Nix fmt
This commit is contained in:
parent
dfe742ba11
commit
35107e3e81
|
@ -1,30 +1,25 @@
|
|||
{ instances ? [ ]
|
||||
, localMountDir ? null
|
||||
}:
|
||||
{ instances ? [ ], localMountDir ? null, enabled ? true }:
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
btrbkPrimary = { subvolumes ? [ ] }: {
|
||||
snapshot_dir = "@snapshots";
|
||||
subvolume = builtins.foldl'
|
||||
(acc: subvol: acc // {
|
||||
${subvol} = { };
|
||||
})
|
||||
{ }
|
||||
subvolumes;
|
||||
subvolume =
|
||||
builtins.foldl' (acc: subvol: acc // { ${subvol} = { }; }) { } subvolumes;
|
||||
};
|
||||
|
||||
btrbkSecondary = { targetDir, subvolumes ? [ ] }: {
|
||||
target = "send-receive ${targetDir}";
|
||||
subvolume = builtins.foldl'
|
||||
(acc: subvol: acc // {
|
||||
${subvol} = {
|
||||
snapshot_dir = "@snapshots";
|
||||
snapshot_preserve_min = "all";
|
||||
snapshot_create = "no";
|
||||
};
|
||||
})
|
||||
(acc: subvol:
|
||||
acc // {
|
||||
${subvol} = {
|
||||
snapshot_dir = "@snapshots";
|
||||
snapshot_preserve_min = "all";
|
||||
snapshot_create = "no";
|
||||
};
|
||||
})
|
||||
{ }
|
||||
subvolumes;
|
||||
};
|
||||
|
@ -33,11 +28,7 @@ let
|
|||
snapshot_preserve_min = "2d";
|
||||
snapshot_preserve = "7d 5w";
|
||||
transaction_log = "/var/log/btrbk.log";
|
||||
volume = {
|
||||
"${mountDir}" = btrbkPrimary {
|
||||
inherit subvolumes;
|
||||
};
|
||||
};
|
||||
volume = { "${mountDir}" = btrbkPrimary { inherit subvolumes; }; };
|
||||
};
|
||||
|
||||
secondary = primaryIp: mountDir: subvolumes: {
|
||||
|
@ -64,12 +55,17 @@ let
|
|||
target_preserve = "2h 2d 10w *m";
|
||||
target_preserve_min = "24h";
|
||||
transaction_log = "/var/log/btrbk.log";
|
||||
volume = builtins.foldl' (acc: { primaryIp, mountDir, name, subvolumes }: acc // {
|
||||
"ssh://${primaryIp}${mountDir}" = btrbkSecondary {
|
||||
targetDir = "${localMountDir}/@snapshots/${name}";
|
||||
inherit subvolumes;
|
||||
};
|
||||
}) { } instances;
|
||||
volume = builtins.foldl'
|
||||
(acc:
|
||||
{ primaryIp, mountDir, name, subvolumes }:
|
||||
acc // {
|
||||
"ssh://${primaryIp}${mountDir}" = btrbkSecondary {
|
||||
targetDir = "${localMountDir}/@snapshots/${name}";
|
||||
inherit subvolumes;
|
||||
};
|
||||
})
|
||||
{ }
|
||||
instances;
|
||||
};
|
||||
in
|
||||
{
|
||||
|
@ -80,57 +76,60 @@ in
|
|||
group = config.users.users.btrbk.group;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
btrbk
|
||||
btrfs-progs
|
||||
(writeShellScriptBin "restore-snapshot" (builtins.readFile ./restore-snapshot))
|
||||
(writeShellScriptBin "restore-all-snapshots" (builtins.readFile ./restore-all-snapshots))
|
||||
] ++ (if localMountDir != null then [
|
||||
(writeShellScriptBin
|
||||
"make-backup-subdirectories"
|
||||
(builtins.foldl'
|
||||
(acc: { name, ... }:
|
||||
"${acc}\nmkdir -p ${localMountDir}/@snapshots/${name}"
|
||||
)
|
||||
""
|
||||
instances
|
||||
)
|
||||
)
|
||||
] else []);
|
||||
environment.systemPackages = with pkgs;
|
||||
[
|
||||
btrbk
|
||||
btrfs-progs
|
||||
(writeShellScriptBin "restore-snapshot"
|
||||
(builtins.readFile ./restore-snapshot))
|
||||
(writeShellScriptBin "restore-all-snapshots"
|
||||
(builtins.readFile ./restore-all-snapshots))
|
||||
] ++ (if localMountDir != null then
|
||||
[
|
||||
(writeShellScriptBin "make-backup-subdirectories" (builtins.foldl'
|
||||
(acc:
|
||||
{ name, ... }: ''
|
||||
${acc}
|
||||
mkdir -p ${localMountDir}/@snapshots/${name}'') ""
|
||||
instances))
|
||||
]
|
||||
else
|
||||
[ ]);
|
||||
|
||||
services.btrbk = {
|
||||
sshAccess = [
|
||||
{
|
||||
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTqU3EvTgY5/e9m6YyQWypQPK58t9iPmPnPYAvnODGB asonix@lionheart";
|
||||
services.btrbk =
|
||||
if enabled then {
|
||||
sshAccess = [{
|
||||
key =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTqU3EvTgY5/e9m6YyQWypQPK58t9iPmPnPYAvnODGB asonix@lionheart";
|
||||
roles = [ "source" "info" "send" ];
|
||||
}
|
||||
];
|
||||
extraPackages = with pkgs; [ gzip ];
|
||||
instances = if localMountDir == null then
|
||||
(builtins.foldl'
|
||||
(acc: { primaryIp ? null, mountDir, subvolumes, name ? "btrbk" }:
|
||||
let
|
||||
selected =
|
||||
if primaryIp == null then
|
||||
(primary mountDir subvolumes)
|
||||
else
|
||||
(secondary primaryIp mountDir subvolumes);
|
||||
in
|
||||
acc //
|
||||
{
|
||||
${name} = {
|
||||
onCalendar = "hourly";
|
||||
settings = selected;
|
||||
};
|
||||
})
|
||||
{ }
|
||||
instances)
|
||||
else
|
||||
{
|
||||
}];
|
||||
extraPackages = with pkgs; [ gzip ];
|
||||
instances =
|
||||
if localMountDir == null then
|
||||
(builtins.foldl'
|
||||
(acc:
|
||||
{ primaryIp ? null, mountDir, subvolumes, name ? "btrbk" }:
|
||||
let
|
||||
selected =
|
||||
if primaryIp == null then
|
||||
(primary mountDir subvolumes)
|
||||
else
|
||||
(secondary primaryIp mountDir subvolumes);
|
||||
in
|
||||
acc // {
|
||||
${name} = {
|
||||
onCalendar = "hourly";
|
||||
settings = selected;
|
||||
};
|
||||
})
|
||||
{ }
|
||||
instances)
|
||||
else {
|
||||
btrbk = {
|
||||
onCalendar = "hourly";
|
||||
settings = (backup instances);
|
||||
};
|
||||
};
|
||||
};
|
||||
} else
|
||||
{ };
|
||||
}
|
||||
|
|
|
@ -1,10 +1,7 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
docker
|
||||
docker-compose
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ docker docker-compose ];
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
}
|
||||
|
|
|
@ -1,38 +1,40 @@
|
|||
{
|
||||
server = { enable ? true }: { config, pkgs, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
server = { enable ? true }:
|
||||
{ config, pkgs, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
k3s
|
||||
(writeShellScriptBin "kubectl" (builtins.readFile ./kubectl))
|
||||
];
|
||||
environment.systemPackages = with pkgs; [
|
||||
k3s
|
||||
(writeShellScriptBin "kubectl" (builtins.readFile ./kubectl))
|
||||
];
|
||||
|
||||
sops.secrets.k3s_env = {
|
||||
format = "binary";
|
||||
sopsFile = ../../secrets/k3s_env.bin;
|
||||
sops.secrets.k3s_env = {
|
||||
format = "binary";
|
||||
sopsFile = ../../secrets/k3s_env.bin;
|
||||
};
|
||||
|
||||
services.k3s = {
|
||||
inherit enable;
|
||||
environmentFile = config.sops.secrets.k3s_env.path;
|
||||
extraFlags = "--disable traefik --disable servicelb";
|
||||
role = "server";
|
||||
};
|
||||
};
|
||||
|
||||
services.k3s = {
|
||||
inherit enable;
|
||||
environmentFile = config.sops.secrets.k3s_env.path;
|
||||
extraFlags = "--disable traefik --disable servicelb";
|
||||
role = "server";
|
||||
};
|
||||
};
|
||||
agent = { serverIp, enable ? true }:
|
||||
{ config, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
|
||||
agent = { serverIp, enable ? true }: { config, ... }: {
|
||||
networking.firewall.enable = false;
|
||||
sops.secrets.k3s_token = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../secrets/k3s.yaml;
|
||||
};
|
||||
|
||||
sops.secrets.k3s_token = {
|
||||
format = "yaml";
|
||||
sopsFile = ../../secrets/k3s.yaml;
|
||||
services.k3s = {
|
||||
inherit enable;
|
||||
role = "agent";
|
||||
serverAddr = "https://${serverIp}:6443";
|
||||
tokenFile = config.sops.secrets.k3s_token.path;
|
||||
};
|
||||
};
|
||||
|
||||
services.k3s = {
|
||||
inherit enable;
|
||||
role = "agent";
|
||||
serverAddr = "https://${serverIp}:6443";
|
||||
tokenFile = config.sops.secrets.k3s_token.path;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -4,12 +4,10 @@
|
|||
networking = {
|
||||
interfaces.end0 = {
|
||||
inherit macAddress;
|
||||
ipv4.addresses = [
|
||||
{
|
||||
address = selfIp;
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
ipv4.addresses = [{
|
||||
address = selfIp;
|
||||
prefixLength = 24;
|
||||
}];
|
||||
};
|
||||
defaultGateway = "192.168.20.1";
|
||||
nameservers = [ "192.168.20.21" "192.168.20.1" ];
|
||||
|
|
|
@ -8,13 +8,7 @@
|
|||
# Enables the generation of /boot/extlinux/extlinux.conf
|
||||
boot.loader.generic-extlinux-compatible.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
bottom
|
||||
cryptsetup
|
||||
git
|
||||
htop
|
||||
screen
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ bottom cryptsetup git htop screen ];
|
||||
|
||||
programs.neovim = {
|
||||
enable = true;
|
||||
|
|
Loading…
Reference in a new issue