fixes for flame server

hosts-by-platform/aarch64-linux/flame/default.nix

@@ -11,23 +11,6 @@ rec {
   nmasur.settings = {
     username = "noah";
     fullName = "Noah Masur";
-    # hostnames =
-    #   let
-    #     baseName = "masu.rs";
-    #   in
-    #   {
-    #     budget = "money.${baseName}";
-    #     git = "git.${baseName}";
-    #     influxdb = "influxdb.${baseName}";
-    #     irc = "irc.${baseName}";
-    #     metrics = "metrics.${baseName}";
-    #     minecraft = "minecraft.${baseName}";
-    #     n8n = "n8n.${baseName}";
-    #     notifications = "ntfy.${baseName}";
-    #     prometheus = "prom.${baseName}";
-    #     secrets = "vault.${baseName}";
-    #     status = "status.${baseName}";
-    #   };
   };
 
   nmasur.profiles = {

platforms/home-manager/modules/nmasur/profiles/developer.nix

@@ -15,7 +15,7 @@ in
 
   config = lib.mkIf cfg.enable {
 
-    home.packages = lib.mkDefault [
+    home.packages = [
       pkgs.pgcli # Postgres client with autocomplete
     ];
 

platforms/home-manager/modules/nmasur/profiles/experimental.nix

@@ -15,7 +15,7 @@ in
 
   config = lib.mkIf cfg.enable {
 
-    home.packages = lib.mkDefault [
+    home.packages = [
 
       # Charm tools
 

platforms/home-manager/modules/nmasur/profiles/linux-gaming.nix

@@ -19,7 +19,7 @@ in
       wine.enable = lib.mkDefault true;
     };
 
-    home.packages = lib.mkDefault [
+    home.packages = [
       pkgs.heroic
     ];
 

platforms/home-manager/modules/nmasur/profiles/power-user.nix

@@ -12,7 +12,7 @@ in
   options.nmasur.profiles.power-user.enable = lib.mkEnableOption "power user home-manager config";
 
   config = lib.mkIf cfg.enable {
-    home.packages = lib.mkDefault [
+    home.packages = [
       pkgs.age # Encryption
       pkgs.bc # Calculator
       pkgs.delta # Fancy diffs

platforms/nix-darwin/modules/nmasur/profiles/base.nix

@@ -19,10 +19,10 @@ in
       homebrew = lib.mkDefault true;
     };
 
-    homebrew.brews = lib.mkDefault [
+    homebrew.brews = [
       "trash" # Delete files and folders to trash instead of rm
     ];
-    homebrew.casks = lib.mkDefault [
+    homebrew.casks = [
       "scroll-reverser" # Different scroll style for mouse vs. trackpad
       "notunes" # Don't launch Apple Music with the play button
     ];

platforms/nix-darwin/modules/nmasur/profiles/extra.nix

@@ -16,7 +16,7 @@ in
 
     nmasur.profiles.base.enable = lib.mkDefault true;
 
-    homebrew.casks = lib.mkDefault [
+    homebrew.casks = [
       "keybase" # GUI on Nix not available for macOS
     ];
 

platforms/nix-darwin/modules/nmasur/profiles/gaming.nix

@@ -16,7 +16,7 @@ in
 
     nmasur.profiles.base.enable = lib.mkDefault true;
 
-    homebrew.casks = lib.mkDefault [
+    homebrew.casks = [
       "steam" # Not packaged for Nixon macOS
       "epic-games" # Not packaged for Nix
     ];

platforms/nixos/modules/nmasur/presets/services/actualbudget.nix

@@ -24,6 +24,9 @@ in
 
     virtualisation.podman.enable = true;
 
+    # Create a shared group for generic services
+    users.groups.shared = { };
+
     users.users.actualbudget = {
       isSystemUser = true;
       group = "shared";

platforms/nixos/modules/nmasur/presets/services/caddy.nix

@@ -50,7 +50,7 @@ in
   config = lib.mkIf cfg.enable {
 
     # Force Caddy to 403 if not coming from allowlisted source
-    nmasur.presets.services.caddy.cidrAllowlist = lib.mkDefault [ "127.0.0.1/32" ];
+    nmasur.presets.services.caddy.cidrAllowlist = [ "127.0.0.1/32" ];
     nmasur.presets.services.caddy.routes = lib.mkBefore [
       {
         match = [ { not = [ { remote_ip.ranges = cfg.cidrAllowlist; } ]; } ];

platforms/nixos/modules/nmasur/presets/services/restic.nix

@@ -44,7 +44,7 @@ in
 
     services.restic.backups = {
       default = {
-        repository = "s3:${cfg.endpoint}/${cfg.s3.bucket}/restic";
+        repository = "s3:${cfg.s3.endpoint}/${cfg.s3.bucket}/restic";
         paths = [ ];
         environmentFile = config.secrets.restic-s3-creds.dest;
         passwordFile = config.secrets.restic.dest;

platforms/nixos/modules/nmasur/profiles/base.nix

@@ -31,7 +31,7 @@ in
       # Create a home directory for human user
       isNormalUser = lib.mkDefault true;
 
-      extraGroups = lib.mkDefault [
+      extraGroups = [
         "wheel" # Sudo privileges
       ];
     };

platforms/nixos/modules/nmasur/profiles/gui.nix

@@ -21,7 +21,7 @@ in
     # Mouse customization
     services.ratbagd.enable = lib.mkDefault true;
 
-    environment.systemPackages = lib.mkDefault [
+    environment.systemPackages = [
       pkgs.libratbag # Mouse adjustments
       pkgs.piper # Mouse adjustments GUI
       pkgs.ddcutil # Monitor brightness control
@@ -57,7 +57,7 @@ in
 
     users.users.${username} = {
       # Grant main user access to external monitors
-      extraGroups = lib.mkDefault [ "i2c" ];
+      extraGroups = [ "i2c" ];
 
       # Automatically create a password to start
       hashedPassword = lib.mkDefault (lib.fileContents ../../../../../misc/password.sha512);

platforms/nixos/modules/nmasur/profiles/server.nix

@@ -16,7 +16,10 @@ in
 
     networking.firewall.allowPing = lib.mkDefault true;
 
-    nmasur.presets.services.openssh.enable = lib.mkDefault true;
+    nmasur.presets.services = {
+      openssh.enable = lib.mkDefault true;
+      restic.enable = lib.mkDefault true;
+    };
 
     # Implement a simple fail2ban service for sshd
     services.sshguard.enable = lib.mkDefault true;