chore[server]: improve backup management

2025-12-06 09:07:21 +01:00 · 2025-11-27 16:47:41 +01:00 · 2025-11-27 16:47:41 +01:00 · d56d65aac5
commit d56d65aac5
parent 969ae3302d
15 changed files with 1394 additions and 631 deletions
--- a/modules/home/common/atuin.nix
+++ b/modules/home/common/atuin.nix
@ -8,6 +8,7 @@ in
    programs.atuin = {
      enable = true;
      enableZshIntegration = true;
+      enableBashIntegration = true;
      settings = {
        auto_sync = true;
        sync_frequency = "5m";
--- a/modules/home/common/bash.nix
+++ b/modules/home/common/bash.nix
@ -1,12 +1,20 @@
-{ config, pkgs, lib, ... }:
+{ config, lib, ... }:
 {
  options.swarselmodules.bash = lib.mkEnableOption "bash settings";
  config = lib.mkIf config.swarselmodules.bash {

    programs.bash = {
-      bashrcExtra = ''
-        export PATH="${pkgs.nix}/bin:$PATH"
+      enable = true;
+      # needed for remote builders
+      bashrcExtra = lib.mkIf (!config.swarselsystems.isNixos) ''
+        export PATH="/nix/var/nix/profiles/default/bin:$PATH"
      '';
+      historyFile = "${config.home.homeDirectory}/.histfile";
+      historySize = 100000;
+      historyFileSize = 100000;
+      historyControl = [
+        "ignoreboth"
+      ];
    };
  };
 }
--- a/modules/home/common/settings.nix
+++ b/modules/home/common/settings.nix
@ -1,7 +1,7 @@
-{ self, outputs, lib, pkgs, config, globals, nixosConfig ? config, ... }:
+{ self, outputs, lib, pkgs, config, globals, confLib, ... }:
 let
  inherit (config.swarselsystems) mainUser flakePath isNixos isLinux;
-  inherit (nixosConfig.repo.secrets.common) atticPublicKey;
+  inherit (confLib.getConfig.repo.secrets.common) atticPublicKey;
 in
 {
  options.swarselmodules.general = lib.mkEnableOption "general nix settings";
@ -23,7 +23,7 @@ in
            };
          in
          ''
-                  plugin-files = ${nix-plugins}/lib/nix/plugins
+            plugin-files = ${nix-plugins}/lib/nix/plugins
            extra-builtins-file = ${self + /nix/extra-builtins.nix}
          '';
        settings = {
--- a/modules/home/common/zsh.nix
+++ b/modules/home/common/zsh.nix
@ -67,7 +67,10 @@ in
        };
        history = {
          expireDuplicatesFirst = true;
-          path = "$HOME/.histfile";
+          append = true;
+          ignoreSpace = true;
+          ignoreDups = true;
+          path = "${config.home.homeDirectory}/.histfile";
          save = 100000;
          size = 100000;
        };
--- a/modules/nixos/server/minecraft/default.nix
+++ b/modules/nixos/server/minecraft/default.nix
@ -1,6 +1,8 @@
-{ lib, config, globals, dns, confLib, ... }:
+{ lib, config, pkgs, globals, dns, confLib, ... }:
 let
-  inherit (confLib.gen { name = "minecraft"; port = 25565; dir = "/var/lib/minecraft"; }) serviceName servicePort serviceDir serviceDomain proxyAddress4 proxyAddress6;
+  inherit (confLib.gen { name = "minecraft"; port = 25565; dir = "/opt/minecraft"; }) serviceName servicePort serviceDir serviceDomain proxyAddress4 proxyAddress6;
+  inherit (config.swarselsystems) mainUser;
+  worldName = "${mainUser}craft";
 in
 {
  options.swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
@ -30,9 +32,9 @@ in

      serviceConfig = {
        User = "root";
-        WorkingDirectory = "/var/lib/minecraft/swarselcraft";
+        WorkingDirectory = "${serviceDir}/${worldName}";

-        ExecStart = "/usr/bin/java @user_jvm_args.txt @libraries/net/minecraftforge/forge/1.20.1-47.2.20/unix_args.txt nogui";
+        ExecStart = "${lib.getExe pkgs.temurin-jre-bin-17} @user_jvm_args.txt @libraries/net/minecraftforge/forge/1.20.1-47.2.20/unix_args.txt nogui";

        Restart = "always";
        RestartSec = 30;
--- a/modules/nixos/server/restic.nix
+++ b/modules/nixos/server/restic.nix
@ -4,6 +4,14 @@ let
 in
 {
  options.swarselmodules.server.restic = lib.mkEnableOption "enable restic backups on server";
+  options.swarselsystems.server.restic = {
+    bucketName = lib.mkOption {
+      type = lib.types.str;
+    };
+    paths = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+    };
+  };
  config = lib.mkIf config.swarselmodules.server.restic {

    sops = {
@ -26,20 +34,10 @@ in
      in
      {
        backups = {
-          SwarselWinters = {
+          "${config.swarselsystems.server.restic.bucketName}" = {
            environmentFile = config.sops.templates."restic-env".path;
            passwordFile = config.sops.secrets.resticpw.path;
-            paths = [
-              "/Vault/data/paperless"
-              "/Vault/data/koillection"
-              "/Vault/data/postgresql"
-              "/Vault/data/firefly-iii"
-              "/Vault/data/radicale"
-              "/Vault/data/matrix-synapse"
-              "/Vault/Eternor/Paperless"
-              "/Vault/Eternor/Bilder"
-              "/Vault/Eternor/Immich"
-            ];
+            inherit (config.swarselsystems.server.restic) paths;
            pruneOpts = [
              "--keep-daily 3"
              "--keep-weekly 2"
--- a/modules/shared/config-lib.nix
+++ b/modules/shared/config-lib.nix
@ -8,6 +8,8 @@
      domainDefault = service: config.repo.secrets.common.services.domains.${service};
      proxyDefault = config.swarselsystems.proxyHost;

+      getConfig = config;
+
      gen = { name, user ? name, group ? name, dir ? null, port ? null, domain ? (domainDefault name), address ? addressDefault, proxy ? proxyDefault }: rec {
        servicePort = port;
        serviceName = name;