174 lines
3.8 KiB
Nix
174 lines
3.8 KiB
Nix
{ config, ... }:
|
|
|
|
let
|
|
paths = [
|
|
"/srv"
|
|
"/home/cadey/.weechat"
|
|
"/home/mai/.weechat"
|
|
"/home/cadey/life"
|
|
"/home/cadey/org"
|
|
"/var/lib/acme"
|
|
"/var/lib/gitea"
|
|
"/var/lib/mysql"
|
|
"/var/lib/tor/onion"
|
|
"/srv/http/xena.greedo.xeserv.us/articles"
|
|
"/srv/http/xena.greedo.xeserv.us/books"
|
|
"/srv/http/xena.greedo.xeserv.us/css"
|
|
"/srv/http/xena.greedo.xeserv.us/fics"
|
|
"/srv/http/xena.greedo.xeserv.us/pkg"
|
|
"/srv/http/xena.greedo.xeserv.us/repo"
|
|
"/srv/http/xena.greedo.xeserv.us/templates"
|
|
"/srv/http/xena.greedo.xeserv.us/tumblr"
|
|
"/srv/gemini"
|
|
"/home/cadey/prefix/flightjournal"
|
|
"/run/keys"
|
|
"/home/cadey/backup/ponychat"
|
|
"/home/cadey/backup/shadowh511"
|
|
"/home/cadey/go/src"
|
|
"/home/cadey/code"
|
|
"/home/cadey/prefix"
|
|
"/home/cadey/backup/construct"
|
|
"/home/cadey/backup/greedo"
|
|
"/home/cadey/backup/luna"
|
|
"/home/cadey/backup/tulpa"
|
|
];
|
|
exclude = [
|
|
# temporary files created by cargo
|
|
"**/target"
|
|
"/home/cadey/prefix/aura"
|
|
"/srv/http/xena.greedo.xeserv.us"
|
|
"/srv/backup"
|
|
|
|
"/var/lib/docker"
|
|
"/var/lib/systemd"
|
|
"/var/lib/libvirt"
|
|
"'**/.cache'"
|
|
"'**/.nix-profile'"
|
|
"'**/.elm'"
|
|
"'**/.emacs.d'"
|
|
];
|
|
in {
|
|
# services.borgbackup.jobs."hetzner" = {
|
|
# inherit paths exclude;
|
|
# repo = "ssh://u252481@u252481.your-storagebox.de:23/./lufta";
|
|
# encryption = {
|
|
# mode = "repokey-blake2";
|
|
# passCommand = "cat /root/borgbackup_passphrase";
|
|
# };
|
|
# environment.BORG_RSH = "ssh -i /root/.ssh/id_rsa";
|
|
# compression = "auto,lzma";
|
|
# startAt = "daily";
|
|
# };
|
|
|
|
within = {
|
|
backups = {
|
|
inherit exclude paths;
|
|
enable = true;
|
|
repo = "57196@usw-s007.rsync.net:lufta";
|
|
};
|
|
|
|
services = {
|
|
# webapps
|
|
aura = {
|
|
enable = true;
|
|
domain = "pvfmsets.cf";
|
|
};
|
|
|
|
mi = {
|
|
enable = false;
|
|
useACME = true;
|
|
domain = "mi.within.website";
|
|
port = 38184;
|
|
};
|
|
|
|
printerfacts = {
|
|
enable = true;
|
|
useACME = true;
|
|
domain = "printerfacts.cetacean.club";
|
|
};
|
|
|
|
xesite = {
|
|
enable = true;
|
|
useACME = true;
|
|
domain = "christine.website";
|
|
};
|
|
|
|
# gemini server
|
|
rhea = {
|
|
enable = true;
|
|
sites = [rec {
|
|
domain = "cetacean.club";
|
|
certPath = "/run/${domain}.crt";
|
|
keyPath = "/run/${domain}.key";
|
|
files = {
|
|
root = "/srv/gemini/${domain}";
|
|
autoIndex = true;
|
|
userPaths = false;
|
|
};
|
|
}];
|
|
};
|
|
|
|
# bots
|
|
aerial.enable = true;
|
|
tron.enable = true;
|
|
withinbot.enable = false;
|
|
|
|
# static sites
|
|
lewa = {
|
|
enable = true;
|
|
useACME = true;
|
|
domain = "lewa.within.website";
|
|
};
|
|
|
|
tulpanomicon.enable = true;
|
|
graphviz.enable = true;
|
|
};
|
|
};
|
|
|
|
xeserv.services = {
|
|
aegis = {
|
|
enable = true;
|
|
hostport = "[::]:43705";
|
|
sockdir = "/srv/within/run";
|
|
};
|
|
|
|
todayinmarch2020.enable = true;
|
|
within-website.enable = true;
|
|
};
|
|
|
|
age.secrets = {
|
|
"cetacean-club-cert" = {
|
|
file = ../../secret/cetacean.club.crt.age;
|
|
path = "/run/cetacean.club.crt";
|
|
};
|
|
"cetacean-club-key" = {
|
|
file = ../../secret/cetacean.club.key.age;
|
|
path = "/run/cetacean.club.key";
|
|
};
|
|
|
|
aerial-env = {
|
|
file = ../../secret/aerial.env.age;
|
|
path = "/srv/within/aerial/.env";
|
|
owner = "aerial";
|
|
group = "within";
|
|
mode = "600";
|
|
};
|
|
|
|
aura-env = {
|
|
file = ../../secret/aura.env.age;
|
|
path = "/srv/within/aura/.env";
|
|
owner = "aura";
|
|
group = "within";
|
|
mode = "600";
|
|
};
|
|
|
|
xesite = {
|
|
file = ../../secrets/xesite.env.age;
|
|
path = "/srv/within/xesite/.env";
|
|
owner = "xesite";
|
|
group = "within";
|
|
mode = "0400";
|
|
};
|
|
};
|
|
}
|