noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-02-07 06:22:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

backups and fish functions

Browse Source
This commit is contained in:
Noah Masur 2025-01-31 15:40:41 -05:00
parent b123ae3e69
commit e1f987e83b
No known key found for this signature in database
13 changed files with 225 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/common/shell/fish/functions/search-and-edit.fish
View File

@ -17,5 +17,5 @@ set vimfile ( \
)
and set line_number (echo $vimfile | tr -d '\r' | cut -d':' -f2)
and set vimfile (echo $vimfile | tr -d '\r' | cut -d':' -f1)
and commandline -r "vim +$line_number $vimfile"
and commandline -r "vim +$line_number \"$vimfile\""
and commandline -f execute

103
modules/nixos/services/backups.nix
View File

@ -1,103 +0,0 @@
# This is my setup for backing up SQlite databases and other systems to S3 or
# S3-equivalent services (like Backblaze B2).
{ config, lib, ... }:
{
options = {
backup.s3 = {
endpoint = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 endpoint for backups";
default = null;
};
bucket = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 bucket for backups";
default = null;
};
accessKeyId = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 access key ID for backups";
default = null;
};
resticBucket = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 bucket for restic backups";
default = null;
};
};
};
config = lib.mkIf (config.backup.s3.endpoint != null) {
users.groups.backup = { };
secrets.backup = {
source = ../../../private/backup.age;
dest = "${config.secretsDirectory}/backup";
group = "backup";
permissions = "0440";
};
users.users.litestream.extraGroups = [ "backup" ];
services.litestream = {
enable = true;
environmentFile = config.secrets.backup.dest;
settings = { };
};
# Broken on 2024-08-23
# https://github.com/NixOS/nixpkgs/commit/0875d0ce1c778f344cd2377a5337a45385d6ffa0
insecurePackages = [ "litestream-0.3.13" ];
# Wait for secret to exist
systemd.services.litestream = {
after = [ "backup-secret.service" ];
requires = [ "backup-secret.service" ];
environment.AWS_ACCESS_KEY_ID = config.backup.s3.accessKeyId;
};
# # Backup library to object storage
# services.restic.backups.calibre = {
# user = "calibre-web";
# repository =
# "s3://${config.backup.s3.endpoint}/${config.backup.s3.bucket}/calibre";
# paths = [
# "/var/books"
# "/var/lib/calibre-web/app.db"
# "/var/lib/calibre-web/gdrive.db"
# ];
# initialize = true;
# timerConfig = { OnCalendar = "00:05:00"; };
# environmentFile = backup.s3File;
# };
secrets.s3-glacier = {
source = ../../../private/s3-glacier.age;
dest = "${config.secretsDirectory}/s3-glacier";
};
secrets.restic = {
source = ../../../private/restic.age;
dest = "${config.secretsDirectory}/restic";
};
services.restic.backups = lib.mkIf (config.backup.s3.resticBucket != null) {
default = {
repository = "s3:s3.us-east-1.amazonaws.com/${config.backup.s3.resticBucket}/restic";
paths = [ ];
environmentFile = config.secrets.s3-glacier.dest;
passwordFile = config.secrets.restic.dest;
pruneOpts = [
"--keep-daily 14"
"--keep-weekly 6"
"--keep-monthly 12"
"--keep-yearly 100"
];
};
};
};
}

46
modules/nixos/services/default.nix
View File

@ -1,46 +0,0 @@
# This file imports all the other files in this directory for use as modules in
# my config.
{ ... }:
{
imports = [
./actualbudget.nix
./audiobookshelf.nix
./arr.nix
./backups.nix
./bind.nix
./caddy.nix
./calibre.nix
./cloudflare-tunnel.nix
./cloudflare.nix
./filebrowser.nix
./identity.nix
./immich.nix
./irc.nix
./gitea-runner.nix
./gitea.nix
./gnupg.nix
./grafana.nix
./honeypot.nix
./influxdb2.nix
./jellyfin.nix
./keybase.nix
./mullvad.nix
./n8n.nix
./netdata.nix
./nextcloud.nix
./ntfy.nix
./paperless.nix
./postgresql.nix
./prometheus.nix
./samba.nix
./secrets.nix
./sshd.nix
./transmission.nix
./uptime-kuma.nix
./vaultwarden.nix
./victoriametrics.nix
./wireguard.nix
];
}

0
modules/common/shell/fish/functions/ip.fish → pkgs/tools/misc/ip-check/ip.fish Normal file → Executable file
View File

10
pkgs/tools/misc/ip-check/package.nix Normal file
View File

@ -0,0 +1,10 @@
{ pkgs, lib, ... }:
pkgs.writers.writeFishBin "ip-check" {
makeWrapperArgs = [
"--prefix"
"PATH"
":"
"${lib.makeBinPath [ pkgs.curl ]}"
];
} builtins.readFile ./ip.fish

4
platforms/home-manager/modules/nmasur/presets/services/dotfiles.nix → platforms/home-manager/modules/nmasur/presets/programs/dotfiles.nix
View File

@ -6,13 +6,13 @@
}:
let
cfg = config.nmasur.presets.services.dotfiles;
cfg = config.nmasur.presets.programs.dotfiles;
in
{
# Allows me to make sure I can work on my dotfiles locally
options.nmasur.preset.services.dotfiles = {
options.nmasur.preset.programs.dotfiles = {
enable = lib.mkEnableOption "Clone dotfiles repository";
repo = lib.mkOption {
type = lib.types.str;

9
platforms/home-manager/modules/nmasur/presets/programs/fish.nix
View File

@ -48,11 +48,6 @@ in
description = "Tidy up JSON using jq";
body = "pbpaste | jq '.' | pbcopy"; # Need to fix for non-macOS
};
note = {
description = "Edit or create a note";
argumentNames = "filename";
body = builtins.readFile ./functions/note.fish;
};
recent = {
description = "Open a recent file in Vim";
body = builtins.readFile ./functions/recent.fish;
@ -61,10 +56,6 @@ in
description = "Search and open the relevant file in Vim";
body = builtins.readFile ./functions/search-and-edit.fish;
};
syncnotes = {
description = "Full git commit on notes";
body = builtins.readFile ./functions/syncnotes.fish;
};
_which = {
description = "Identify the path to a program in the shell";
body = "command --search (string sub --start=2 $argv)";

77
platforms/home-manager/modules/nmasur/presets/programs/notes/default.nix Normal file
View File

@ -0,0 +1,77 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.notes;
in
{
options.nmasur.preset.programs.notes = {
enable = lib.mkEnableOption "Manage notes repository";
repo = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Git repo containing notes";
default = null;
};
path = lib.mkOption {
type = lib.types.path;
description = "Path to notes on disk";
default = config.homePath + "/dev/personal/notes";
};
};
config = lib.mkIf cfg.enable {
home.activation = lib.mkIf (cfg.repo != null) {
# Always clone notes repository if it doesn't exist
clonenotes = config.lib.dag.entryAfter [ "writeBoundary" "loadkey" ] ''
if [ ! -d "${cfg.path}" ]; then
run mkdir --parents $VERBOSE_ARG $(dirname "${cfg.path}")
run ${pkgs.git}/bin/git \
clone ${cfg.repo} "${cfg.path}"
fi
'';
};
# Set a variable for notes repo, not necessary but convenient
home.sessionVariables.NOTES_PATH = cfg.path;
programs.fish.functions = {
syncnotes = {
description = "Full git commit on notes";
body = builtins.readFile lib.getExe (
pkgs.writers.writeFishBin "syncnotes" {
makeWrapperArgs = [
"--prefix"
"PATH"
":"
"${lib.makeBinPath [ pkgs.git ]}"
];
} builtins.readFile ./syncnotes.fish
);
};
note = {
description = "Edit or create a note";
argumentNames = "filename";
body = builtins.readFile lib.getExe (
pkgs.writers.writeFishBin "note" {
makeWrapperArgs = [
"--prefix"
"PATH"
":"
"${lib.makeBinPath [
pkgs.vim
pkgs.fzf
]}"
];
} builtins.readFile ./note.fish
);
};
};
};
}

4
modules/common/shell/fish/functions/note.fish → platforms/home-manager/modules/nmasur/presets/programs/notes/note.fish
View File

@ -1,8 +1,8 @@
if test -n "$filename"
vim $NOTES_PATH/$filename.md
vim "$NOTES_PATH/$filename.md"
else
set file (ls $NOTES_PATH | fzf)
if [ $status -eq 0 ]
vim $NOTES_PATH/$file
vim "$NOTES_PATH/$file"
end
end

0
modules/common/shell/fish/functions/syncnotes.fish → platforms/home-manager/modules/nmasur/presets/programs/notes/syncnotes.fish
View File

8
platforms/nixos/modules/nmasur/presets/services/calibre-web.nix
View File

@ -60,7 +60,7 @@ in
users.users.${config.user}.extraGroups = [ "calibre-web" ];
# Run a backup on a schedule
systemd.timers.calibre-backup = lib.mkIf config.backups.calibre {
systemd.timers.calibre-backup = {
timerConfig = {
OnCalendar = "*-*-* 00:00:00"; # Once per day
Unit = "calibre-backup.service";
@ -71,7 +71,7 @@ in
# Backup Calibre data to object storage
systemd.services.calibre-backup = {
description = "Backup Calibre data";
environment.AWS_ACCESS_KEY_ID = config.backup.s3.accessKeyId;
environment.AWS_ACCESS_KEY_ID = config.nmasur.presets.services.litestream.s3.accessKeyId;
serviceConfig = {
Type = "oneshot";
User = "calibre-web";
@ -81,8 +81,8 @@ in
script = ''
${pkgs.awscli2}/bin/aws s3 sync \
${libraryPath}/ \
s3://${config.backup.s3.bucket}/calibre/ \
--endpoint-url=https://${config.backup.s3.endpoint}
s3://${config.nmasur.presets.services.litestream.s3.bucket}/calibre/ \
--endpoint-url=https://${config.nmasur.presets.services.litestream.s3.endpoint}
'';
};
};

68
platforms/nixos/modules/nmasur/presets/services/litestream.nix Normal file
View File

@ -0,0 +1,68 @@
# This is my setup for backing up SQlite databases and other systems to S3 or
# S3-equivalent services (like Backblaze B2).
{ config, lib, ... }:
let
cfg = config.nmasur.presets.services.litestream;
in
{
options.nmasur.presets.services.litestream = {
enable = lib.mkEnableOption "Litestream SQLite backups";
s3 = {
endpoint = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 endpoint for Litestream backups";
# default = null;
};
bucket = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 bucket for Litestream backups";
# default = null;
};
accessKeyId = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 access key ID for Litestream backups";
# default = null;
};
accessKeySecret = lib.mkOption {
type = lib.types.nullOr lib.types.path;
description = "S3 secret key path for Litestream backups";
default = ../../../../../../private/backup.age;
};
};
};
config = lib.mkIf (cfg.enable) {
users.groups.backup = { };
secrets.litestream-backup = {
source = cfg.s3.accessKeySecret;
dest = "${config.secretsDirectory}/backup";
group = "backup";
permissions = "0440";
};
users.users.litestream.extraGroups = [ "backup" ];
services.litestream = {
enable = true;
environmentFile = config.secrets.litestream-backup.dest;
settings = { };
};
# Broken on 2024-08-23
# https://github.com/NixOS/nixpkgs/commit/0875d0ce1c778f344cd2377a5337a45385d6ffa0
insecurePackages = [ "litestream-0.3.13" ];
# Wait for secret to exist
systemd.services.litestream = {
after = [ "backup-secret.service" ];
requires = [ "backup-secret.service" ];
environment.AWS_ACCESS_KEY_ID = cfg.s3.accessKeyId;
};
};
}

61
platforms/nixos/modules/nmasur/presets/services/restic.nix Normal file
View File

@ -0,0 +1,61 @@
{ config, lib, ... }:
let
cfg = config.nmasur.presets.services.restic;
in
{
options.nmasur.presets.services.restic = {
enable = lib.mkEnableOption "Restic backup service";
resticPassword = lib.mkOption {
type = lib.types.nullOr lib.types.path;
description = "Password file path for Restic backups";
default = ../../../../../../private/restic.age;
};
s3 = {
endpoint = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 endpoint for Restic backups";
default = "s3.us-east-1.amazonaws.com";
};
bucket = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "S3 bucket for Restic backups";
default = null;
};
accessKeySecretPair = lib.mkOption {
type = lib.types.nullOr lib.types.path;
description = "Path to file containing S3 access and secret key for Restic backups";
default = ../../../../../../private/s3-glacier.age;
};
};
};
config = lib.mkIf (cfg.enable) {
secrets.restic-s3-creds = {
source = cfg.s3.accessKeySecretPair;
dest = "${config.secretsDirectory}/restic-s3-creds";
};
secrets.restic = {
source = cfg.resticPassword;
dest = "${config.secretsDirectory}/restic";
};
services.restic.backups = {
default = {
repository = "s3:${cfg.endpoint}/${cfg.s3.bucket}/restic";
paths = [ ];
environmentFile = config.secrets.restic-s3-creds.dest;
passwordFile = config.secrets.restic.dest;
pruneOpts = [
"--keep-daily 14"
"--keep-weekly 6"
"--keep-monthly 12"
"--keep-yearly 100"
];
};
};
};
}