death916/nixconfig
1
0
Fork 0
mirror of https://github.com/Death916/nixconfig.git synced 2026-04-10 02:54:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

kopia local and flake update

Browse source
This commit is contained in:
death916 2025-07-28 05:46:57 -07:00
parent 751654408b
commit 6467cc83e1
9 changed files with 110 additions and 160 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
*.md

101
README.md
View file

@ -1,101 +0,0 @@
# NixOS Configuration Refactor
This document outlines the new, modular structure of the NixOS configuration and explains how to revert to the previous setup if necessary.
## New Directory Structure
The configuration has been reorganized to be more modular and easier to manage. Here is an overview of the new structure:
```
.
├── flake.nix
├── home-manager/
│ ├── death916-homelab.nix
│ └── home.nix
├── modules/
│ ├── home-manager/
│ │ └── common.nix
│ └── nixos/
│ ├── common/
│ │ ├── base.nix
│ │ └── tailscale.nix
│ ├── homelab/
│ │ ├── networking.nix
│ │ ├── services.nix
│ │ └── user.nix
│ └── laptop/
│ ├── desktop.nix
│ └── user.nix
├── nixos/
│ ├── configuration.nix
│ └── homelab.nix
├── old_config/ # <-- Your previous configuration is backed up here
└── scripts/
└── nh-push # <-- New helper script
```
### Key Changes
- **Modularization**: The main `configuration.nix` and `homelab.nix` files have been split into smaller, more focused modules located in the `modules/` directory. This makes the code cleaner and easier to navigate.
- **Shared vs. Specific Config**: Common settings shared between both the laptop and homelab are now in `modules/nixos/common/` and `modules/home-manager/common.nix`. Machine-specific configurations are in their respective `laptop/` and `homelab/` subdirectories.
- **`flake.nix`**: The flake now uses `specialArgs` to pass overlays and other shared values to the modules, reducing redundancy.
- **`nh-push` script**: A new script has been added at `scripts/nh-push`. This script wraps the `nh os switch` command and automatically runs `git push` after a successful build, streamlining the update process.
## How to Revert the Changes
If you encounter any issues with the new configuration, you can easily revert to your previous setup. Your old files are safely archived in the `old_config/` directory.
To revert, follow these steps:
1. **Delete the new configuration files**:
```bash
rm -rf flake.nix nixos/ modules/ home-manager/ scripts/
```
2. **Restore the old configuration from the backup**:
```bash
mv old_config/* .
rmdir old_config
```
3. **Rebuild your system**:
After restoring the files, run your usual NixOS rebuild command, for example:
```bash
sudo nixos-rebuild switch --flake .#homelab
```
This will restore your system to the exact state it was in before these changes were made.
## Quick Reference: Where to Find Common Settings
Here is a quick guide to help you locate the most common configuration settings in the new modular structure.
### System-Wide Settings
* **Settings for BOTH Laptop & Homelab:**
* `modules/nixos/common/base.nix`: Base system settings like the bootloader, timezone, and `allowUnfree`.
* `modules/nixos/common/tailscale.nix`: Tailscale configuration.
* **Laptop-Specific System Settings:**
* `modules/nixos/laptop/desktop.nix`: Desktop environment, system packages, and other laptop-specific services.
* `nixos/hardware-configuration.nix`: Filesystems and hardware settings for the laptop.
* **Homelab-Specific System Settings:**
* `modules/nixos/homelab/services.nix`: All homelab services (Docker, Jellyfin, etc.) and system packages.
* `modules/nixos/homelab/networking.nix`: Static IP, firewall, and network settings for the homelab.
* `nixos/hardware-homelab.nix`: Filesystems and hardware settings for the homelab.
### User & Home-Manager Settings
* **Settings for YOUR USER on BOTH Systems:**
* `modules/home-manager/common.nix`: Shared user settings like your shell (Bash), Git config, Helix, and default editor.
* **Laptop-Specific User Settings:**
* `home-manager/home.nix`: User-specific packages, shell prompt (`starship`), and aliases for the laptop.
* **Homelab-Specific User Settings:**
* `home-manager/death916-homelab.nix`: User-specific packages and aliases for the homelab.

44
compose.yml Normal file
View file

@ -0,0 +1,44 @@
# compose
version: '3.7'
services:
kopia:
image: kopia/kopia:latest
hostname: Hostname
container_name: Kopia
restart: unless-stopped
network_mode: bridge
ports:
- 51515:51515
# Setup the server that provides the web gui
command:
- server
- start
- --disable-csrf-token-checks
- --tls-cert-file=/certs/pimox.bandicoot-skate.ts.net.crt
- --tls-key-file=/certs/pimox.bandicoot-skate.ts.net.key
- --address=0.0.0.0:51515
- --server-username=death916
- --server-password=REDACTED
environment:
# Set repository password
KOPIA_PASSWORD: "REDACTED"
USER: "death916"
TZ: "America/Los_Angeles"
volumes:
# Mount local folders needed by kopia
- /home/death916/certs:/certs
- /home/death916/docker/volumes/kopia:/app/config
- /home/death916/docker/volumes/kopia:/app/cache
- /home/death916/docker/volumes/kopia:/app/logs
# Mount local folders to snapshot
- /:/data:ro
# Mount repository location
#- /path/to/repository/dir:/repository
# Mount path for browsing mounted snaphots
- /tmp:/tmp:shared

30
flake.lock generated
View file

@ -84,11 +84,11 @@
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1753128215,
"narHash": "sha256-omv0axMwEQE01CKR/dNClMA3WFtTrgNU04YGil5edhM=",
"lastModified": 1753463116,
"narHash": "sha256-/KvOP0y/mKYYq29Xho+bqe4/5zDFNN+Bk13+sRb+NZs=",
"owner": "flox",
"repo": "flox",
"rev": "707426e643d5fdc81ef52c8e0ffcccfa531d0c17",
"rev": "0d6ae599926c330ff16578f0f0f83af50a9a672c",
"type": "github"
},
"original": {
@ -126,11 +126,11 @@
]
},
"locked": {
"lastModified": 1753055804,
"narHash": "sha256-KerePGJYX47ex6OY3CWsid4AltO2gDtQROunYJ0eCEE=",
"lastModified": 1753592768,
"narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "adf195f021a8cbb0c317f75b52e96c82616526f9",
"rev": "fc3add429f21450359369af74c2375cb34a2d204",
"type": "github"
},
"original": {
@ -204,11 +204,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1752950548,
"narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=",
"lastModified": 1753429684,
"narHash": "sha256-9h7+4/53cSfQ/uA3pSvCaBepmZaz/dLlLVJnbQ+SJjk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c87b95e25065c028d31a94f06a62927d18763fdf",
"rev": "7fd36ee82c0275fb545775cc5e4d30542899511d",
"type": "github"
},
"original": {
@ -220,11 +220,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1752866191,
"narHash": "sha256-NV4S2Lf2hYmZQ3Qf4t/YyyBaJNuxLPyjzvDma0zPp/M=",
"lastModified": 1753345091,
"narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f01fe91b0108a7aff99c99f2e9abbc45db0adc2a",
"rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9",
"type": "github"
},
"original": {
@ -290,11 +290,11 @@
]
},
"locked": {
"lastModified": 1753156081,
"narHash": "sha256-N+8LM+zvS6cP+VG2vxgEEDCyX1T9EUq9wXTSvGwX9TM=",
"lastModified": 1753584741,
"narHash": "sha256-i147iFSy4K4PJvID+zoszLbRi2o+YV8AyG4TUiDQ3+I=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "8610c0f3801fc8dec7eb4b79c95fb39d16f38a80",
"rev": "69dfe029679e73b8d159011c9547f6148a85ca6b",
"type": "github"
},
"original": {

41
modules/containers/kopia-docker.nix
View file

@ -1,41 +0,0 @@
{ config, lib, ... }:
with lib;
let
# Define a shorthand for the module's options
cfg = config.services.kopia-docker;
in
{
options.services.kopia-docker.enable = mkEnableOption (
mdDoc "Kopia backup server (running in a container)"
);
config = mkIf cfg.enable {
virtualisation.oci-containers.containers.kopia = {
image = "kopia/kopia:latest";
extraOptions = [ "--network=host" ];
volumes = [
"/etc:/etc:ro"
"/srv:/srv:ro"
"/var/log:/var/log:ro"
"/home:/home:ro"
"/var/lib:/var/lib:ro"
"/root:/root:ro"
"/storage:/storage:ro"
"/storage/services/kopia:/app/config"
"/storage/services/kopia/cache:/app/cache"
"/storage/services/kopia/logs:/app/logs"
"/etc/nixos/secrets/kopia_password:/run/secrets/kopia-control-password:ro"
];
cmd = [
"server"
"start"
"--insecure"
"--address=0.0.0.0:51515"
"--server-control-username=homelab"
"--server-control-password-from-file=/run/secrets/kopia-control-password"
];
};
};
}

43
modules/containers/kopia.nix Normal file
View file

@ -0,0 +1,43 @@
{ config, pkgs, lib, ... }:
{
options.services.kopia = {
enable = lib.mkEnableOption "Kopia backup service";
};
config = lib.mkIf config.services.kopia.enable {
virtualisation.oci-containers.containers.kopia = {
image = "kopia/kopia:latest";
hostname = "Hostname";
containerName = "Kopia";
autoStart = true;
restart = "unless-stopped";
networkMode = "bridge";
ports = [ "51515:51515" ];
environment = {
KOPIA_PASSWORD = "REDACTED";
USER = "death916";
TZ = "America/Los_Angeles";
};
volumes = [
"/home/death916/certs:/certs"
"/home/death916/docker/volumes/kopia:/app/config"
"/home/death916/docker/volumes/kopia:/app/cache"
"/home/death916/docker/volumes/kopia:/app/logs"
"/:/data:ro"
"/tmp:/tmp:shared"
];
cmd = [
"server"
"start"
"--disable-csrf-token-checks"
"--tls-cert-file=/certs/pimox.bandicoot-skate.ts.net.crt"
"--tls-key-file=/certs/pimox.bandicoot-skate.ts.net.key"
"--address=0.0.0.0:51515"
"--server-username=death916"
"--server-password=REDACTED"
];
};
};
}

3
modules/nixos/homelab/services.nix
View file

@ -5,9 +5,8 @@
...
}:
{
imports = [ ../../containers/kopia-docker.nix ];
# imports = [ ../../containers/kopia-docker.nix ];
arrSuite.enable = true;
services.kopia-docker.enable = true;
services.samba.shares.Media.path = "/media/storage/media";
# virtualisation.incus.enable = true;

2
modules/nixos/homelab/user.nix
View file

@ -21,7 +21,7 @@
"libvirtd"
];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCte9KjJUSn4xBPEKCk9QER6+jF+C0uBatVl27zIamYsryyHdFrmqK2DAg7OhqTHqzjxID6sp6d57MsJqOUAtwXbUDMLffqBSerUxfTm+1SPDrhL0GSvo0QVjMLVseOEq8d2qXgW1R7dIk412VbO5e9SAump5aJOHI/SzT6VLoUczalmqrjnDacWQMeLu/TSOZHcfrhjYSg+b1xbc1vHp6C4obOb8JIj/anAieT/1P36MhlNW79ow6PWenLemBYeeezFrKtESF1oMc8jmcxogzgLamlqhKYAHlKhOuBF6u0nRneI5IPDbbMF5zwEv5szCEKj8XZJVYUk8uUg7ARyppjcA7yAXuaNKBNxa7tfjqWrDWOACn97ufE5FFJt0XH5JzkXcDh96K8ZSZaWxMRu2s+GlIu/1F415xtVfe1d79HYkWke/ewaQ4NqgOt8f7wRvyzabpQZDzkaXO0UoK65O2HyUur33XWCEmV+1pB6BrS8pD+1I4Tvbnc+rOgtHTTRfKqezKqZmaErEOxClBwvWjvn0PzhGSoClTGXPjhl239/sH0JGY09dTBh8GtAVbfv+jFO6nm6aR7O/OwSaohY3uOdRo8XyxJr4XyGAaBNRdm6BUJRnB4W51J49IQBZzIe2NUkNMHeUT4jkxFpfhkujnSFw2ZnOLkERpwkltAlbwuLw== tavn1992@gmail.com"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDoxgXUwp/ceXyfsOOSTBIpOIXZ4CyNcXj/W0wkkVhqjoiZOXlls1mjGvmFYmYbKw8He055+cxjRyhQqBCblwwy7Kj/o9ZE7Tg/tYoU//Iog/wReSoSlms58UR/qZk2Rk0mD0RfmW22iAJp8e+Z9qxF1h+1MZy6WPb3R7+KiN5U9q6ls71bF2AP+W5PV/voMi5R/66JolPpcVrYhrNKMPNSqefAD0Q0xeuoDff0LIsRuHZVGDE0MxCPWHpikQ/5K3bPjw1yRxo55buwDLddRmKZ5OSwtfnoI02BLh7zJvrctMPpKDQa2L+He5woC92/m7pmPFhdBynJ5e30KvQGsiUuB4oPye/29quZmybOR3JXbBZjrJ2kmAhrdt1PxoywWKOOTX5Xdw6d5kSYq00TAhDpcLcvGy3lh0tpLk8ia8HVfN7pmJQTDi+CW72zlHyPQILPsxR88ex5MGqE2GupP5wFYR+J6ncumh7Chdes2vD7r9uA2GUy8hmAfDhUG4B1yHs= death916@nixos"
];
};
}

5
nixos/homelab.nix
View file

@ -14,5 +14,10 @@
../modules/nixos/common/base.nix
../modules/nixos/homelab/user.nix
../modules/nixos/common/tailscale.nix
# ../modules/containers/kopia.nix
];
# config = {
# services.kopia.enable = true;
#};
}