Compare commits
2 Commits
a8b084628f
...
29da5a77c8
| Author | SHA1 | Date | |
|---|---|---|---|
| 29da5a77c8 | |||
| 9bb1d93db7 |
32
flake.nix
32
flake.nix
@ -131,37 +131,7 @@
|
||||
|
||||
packages = nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let
|
||||
pkgs = localNixpkgs.${system};
|
||||
in {
|
||||
inherit (pkgs)
|
||||
clerie-backup
|
||||
clerie-keys
|
||||
clerie-system-remote-install
|
||||
clerie-system-upgrade
|
||||
clerie-merge-nixfiles-update
|
||||
clerie-update-nixfiles
|
||||
clerie-sops
|
||||
clerie-sops-config
|
||||
clerie-sops-edit
|
||||
chromium-incognito
|
||||
factorio-launcher
|
||||
git-checkout-github-pr
|
||||
git-diff-word
|
||||
git-pp
|
||||
git-show-link
|
||||
harmonia
|
||||
iot-data
|
||||
nix-remove-result-links
|
||||
nixfiles-auto-install
|
||||
nixfiles-generate-config
|
||||
nixfiles-generate-backup-secrets
|
||||
nixfiles-update-ssh-host-keys
|
||||
print-afra
|
||||
run-with-docker-group
|
||||
ssh-gpg
|
||||
update-from-hydra
|
||||
uptimestatus
|
||||
xmppc;
|
||||
});
|
||||
in builtins.mapAttrs (name: value: pkgs."${name}") (import ./pkgs/pkgs.nix));
|
||||
|
||||
inherit lib self;
|
||||
|
||||
|
||||
@ -1,44 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
cb-mount = pkgs.writeScriptBin "cb-mount" ''
|
||||
#!${pkgs.bash}/bin/bash
|
||||
|
||||
DEVICE=/dev/disk/by-path/pci-0000:00:12.0-ata-2-part1
|
||||
|
||||
${pkgs.cryptsetup}/bin/cryptsetup luksOpen ''${DEVICE} external-drive
|
||||
mkdir -p /mnt/external-drive
|
||||
mount /dev/mapper/external-drive /mnt/external-drive
|
||||
|
||||
mkdir -p /mnt/external-drive/clerie-backup
|
||||
chown borg:borg -R /mnt/external-drive/clerie-backup
|
||||
'';
|
||||
|
||||
cb-unmount = pkgs.writeScriptBin "cb-unmount" ''
|
||||
#!${pkgs.bash}/bin/bash
|
||||
|
||||
umount /mnt/external-drive
|
||||
${pkgs.cryptsetup}/bin/cryptsetup luksClose external-drive
|
||||
'';
|
||||
|
||||
cb-prepare = pkgs.writeScriptBin "cb-prepare" ''
|
||||
echo "Formatting disk"
|
||||
sgdisk -Z /dev/disk/by-path/pci-0000:00:12.0-ata-2
|
||||
sgdisk -N 1 /dev/disk/by-path/pci-0000:00:12.0-ata-2
|
||||
partprobe /dev/disk/by-path/pci-0000:00:12.0-ata-2
|
||||
|
||||
echo "Creating encrypted partition"
|
||||
${pkgs.cryptsetup}/bin/cryptsetup luksFormat -c aes-xts-plain64 --hash=sha256 -s 256 /dev/disk/by-path/pci-0000:00:12.0-ata-2-part1
|
||||
|
||||
echo "Opening encrypted partition"
|
||||
${pkgs.cryptsetup}/bin/cryptsetup luksOpen /dev/disk/by-path/pci-0000:00:12.0-ata-2-part1 external-drive
|
||||
|
||||
echo "Creating file system"
|
||||
mkfs.ext4 /dev/mapper/external-drive
|
||||
|
||||
echo "Closing encrypted partition"
|
||||
${pkgs.cryptsetup}/bin/cryptsetup luksClose external-drive
|
||||
'';
|
||||
in {
|
||||
environment.systemPackages = [ cb-mount cb-unmount cb-prepare ];
|
||||
}
|
||||
@ -4,8 +4,6 @@
|
||||
imports =
|
||||
[
|
||||
./hardware-configuration.nix
|
||||
|
||||
./backup-scripts.nix
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
@ -24,27 +22,6 @@
|
||||
KERNEL=="sd?[0-9]", ENV{ID_MODEL}=="ST1000DM003-1SB102", ACTION=="add", RUN+="${pkgs.hdparm}/sbin/hdparm -S 24 /dev/%k"
|
||||
'';
|
||||
|
||||
services.borgbackup.repos = {
|
||||
clerie-backup = {
|
||||
path = "/mnt/palladium/clerie-backup";
|
||||
authorizedKeysAppendOnly = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyk716RnbenPMkhLolyIkU8ywUSg8x7hjsXFFQoJx4I root@clerie-backup"
|
||||
];
|
||||
};
|
||||
external-drive = {
|
||||
path = "/mnt/external-drive/clerie-backup";
|
||||
authorizedKeysAppendOnly = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuh74Esdp8JPgIZzM372DaCwtAl2QNtRratnIFG0NRB root@clerie-backup"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# Disable automatic directory creation for external-drive repo
|
||||
# The directory gets created by the disk formatting script
|
||||
# Correct permissons will be set right after mounting
|
||||
# This prevents borg from filling up the root drive when no drive is mounted
|
||||
systemd.services.borgbackup-repo-external-drive.enable = false;
|
||||
|
||||
clerie.monitoring = {
|
||||
enable = true;
|
||||
id = "206";
|
||||
|
||||
@ -1,31 +1 @@
|
||||
final: prev: {
|
||||
clerie-backup = final.callPackage ./clerie-backup {};
|
||||
clerie-keys = final.callPackage ./clerie-keys {};
|
||||
clerie-system-remote-install = final.callPackage ./clerie-system-remote-install {};
|
||||
clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {};
|
||||
clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {};
|
||||
clerie-sops = final.callPackage ./clerie-sops/clerie-sops.nix {};
|
||||
clerie-sops-config = final.callPackage ./clerie-sops/clerie-sops-config.nix {};
|
||||
clerie-sops-edit = final.callPackage ./clerie-sops/clerie-sops-edit.nix {};
|
||||
clerie-update-nixfiles = final.callPackage ./clerie-update-nixfiles/clerie-update-nixfiles.nix {};
|
||||
chromium-incognito = final.callPackage ./chromium-incognito {};
|
||||
factorio-launcher = final.callPackage ./factorio-launcher {};
|
||||
feeds-dir = final.callPackage ./feeds-dir {};
|
||||
git-checkout-github-pr = final.callPackage ./git-checkout-github-pr {};
|
||||
git-diff-word = final.callPackage ./git-diff-word {};
|
||||
git-pp = final.callPackage ./git-pp {};
|
||||
git-show-link = final.callPackage ./git-show-link {};
|
||||
iot-data = final.python3.pkgs.callPackage ./iot-data {};
|
||||
nix-remove-result-links = final.callPackage ./nix-remove-result-links {};
|
||||
nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
|
||||
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
||||
nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
|
||||
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
||||
print-afra = final.callPackage ./print-afra {};
|
||||
run-with-docker-group = final.callPackage ./run-with-docker-group {};
|
||||
ssh-gpg = final.callPackage ./ssh-gpg {};
|
||||
update-from-hydra = final.callPackage ./update-from-hydra {};
|
||||
uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
|
||||
|
||||
xmppc = import ./overrides/xmppc.nix final prev;
|
||||
}
|
||||
final: prev: builtins.mapAttrs (name: value: value final prev) (import ./pkgs.nix)
|
||||
|
||||
31
pkgs/pkgs.nix
Normal file
31
pkgs/pkgs.nix
Normal file
@ -0,0 +1,31 @@
|
||||
{
|
||||
clerie-backup = final: prev: final.callPackage ./clerie-backup {};
|
||||
clerie-keys = final: prev: final.callPackage ./clerie-keys {};
|
||||
clerie-system-remote-install = final: prev: final.callPackage ./clerie-system-remote-install {};
|
||||
clerie-system-upgrade = final: prev: final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {};
|
||||
clerie-merge-nixfiles-update = final: prev: final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {};
|
||||
clerie-sops = final: prev: final.callPackage ./clerie-sops/clerie-sops.nix {};
|
||||
clerie-sops-config = final: prev: final.callPackage ./clerie-sops/clerie-sops-config.nix {};
|
||||
clerie-sops-edit = final: prev: final.callPackage ./clerie-sops/clerie-sops-edit.nix {};
|
||||
clerie-update-nixfiles = final: prev: final.callPackage ./clerie-update-nixfiles/clerie-update-nixfiles.nix {};
|
||||
chromium-incognito = final: prev: final.callPackage ./chromium-incognito {};
|
||||
factorio-launcher = final: prev: final.callPackage ./factorio-launcher {};
|
||||
feeds-dir = final: prev: final.callPackage ./feeds-dir {};
|
||||
git-checkout-github-pr = final: prev: final.callPackage ./git-checkout-github-pr {};
|
||||
git-diff-word = final: prev: final.callPackage ./git-diff-word {};
|
||||
git-pp = final: prev: final.callPackage ./git-pp {};
|
||||
git-show-link = final: prev: final.callPackage ./git-show-link {};
|
||||
iot-data = final: prev: final.python3.pkgs.callPackage ./iot-data {};
|
||||
nix-remove-result-links = final: prev: final.callPackage ./nix-remove-result-links {};
|
||||
nixfiles-auto-install = final: prev: final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
|
||||
nixfiles-generate-config = final: prev: final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
||||
nixfiles-generate-backup-secrets = final: prev: final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
|
||||
nixfiles-update-ssh-host-keys = final: prev: final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
||||
print-afra = final: prev: final.callPackage ./print-afra {};
|
||||
run-with-docker-group = final: prev: final.callPackage ./run-with-docker-group {};
|
||||
ssh-gpg = final: prev: final.callPackage ./ssh-gpg {};
|
||||
update-from-hydra = final: prev: final.callPackage ./update-from-hydra {};
|
||||
uptimestatus = final: prev: final.python3.pkgs.callPackage ./uptimestatus {};
|
||||
|
||||
xmppc = final: prev: import ./overrides/xmppc.nix final prev;
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user