From c09d9a5e9ddfa1342b548fa260360baa946179b7 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Tue, 7 Oct 2025 13:04:21 +0200
Subject: [PATCH 1/3] feat: adds `borgbackup` job for `grafana`

---
 modules/services/grafana.nix | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/modules/services/grafana.nix b/modules/services/grafana.nix
index e55d70c..e5eaa61 100644
--- a/modules/services/grafana.nix
+++ b/modules/services/grafana.nix
@@ -1,4 +1,13 @@
-{ config, ... }:
+{
+  config,
+  host,
+  username,
+  pkgs,
+  ...
+}:
+let
+  baseRepo = "ssh://liv@dandelion:9123/spinners/rootvol/backups/${host}";
+in
 {
   services = {
     grafana = {
@@ -19,5 +28,30 @@
         proxyWebsockets = true;
       };
     };
+    borgbackup.jobs."violet-grafana" = {
+      paths = [ "/var/lib/grafana" ];
+      repo = "${baseRepo}/var-grafana";
+      encryption.mode = "none";
+      compression = "auto,zstd";
+      startAt = "daily";
+      preHook = ''
+        systemctl stop grafana
+      '';
+      postHook = ''
+        systemctl start grafana
+        if [ $exitStatus -eq 2 ]; then
+          ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (grafana) failed with errors"
+        else
+          ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (grafana) completed succesfully with exit status $exitStatus"
+        fi
+      '';
+      user = "root";
+      extraCreateArgs = [
+        "--stats"
+      ];
+      environment = {
+        BORG_RSH = "ssh -p 9123 -i /home/${username}/.ssh/id_ed25519";
+      };
+    };
   };
 }

From af5ed3080c6b743f87ed40008525bf05b01df228 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Tue, 7 Oct 2025 13:05:00 +0200
Subject: [PATCH 2/3] chore: `amdvlk` has been replaced by `RADV`, which is
 enabled by default apparently? (wip)

---
 roles/amdgpu.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/amdgpu.nix b/roles/amdgpu.nix
index 1c3e5ac..b6aeaa2 100644
--- a/roles/amdgpu.nix
+++ b/roles/amdgpu.nix
@@ -23,11 +23,11 @@ in
           libvdpau-va-gl
           vulkan-loader
           vulkan-validation-layers
-          amdvlk
+          # amdvlk # error: 'amdvlk' has been removed since it was deprecated by AMD. Its replacement, RADV, is enabled by default.
           mesa.opencl
         ];
         extraPackages32 = with pkgs; [
-          driversi686Linux.amdvlk # Install amdvlk for 32 bit applications as well
+          # driversi686Linux.amdvlk # Install amdvlk for 32 bit applications as well
         ];
       };
       enableRedistributableFirmware = true;
@@ -36,7 +36,7 @@ in
     boot.initrd.kernelModules = [ "amdgpu" ];
 
     environment.systemPackages = with pkgs; [
-      amdvlk
+      # amdvlk
     ];
   };
 }

From 9c9a665f686ab418c68b5ed8cba2432a7a130168 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Tue, 7 Oct 2025 13:05:26 +0200
Subject: [PATCH 3/3] feat: adds `borgbackup` job for `grafana` and set `SSH`
 port

---
 modules/services/forgejo.nix | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix
index a2dc10e..6dd6ccc 100644
--- a/modules/services/forgejo.nix
+++ b/modules/services/forgejo.nix
@@ -2,11 +2,14 @@
   lib,
   pkgs,
   config,
+  host,
+  username,
   ...
 }:
 let
   cfg = config.services.forgejo;
   srv = cfg.settings.server;
+  baseRepo = "ssh://liv@dandelion:9123/spinners/rootvol/backups/${host}";
 in
 {
   services = {
@@ -21,6 +24,8 @@ in
           # You need to specify this to remove the port from URLs in the web UI.
           ROOT_URL = "https://${srv.DOMAIN}/";
           HTTP_PORT = 3050;
+          DISABLE_SSH = false;
+          SSH_PORT = 2222;
         };
         # You can temporarily allow registration to create an admin user.
         service.DISABLE_REGISTRATION = true;
@@ -70,6 +75,31 @@ in
         proxyWebsockets = true;
       };
     };
+    borgbackup.jobs."violet-forgejo" = {
+      paths = [ "/var/lib/forgejo" ];
+      repo = "${baseRepo}/var-forgejo";
+      encryption.mode = "none";
+      compression = "auto,zstd";
+      startAt = "daily";
+      preHook = ''
+        systemctl stop forgejo
+      '';
+      postHook = ''
+        systemctl start forgejo
+        if [ $exitStatus -eq 2 ]; then
+          ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (forgejo) failed with errors"
+        else
+          ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (forgejo) completed succesfully with exit status $exitStatus"
+        fi
+      '';
+      user = "root";
+      extraCreateArgs = [
+        "--stats"
+      ];
+      environment = {
+        BORG_RSH = "ssh -p 9123 -i /home/${username}/.ssh/id_ed25519";
+      };
+    };
   };
   # systemd.services.forgejo.preStart = let
   #   adminCmd = "${lib.getExe cfg.package} admin user";