{ description = "A very basic flake"; inputs = { deploy-rs.url = "github:serokell/deploy-rs"; nixpkgs.url = "github:nixos/nixpkgs/master"; image-builder.url = "git+https://git.asonix.dog/asonix/nixos-aarch64-images"; }; outputs = { self, deploy-rs, image-builder, nixpkgs }: let pkgs = import nixpkgs { system = "aarch64-linux"; }; btrbkPrimary = { subvolumes ? [ ] }: { snapshot_dir = "@snapshots"; subvolume = builtins.foldl' (acc: subvol: acc // { ${subvol} = { }; }) { } subvolumes; }; btrbkSecondary = { target-dir, subvolumes ? [ ] }: { target = "send-receive ${target-dir}"; subvolume = builtins.foldl' (acc: subvol: acc // { ${subvol} = { snapshot_dir = "@snapshots"; snapshot_preserve_min = "all"; snapshot_create = "no"; }; }) { } subvolumes; }; nextcloudSubvolumes = [ "@nc-config" "@nc-data" "@postgres" "@redis" "@gitea" "@gitea-conf" "@pihole" "@papermc" "@docker-cfg" "@garage" "@garage-config" ]; sharedModule = { extraPackages ? [ ] }: { services.openssh.settings.PasswordAuthentication = false; # Use the extlinux boot loader. (NixOS wants to enable GRUB by default) boot.loader.grub.enable = false; # Enables the generation of /boot/extlinux/extlinux.conf boot.loader.generic-extlinux-compatible.enable = true; users.users.asonix = { isNormalUser = true; description = "Tavi"; extraGroups = [ "wheel" ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3+mNUlokSKZQNXJAuGm2LCHelKuElWLJArzIYZQYEPbrFaE+J8VtfNbMMD1qVI21ksfcqvFQW4aiP4+BFDxTOGW0uBmUHWKxkyyU39y2yhnsa+svwwIooc+Iwkxw0atzSMEBb94UaZlq9cKMSnG9RGeRFqfYnW2s49wpU79wk6zEFUuOHCMKn4R7zqkPac7IyjxZeKlspY3fOasNH4zyrkbhEOlvrwEOdRNTRNCWWzDcinIVZjfmErHlSynshx9yLnCGkLBxHSxgI2TVyR3RlQ3aGbHtB3QN5X7/T/dwXJFJ11P1Q2bC3XP3hHCogDqXcPvDTFSQEM/mZuFcKNbsn asonix@asonix-tower" ]; }; fileSystems."/" = { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; fsType = "ext4"; }; environment.systemPackages = with pkgs; [ btrbk ] ++ extraPackages; services.btrbk = { sshAccess = [ { key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTqU3EvTgY5/e9m6YyQWypQPK58t9iPmPnPYAvnODGB asonix@lionheart"; roles = [ "source" "info" "send" ]; } ]; extraPackages = with pkgs; [ xz ]; instances.btrbk.settings = { transaction_log = "/var/log/btrbk.log"; stream_buffer = "512m"; snapshot_preserve_min = "2d"; snapshot_preserve = "35d 20w 12m"; target_preserve_min = "24h"; target_preserve = "24h 7d"; archive_preserve_min = "latest"; archive_preserve = "12m 10y"; ssh_user = "btrbk"; ssh_identity = "/etc/btrbk/ssh/backup-ssh-key"; backend_remote = "btrfs-progs-sudo"; }; }; }; makeDockerConfig = { hostName, volume }: nixpkgs.lib.nixosSystem { system = "aarch64-linux"; modules = [ image-builder.packages.aarch64-linux.modules.rockPro64v2 (sharedModule { extraPackages = with pkgs; [ docker docker-compose ]; }) { networking.hostName = hostName; virtualisation.docker.enable = true; services.btrbk.instances.btrbk.settings.volume = volume; } ]; }; deployer = { hostname, configuration }: { hostname = hostname; profiles.system = { user = "root"; sshOpts = [ "-i" "/home/asonix/.ssh/nix-installer" ]; path = deploy-rs.lib.aarch64-linux.activate.nixos configuration; }; }; in { nixosConfigurations.nextcloud1 = makeDockerConfig { hostName = "nextcloud1"; volume = { # "ssh://192.168.20.28/btrfs/hdd" = btrbkSecondary { # target-dir = "/btrfs/hdd/@snapshots"; # subvolumes = nextcloudSubvolumes; # }; "/btrfs/hdd" = btrbkPrimary { subvolumes = nextcloudSubvolumes; }; }; }; nixosConfigurations.nextcloud2 = makeDockerConfig { hostName = "nextcloud2"; volume = { "ssh://192.168.20.21/btrfs/hdd" = btrbkSecondary { target-dir = "/btrfs/hdd/@snapshots"; subvolumes = nextcloudSubvolumes; }; # "/btrfs/hdd" = btrbkPrimary { # subvolumes = nextcloudSubvolumes; # }; }; }; deploy.nodes.nextcloud2 = deployer { hostname = "192.168.20.28"; configuration = self.nixosConfigurations.nextcloud2; }; }; }