noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-04-24 10:22:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:4b0d68089a3b3aaae347c720b86c7e0ec0b6ade0
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy
...
compare: noah:ffe867e6a8527cdbd10fab758035506881a5cad5
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy

2 Commits
4b0d68089a ... ffe867e6a8

Author SHA1 Message Date
Noah Masur
ffe867e6a8 have gitea actually backup full repos 2023-07-04 18:01:11 -06:00
Noah Masur
b599162090 fix: paren required on function 2023-07-04 17:21:53 -06:00
2 changed files with 33 additions and 5 deletions
Show Stats Expand all files Collapse all files

31
modules/nixos/services/gitea.nix
View File

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, pkgs, lib, ... }:
let giteaPath = "/var/lib/gitea"; # Default service directory
@ -44,6 +44,7 @@ in {
};
networking.firewall.allowedTCPPorts = [ 122 ];
users.users.${config.user}.extraGroups = [ "gitea" ];
caddy.routes = [{
match = [{ host = [ config.gitServer ]; }];
@ -84,6 +85,34 @@ in {
requires = [ "gitea.service" ];
};
# Run a repository file backup on a schedule
systemd.timers.gitea-backup = lib.mkIf (config.backup.s3.endpoint != null) {
timerConfig = {
OnCalendar = "*-*-* 00:00:00"; # Once per day
Unit = "gitea-backup.service";
};
wantedBy = [ "timers.target" ];
};
# Backup Gitea repos to object storage
systemd.services.gitea-backup =
lib.mkIf (config.backup.s3.endpoint != null) {
description = "Backup Gitea data";
environment.AWS_ACCESS_KEY_ID = config.backup.s3.accessKeyId;
serviceConfig = {
Type = "oneshot";
User = "gitea";
Group = "backup";
EnvironmentFile = config.secrets.backup.dest;
};
script = ''
${pkgs.awscli2}/bin/aws s3 sync --exclude */gitea.db* \
${giteaPath}/ \
s3://${config.backup.s3.bucket}/gitea-data/ \
--endpoint-url=https://${config.backup.s3.endpoint}
'';
};
};
}

7
modules/nixos/services/prometheus.nix
View File

@ -20,16 +20,15 @@
webExternalUrl = lib.mkIf config.services.grafana.enable
"https://${config.prometheusServer}";
# Web config file: https://prometheus.io/docs/prometheus/latest/configuration/https/
webConfigFile =
lib.mkIf config.services.grafana.enable (pkgs.formats.yaml { }).generate
"webconfig.yml" {
webConfigFile = lib.mkIf config.services.grafana.enable
((pkgs.formats.yaml { }).generate "webconfig.yml" {
basic_auth_users = {
# Generate password: htpasswd -nBC 10 "" | tr -d ':\n'
# Encrypt and place in private/prometheus.age
"prometheus" =
"$2y$10$r7FWHLHTGPAY312PdhkPEuvb05aGn9Nk1IO7qtUUUjmaDl35l6sLa";
};
};
});
remoteWrite = lib.mkIf (!config.services.grafana.enable) [{
name = config.networking.hostName;
url = "https://${config.prometheusServer}";