noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-04-29 00:02:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:ffe867e6a8527cdbd10fab758035506881a5cad5
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy
..
compare: noah:4b0d68089a3b3aaae347c720b86c7e0ec0b6ade0
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy

No commits in common. "ffe867e6a8527cdbd10fab758035506881a5cad5" and "4b0d68089a3b3aaae347c720b86c7e0ec0b6ade0" have entirely different histories.
ffe867e6a8 ... 4b0d68089a

2 changed files with 5 additions and 33 deletions
Show Stats Expand all files Collapse all files

31
modules/nixos/services/gitea.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: { config, lib, ... }:
let giteaPath = "/var/lib/gitea"; # Default service directory let giteaPath = "/var/lib/gitea"; # Default service directory
@ -44,7 +44,6 @@ in {
}; };
networking.firewall.allowedTCPPorts = [ 122 ]; networking.firewall.allowedTCPPorts = [ 122 ];
users.users.${config.user}.extraGroups = [ "gitea" ];
caddy.routes = [{ caddy.routes = [{
match = [{ host = [ config.gitServer ]; }]; match = [{ host = [ config.gitServer ]; }];
@ -85,34 +84,6 @@ in {
requires = [ "gitea.service" ]; requires = [ "gitea.service" ];
}; };
# Run a repository file backup on a schedule
systemd.timers.gitea-backup = lib.mkIf (config.backup.s3.endpoint != null) {
timerConfig = {
OnCalendar = "*-*-* 00:00:00"; # Once per day
Unit = "gitea-backup.service";
};
wantedBy = [ "timers.target" ];
};
# Backup Gitea repos to object storage
systemd.services.gitea-backup =
lib.mkIf (config.backup.s3.endpoint != null) {
description = "Backup Gitea data";
environment.AWS_ACCESS_KEY_ID = config.backup.s3.accessKeyId;
serviceConfig = {
Type = "oneshot";
User = "gitea";
Group = "backup";
EnvironmentFile = config.secrets.backup.dest;
};
script = ''
${pkgs.awscli2}/bin/aws s3 sync --exclude */gitea.db* \
${giteaPath}/ \
s3://${config.backup.s3.bucket}/gitea-data/ \
--endpoint-url=https://${config.backup.s3.endpoint}
'';
};
}; };
} }

7
modules/nixos/services/prometheus.nix
View File

@ -20,15 +20,16 @@
webExternalUrl = lib.mkIf config.services.grafana.enable webExternalUrl = lib.mkIf config.services.grafana.enable
"https://${config.prometheusServer}"; "https://${config.prometheusServer}";
# Web config file: https://prometheus.io/docs/prometheus/latest/configuration/https/ # Web config file: https://prometheus.io/docs/prometheus/latest/configuration/https/
webConfigFile = lib.mkIf config.services.grafana.enable webConfigFile =
((pkgs.formats.yaml { }).generate "webconfig.yml" { lib.mkIf config.services.grafana.enable (pkgs.formats.yaml { }).generate
"webconfig.yml" {
basic_auth_users = { basic_auth_users = {
# Generate password: htpasswd -nBC 10 "" | tr -d ':\n' # Generate password: htpasswd -nBC 10 "" | tr -d ':\n'
# Encrypt and place in private/prometheus.age # Encrypt and place in private/prometheus.age
"prometheus" = "prometheus" =
"$2y$10$r7FWHLHTGPAY312PdhkPEuvb05aGn9Nk1IO7qtUUUjmaDl35l6sLa"; "$2y$10$r7FWHLHTGPAY312PdhkPEuvb05aGn9Nk1IO7qtUUUjmaDl35l6sLa";
}; };
}); };
remoteWrite = lib.mkIf (!config.services.grafana.enable) [{ remoteWrite = lib.mkIf (!config.services.grafana.enable) [{
name = config.networking.hostName; name = config.networking.hostName;
url = "https://${config.prometheusServer}"; url = "https://${config.prometheusServer}";