diff --git a/nixos/common/global/secrets/rekeyed/viridian/ad2e226886559938be8ab210a35772b1-wiki-js.age b/nixos/common/global/secrets/rekeyed/viridian/ad2e226886559938be8ab210a35772b1-wiki-js.age deleted file mode 100644 index 81235fa..0000000 --- a/nixos/common/global/secrets/rekeyed/viridian/ad2e226886559938be8ab210a35772b1-wiki-js.age +++ /dev/null @@ -1,8 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 KTkZog 7QJNbtDdO9LpwTDNgeaEtm4KTONs5Hgukenu2AL6dSY -l7Nz7xlPLUmYWxbL2tcUT/pgaoZUcGppKaUzoSDty7g --> PLN-grease -KPAHJevjQIdgSu1kVhcefi2Y6aNgqaqhKXS0D3QWBFlSk7Kr8YQw2dDFpFW7fH/1 -9tvZZz5hJe+sJA ---- ZiUHAguNDc75YzOTCuWOz3HEAyA6KrWZJvWB/bLDJw8 -P|6("p3l."2aѤTB:6i4kb23` \ No newline at end of file diff --git a/nixos/viridian/configuration.nix b/nixos/viridian/configuration.nix index 8d52e07..bb3286c 100644 --- a/nixos/viridian/configuration.nix +++ b/nixos/viridian/configuration.nix @@ -15,9 +15,7 @@ ./services/minecraft ./services/mpd ./services/paperless-ngx - ./services/postgresql ./services/traefik - ./services/wiki-js # Multimedia ./multimedia/jellyfin diff --git a/nixos/viridian/hardware-configuration.nix b/nixos/viridian/hardware-configuration.nix index 7fa9529..e30e398 100644 --- a/nixos/viridian/hardware-configuration.nix +++ b/nixos/viridian/hardware-configuration.nix @@ -57,12 +57,18 @@ fsType = "ext4"; }; - fileSystems."/srv/multimedia/containers" = { + fileSystems."/srv/containers" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = ["subvol=containers" "compress=zstd"]; }; + fileSystems."/srv/services" = { + device = "/dev/disk/by-label/data"; + fsType = "btrfs"; + options = ["subvol=services" "compress=zstd"]; + }; + fileSystems."/srv/shares" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; diff --git a/nixos/viridian/multimedia/jellyfin/default.nix b/nixos/viridian/multimedia/jellyfin/default.nix index 480e68c..5c73611 100644 --- a/nixos/viridian/multimedia/jellyfin/default.nix +++ b/nixos/viridian/multimedia/jellyfin/default.nix @@ -16,8 +16,8 @@ in { # Media library "/srv/multimedia/library:/media:ro" # Container data - "/srv/multimedia/containers/jellyfin/config:/config:rw" - "/srv/multimedia/containers/jellyfin/cache:/cache:rw" + "/srv/containers/jellyfin/config:/config:rw" + "/srv/containers/jellyfin/cache:/cache:rw" ]; environment = { PUID = "1000"; diff --git a/nixos/viridian/multimedia/lidarr/default.nix b/nixos/viridian/multimedia/lidarr/default.nix index e2f9820..12f4abf 100644 --- a/nixos/viridian/multimedia/lidarr/default.nix +++ b/nixos/viridian/multimedia/lidarr/default.nix @@ -13,7 +13,7 @@ in { # Media library "/srv/multimedia:/data:rw" # Container data - "/srv/multimedia/containers/lidarr:/config:rw" + "/srv/containers/lidarr:/config:rw" ]; environment = { PUID = "1000"; diff --git a/nixos/viridian/multimedia/prowlarr/default.nix b/nixos/viridian/multimedia/prowlarr/default.nix index 011713f..09e6c55 100644 --- a/nixos/viridian/multimedia/prowlarr/default.nix +++ b/nixos/viridian/multimedia/prowlarr/default.nix @@ -11,7 +11,7 @@ in { ]; volumes = [ # Container data - "/srv/multimedia/containers/prowlarr:/config:rw" + "/srv/containers/prowlarr:/config:rw" ]; environment = { PUID = "1000"; diff --git a/nixos/viridian/multimedia/qbittorrent/default.nix b/nixos/viridian/multimedia/qbittorrent/default.nix index 5ad3fee..f31b9af 100644 --- a/nixos/viridian/multimedia/qbittorrent/default.nix +++ b/nixos/viridian/multimedia/qbittorrent/default.nix @@ -13,7 +13,7 @@ in { volumes = [ # Seedbox "/srv/multimedia/torrents:/data/torrents:rw" - "/srv/multimedia/containers/qbittorrent:/config:rw" + "/srv/containers/qbittorrent:/config:rw" ]; environment = { PUID = "1000"; diff --git a/nixos/viridian/multimedia/radarr/default.nix b/nixos/viridian/multimedia/radarr/default.nix index 95ac698..26af091 100644 --- a/nixos/viridian/multimedia/radarr/default.nix +++ b/nixos/viridian/multimedia/radarr/default.nix @@ -13,7 +13,7 @@ in { # Media library "/srv/multimedia:/data:rw" # Container data - "/srv/multimedia/containers/radarr:/config:rw" + "/srv/containers/radarr:/config:rw" ]; environment = { PUID = "1000"; diff --git a/nixos/viridian/multimedia/sonarr/default.nix b/nixos/viridian/multimedia/sonarr/default.nix index be12dcd..af1007f 100644 --- a/nixos/viridian/multimedia/sonarr/default.nix +++ b/nixos/viridian/multimedia/sonarr/default.nix @@ -13,7 +13,7 @@ in { # Media library "/srv/multimedia:/data:rw" # Container data - "/srv/multimedia/containers/sonarr:/config:rw" + "/srv/containers/sonarr:/config:rw" ]; environment = { PUID = "1000"; diff --git a/nixos/viridian/services/borgbackup/default.nix b/nixos/viridian/services/borgbackup/default.nix index 18f4f2f..142feae 100644 --- a/nixos/viridian/services/borgbackup/default.nix +++ b/nixos/viridian/services/borgbackup/default.nix @@ -5,27 +5,20 @@ services.borgbackup.jobs."borgbase" = { paths = [ - # Services - "/srv/minecraft" + # Shares "/srv/shares/sajenim" - "/srv/www/sajenim.dev" - "/var/lib/crowdsec" - "/var/lib/forgejo" - "/var/lib/immich" - "/var/lib/paperless-ngx" - "/var/lib/postgresql" - "/var/lib/private/wiki-js" - "/var/lib/redis-immich" - "/var/lib/redis-paperless" - "/var/lib/traefik" - "/var/lib/wiki-js" - # Multimedia - "/srv/multimedia/containers/jellyfin" - "/srv/multimedia/containers/lidarr" - "/srv/multimedia/containers/prowlarr" - "/srv/multimedia/containers/qbittorrent" - "/srv/multimedia/containers/radarr" - "/srv/multimedia/containers/sonarr" + # Services + "/srv/services/forgejo" + "/srv/services/immich" + "/srv/services/minecraft" + "/srv/services/paperless-ngx" + # Containers + "/srv/containers/jellyfin" + "/srv/containers/lidarr" + "/srv/containers/prowlarr" + "/srv/containers/qbittorrent" + "/srv/containers/radarr" + "/srv/containers/sonarr" ]; repo = "o93k24r6@o93k24r6.repo.borgbase.com:repo"; diff --git a/nixos/viridian/services/forgejo/default.nix b/nixos/viridian/services/forgejo/default.nix index 119d348..6890c4a 100644 --- a/nixos/viridian/services/forgejo/default.nix +++ b/nixos/viridian/services/forgejo/default.nix @@ -1,7 +1,7 @@ {config, ...}: { services.forgejo = { enable = true; - stateDir = "/var/lib/forgejo"; + stateDir = "/srv/services/forgejo"; settings = { server = { DOMAIN = "git.sajenim.dev"; @@ -35,14 +35,4 @@ {url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}";} ]; }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/var/lib/forgejo"; - user = "forgejo"; - group = "forgejo"; - } - ]; - }; } diff --git a/nixos/viridian/services/immich/default.nix b/nixos/viridian/services/immich/default.nix index 58f1884..67dbea3 100644 --- a/nixos/viridian/services/immich/default.nix +++ b/nixos/viridian/services/immich/default.nix @@ -20,7 +20,7 @@ port = 5489; host = "0.0.0.0"; openFirewall = true; - mediaLocation = "/var/lib/immich"; + mediaLocation = "/srv/services/immich/library"; secretsFile = config.age.secrets.immich.path; database = { enable = true; @@ -52,19 +52,4 @@ {url = "http://127.0.0.1:${toString config.services.immich.port}";} ]; }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/var/lib/immich"; - user = "immich"; - group = "immich"; - } - { - directory = "/var/lib/redis-immich"; - user = "immich"; - group = "immich"; - } - ]; - }; } diff --git a/nixos/viridian/services/lighttpd/default.nix b/nixos/viridian/services/lighttpd/default.nix index b5ef007..ec976b8 100644 --- a/nixos/viridian/services/lighttpd/default.nix +++ b/nixos/viridian/services/lighttpd/default.nix @@ -2,7 +2,7 @@ services.lighttpd = { enable = true; port = 5624; - document-root = "/srv/www/sajenim.dev"; + document-root = "/srv/services/websites/sajenim.dev"; }; services.traefik.dynamicConfigOptions.http.routers = { @@ -24,14 +24,4 @@ {url = "http://127.0.0.1:${toString config.services.lighttpd.port}";} ]; }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/srv/www"; - user = "lighttpd"; - group = "lighttpd"; - } - ]; - }; } diff --git a/nixos/viridian/services/minecraft/default.nix b/nixos/viridian/services/minecraft/default.nix index 1203bbb..3e9748e 100644 --- a/nixos/viridian/services/minecraft/default.nix +++ b/nixos/viridian/services/minecraft/default.nix @@ -70,7 +70,7 @@ in { }; # Each server will be under a subdirectory named after the server name. - dataDir = "/srv/minecraft"; + dataDir = "/srv/services/minecraft"; # Open firewall for all servers. openFirewall = true; @@ -97,14 +97,4 @@ in { {url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}";} ]; }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/srv/minecraft"; - user = "minecraft"; - group = "minecraft"; - } - ]; - }; } diff --git a/nixos/viridian/services/paperless-ngx/default.nix b/nixos/viridian/services/paperless-ngx/default.nix index e04d79a..9a3826a 100644 --- a/nixos/viridian/services/paperless-ngx/default.nix +++ b/nixos/viridian/services/paperless-ngx/default.nix @@ -1,5 +1,5 @@ {config, ...}: let - dir = "/var/lib/paperless-ngx"; + dir = "/srv/services/paperless-ngx"; in { age.secrets.paperless-ngx = { rekeyFile = ./password.age; @@ -34,19 +34,4 @@ in { {url = "http://127.0.0.1:${toString config.services.paperless.port}";} ]; }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/var/lib/paperless-ngx"; - user = "paperless"; - group = "paperless"; - } - { - directory = "/var/lib/redis-paperless"; - user = "redis-paperless"; - group = "redis-paperless"; - } - ]; - }; } diff --git a/nixos/viridian/services/postgresql/default.nix b/nixos/viridian/services/postgresql/default.nix deleted file mode 100644 index a1e0c5e..0000000 --- a/nixos/viridian/services/postgresql/default.nix +++ /dev/null @@ -1,20 +0,0 @@ -{pkgs, ...}: { - services.postgresql = { - enable = true; - package = pkgs.postgresql_15; - settings = { - port = 5432; - }; - dataDir = "/var/lib/postgresql/15"; - }; - - environment.persistence."/persist" = { - directories = [ - { - directory = "/var/lib/postgresql"; - user = "postgres"; - group = "postgres"; - } - ]; - }; -} diff --git a/nixos/viridian/services/traefik/default.nix b/nixos/viridian/services/traefik/default.nix index 3bba7fc..5466e9d 100644 --- a/nixos/viridian/services/traefik/default.nix +++ b/nixos/viridian/services/traefik/default.nix @@ -98,11 +98,6 @@ main = "sajenim.dev"; sans = ["*.sajenim.dev"]; } - # Keyboards - { - main = "sajkbd.io"; - sans = ["*.sajkbd.io"]; - } ]; }; }; diff --git a/nixos/viridian/services/wiki-js/default.nix b/nixos/viridian/services/wiki-js/default.nix deleted file mode 100644 index 45c4727..0000000 --- a/nixos/viridian/services/wiki-js/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -{config, ...}: { - systemd.services.wiki-js = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; - }; - - services.wiki-js = { - enable = true; - settings.db = { - db = "wiki-js"; - host = "/run/postgresql"; - type = "postgres"; - user = "wiki-js"; - }; - }; - - services.postgresql = { - ensureDatabases = ["wiki-js"]; - ensureUsers = [ - { - name = "wiki-js"; - ensureDBOwnership = true; - } - ]; - }; - - services.traefik.dynamicConfigOptions.http.routers = { - wiki-js = { - rule = "Host(`wiki.sajkbd.io`)"; - entryPoints = [ - "websecure" - ]; - middlewares = [ - "crowdsec" - "geoblock" - ]; - service = "wiki-js"; - }; - }; - - services.traefik.dynamicConfigOptions.http.services = { - wiki-js.loadBalancer.servers = [ - {url = "http://127.0.0.1:${toString config.services.wiki-js.settings.port}";} - ]; - }; - - environment.persistence."/persist".directories = ["/var/lib/wiki-js"]; -}