diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix index 98e0a49..93d87f7 100644 --- a/hosts/dandelion/default.nix +++ b/hosts/dandelion/default.nix @@ -12,6 +12,10 @@ ./../../modules/services/dandelion.nix ]; + users.users.liv.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLdcB5JFWx6OK2BAr8J0wPHNhr2VP2/Ci6fv3a+DPfo liv@violet" # allow violet to log in over ssh to do back ups + ]; + networking.hostName = "dandelion"; liv.server.enable = true; diff --git a/hosts/violet/backups.nix b/hosts/violet/backups.nix new file mode 100644 index 0000000..d8183e5 --- /dev/null +++ b/hosts/violet/backups.nix @@ -0,0 +1,54 @@ +let + borgbackupMonitor = + { + config, + pkgs, + lib, + ... + }: + with lib; + { + key = "borgbackupMonitor"; + _file = "borgbackupMonitor"; + config.systemd.services = + { + "notify-problems@" = { + enable = true; + serviceConfig.User = "liv"; + environment.SERVICE = "%i"; + script = '' + ${pkgs.curl}/bin/curl -d "$SERVICE FAILED! - service $SERVICE on host $(hostname) failed, run journalctl -u $SERVICE for details." + ''; + }; + } + // flip mapAttrs' config.services.borgbackup.jobs ( + name: value: + nameValuePair "borgbackup-job-${name}" { + unitConfig.OnFailure = "notify-problems@%i.service"; + } + ); + + # optional, but this actually forces backup after boot in case laptop was powered off during scheduled event + # for example, if you scheduled backups daily, your laptop should be powered on at 00:00 + config.systemd.timers = flip mapAttrs' config.services.borgbackup.jobs ( + name: value: + nameValuePair "borgbackup-job-${name}" { + timerConfig.Persistent = true; + } + ); + }; + +in +{ + imports = [ borgbackupMonitor ]; + services = { + borgbackup.jobs.liv-violet = { + paths = "/home/liv"; + encryption.mode = "none"; + environment.BORG_RSH = "ssh -i /home/liv/.ssh/id_ed25519"; + repo = "ssh://liv@100.115.178.50:9123/spinners/rootvol/backups/hosts/violet"; + compression = "auto,zstd"; + startAt = "daily"; + }; + }; +} diff --git a/hosts/violet/default.nix b/hosts/violet/default.nix index f1fd5d8..8aa285d 100644 --- a/hosts/violet/default.nix +++ b/hosts/violet/default.nix @@ -9,6 +9,7 @@ ./hardware-configuration.nix ./../../modules/core/default.server.nix ./../../modules/services/violet.nix + # ./backups.nix # disable for now, test first. ]; networking.hostName = "violet"; @@ -24,15 +25,16 @@ pkgs.kitty.terminfo ]; - services.smartd = { - enable = lib.mkForce false; - autodetect = lib.mkForce false; + services = { + smartd = { + enable = lib.mkForce false; + autodetect = lib.mkForce false; + }; + xserver.videoDrivers = [ "nvidia" ]; }; liv.nvidia.enable = true; - services.xserver.videoDrivers = [ "nvidia" ]; - boot = { loader.grub = { enable = true; diff --git a/modules/services/ntfy.nix b/modules/services/ntfy.nix index 19c3fba..bdd592e 100644 --- a/modules/services/ntfy.nix +++ b/modules/services/ntfy.nix @@ -12,7 +12,7 @@ in listen-http = "127.0.0.1:${toString port}"; behind-proxy = true; visitor-attachment-daily-bandwidth-limit = "10M"; - visitor-request-limit-burst = 5; + visitor-request-limit-burst = 15; visitor-request-limit-replenish = "15s"; }; }; diff --git a/modules/services/violet.nix b/modules/services/violet.nix index 85b483d..5c43ba1 100644 --- a/modules/services/violet.nix +++ b/modules/services/violet.nix @@ -20,6 +20,7 @@ ++ [ (import ./nginx.nix) ] # ++ [(import ./komga.nix)] ++ [ (import ./radicale.nix) ] + ++ [ (import ./tailscale.nix) ] ++ [ (import ./readarr.nix) ]; # ++ [(import ./smart-monitoring.nix)] # ++ [(import ./jitsi-meet.nix)]