver-postgresql = {
enable = true;
};
sops.secrets = {
"borgmatic_pass/local" = { };
"borgmatic_pass/remote" = { };
"postgres_databases/gitea" = { };
"postgres_databases/grafana" = { };
"postgres_databases/immich" = { };
"postgres_databases/linkwarden" = { };
"postgres_databases/lubelogger" = { };
"postgres_databases/mealie" = { };
"postgres_databases/miniflux" = { };
"postgres_databases/paperless" = { };
"postgres_databases/peppermint" = { };
"postgres_databases/vikunja" = { };
};
borg-config = {
enable = true;
backupLabel = "postgresql";
localRepoPath = "ssh://borg@borg-01.tail755c5.ts.net/./";
remoteRepoPath = "ssh://fm1833@fm1833.rsync.net/./databases/db-pg17";
hcPingUrlLocal = "https://hc.its-et.me/ping/PlGPBqq-0rLI4N4ya3jYmg/backup-databases-db-pg17";
hcPingUrlRemote = "https://hc.its-et.me/ping/PlGPBqq-0rLI4N4ya3jYmg/backup-databases-db-pg17-remote";
postgresqlDatabases = [
{
name = "gitea";
username = "gitea";
password = ''{credential file ${config.sops.secrets."postgres_databases/gitea".path}}'';
hostname = "127.0.0.1";
}
{
name = "grafana";
username = "grafana";
password = ''{credential file ${config.sops.secrets."postgres_databases/grafana".path}}'';
hostname = "127.0.0.1";
}
{
name = "immich";
username = "immich";
password = ''{credential file ${config.sops.secrets."postgres_databases/immich".path}}'';
hostname = "127.0.0.1";
}
{
name = "linkwarden";
username = "linkwarden";
password = ''{credential file ${config.sops.secrets."postgres_databases/linkwarden".path}}'';
hostname = "127.0.0.1";
}
{
name = "lubelogger";
username = "lubelogger";
password = ''{credential file ${config.sops.secrets."postgres_databases/lubelogger".path}}'';
hostname = "127.0.0.1";
}
{
name = "mealie";
username = "mealie";
password = ''{credential file ${config.sops.secrets."postgres_databases/mealie".path}}'';
hostname = "127.0.0.1";
}
{
name = "miniflux";
username = "miniflux";
password = ''{credential file ${config.sops.secrets."postgres_databases/miniflux".path}}'';
hostname = "127.0.0.1";
}
{
name = "paperless";
username = "paperless";
password = ''{credential file ${config.sops.secrets."postgres_databases/paperless".path}}'';
hostname = "127.0.0.1";
}
{
name = "peppermint";
username = "peppermint";
password = ''{credential file ${config.sops.secrets."postgres_databases/peppermint".path}}'';
hostname = "127.0.0.1";
}
{
name = "vikunja";
username = "vikunja";
password = ''{credential file ${config.sops.secrets."postgres_databases/vikunja".path}}'';
hostname = "127.0.0.1";
}
];
};
base.userSSHKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDyi9TFKaEVrO4Gl7/t47PERjOiN3WHMD29UgZV5gm4G etorres@xenon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPWS4JI7h2B89m8bFT4CUzNmWViVy74CLDQXdhgxVnBk etorres@radon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE3hrHq0AgKTJ3Pvu6/wC0LbroKbIMGbTNrWdCG/YIM/ etorres@erics-mac"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPkmFY7Z1OQMTQGDfIpu3FLCWB6pTGZV6ijV0zUSNOVX etorres@iphone"
];
}
Reference in New Issue View Git Blame Copy Permalink