Compare commits
2 Commits
13041313d0
...
24efea29a8
| Author | SHA1 | Date | |
|---|---|---|---|
|
24efea29a8 | ||
| 40d00c42f7 |
@@ -175,7 +175,7 @@
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
allowedTCPPorts = [ 80 443 3843 4533 6722 7474 7878 8080 8081 8083 8089 8096 8120 8181 8443 8787 8889 8902 8989 8998 9000 9091 9696 11112 24454 25565 25600 ];
|
||||
allowedTCPPorts = [ 80 443 3000 3843 4533 6600 6722 7474 7878 8000 8080 8081 8083 8089 8096 8120 8181 8443 8787 8889 8902 8989 8998 9000 9091 9696 11112 13378 24454 25565 25600 ];
|
||||
allowedUDPPorts = [ 3478 10001 ];
|
||||
};
|
||||
};
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
source_directories:
|
||||
- /home/eesim/configs/mc-arcadia
|
||||
- /home/eesim/configs/mc-distant-horizons/
|
||||
|
||||
repositories:
|
||||
- path: ssh://fbv1440u@fbv1440u.repo.borgbase.com/./repo
|
||||
label: "Minecraft-Arcadia borgbase"
|
||||
- path: ssh://lxojwl95@lxojwl95.repo.borgbase.com/./repo
|
||||
label: "Minecraft-DH borgbase"
|
||||
|
||||
exclude_if_present:
|
||||
- .nobackup
|
||||
|
||||
compression: auto,zstd
|
||||
archive_name_format: '{hostname}-{now:%Y-%m-%d-%H%M%S}'
|
||||
encryption_passcommand: 'cat /run/secrets/mc-arcadia/repo_password'
|
||||
encryption_passcommand: 'cat /run/secrets/mc-dh/repo_password'
|
||||
|
||||
keep_hourly: 24
|
||||
keep_daily: 7
|
||||
@@ -21,6 +21,7 @@
|
||||
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
secrets."mc-arcadia/repo_password" = {};
|
||||
secrets."mc-dh/repo_password" = {};
|
||||
secrets."tandoor/secret_key" = {
|
||||
owner = "tandoor";
|
||||
};
|
||||
@@ -31,9 +32,14 @@
|
||||
format = "binary";
|
||||
sopsFile = ../../secrets/diphda/porkbun.keytab;
|
||||
};
|
||||
secrets."caddy-porkbun.keytab" = {
|
||||
format = "binary";
|
||||
sopsFile = ../../secrets/diphda/porkbun.keytab;
|
||||
path = "/home/eesim/configs/caddy/.env";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.timers."mc-arcadia-backup" = {
|
||||
systemd.timers."mc-dh-backup" = {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnCalendar = "*-*-* *:00:00";
|
||||
@@ -41,14 +47,14 @@
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services."mc-arcadia-backup" = {
|
||||
systemd.services."mc-dh-backup" = {
|
||||
enable = true;
|
||||
preStart = ''
|
||||
${pkgs.docker}/bin/docker exec mc-arcadia-mc-1 mc-send-to-console say Server backup starting in 5 minutes
|
||||
${pkgs.docker}/bin/docker exec mc-distant-horizons-mc-1 mc-send-to-console say Server backup starting in 5 minutes
|
||||
sleep 5m
|
||||
'';
|
||||
postStart = ''
|
||||
${pkgs.docker}/bin/docker exec mc-arcadia-mc-1 mc-send-to-console say Server backup starting
|
||||
${pkgs.docker}/bin/docker exec mc-distant-horizons-mc-1 mc-send-to-console say Server backup starting
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
@@ -56,7 +62,7 @@
|
||||
ExecStart = ''
|
||||
systemd-inhibit --who="borgmatic" \
|
||||
--why="Prevent interrupting scheduled backup" \
|
||||
${pkgs.borgmatic}/bin/borgmatic -c /etc/nixos/hosts/diphda/mc-arcadia-backup.yaml --verbosity 1 --syslog-verbosity 1
|
||||
${pkgs.borgmatic}/bin/borgmatic -c /etc/nixos/hosts/diphda/mc-dh-backup.yaml --verbosity 1 --syslog-verbosity 1
|
||||
'';
|
||||
};
|
||||
};
|
||||
@@ -102,6 +108,12 @@
|
||||
};
|
||||
};
|
||||
|
||||
services.mpd = {
|
||||
enable = true;
|
||||
musicDirectory = "/media/Music";
|
||||
network.listenAddress = "any";
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "eesimmons9105@gmail.com";
|
||||
|
||||
@@ -5,9 +5,6 @@ tandoor:
|
||||
db_password: ENC[AES256_GCM,data:lkYU5lFHDo+4/6uVuV6VZ6/XQHQ=,iv:1Htc76J25m9iW6YCosEtSGT4nfYsfywbYVoAf7XXrDI=,tag:RdymUdMjiQqRPutTsQNGaw==,type:str]
|
||||
mc-dh:
|
||||
repo_password: ENC[AES256_GCM,data:iD1isjDUlJixMPaiE+bDhhKgzLM=,iv:pf9q2M8wRh7B0quYaezdZ81B/8JtsN7jFj8/00YXzcQ=,tag:f5/KHzsc+B21sF+dE8I2Nw==,type:str]
|
||||
caddy:
|
||||
porkbun_api_key: ENC[AES256_GCM,data:5UkeI2g1Q7k2BgCy5egoYrGsD/+yky6WDU7k44pZASyxHrGLthswjDsNnQDeWapu3dHgV74esC1cKJLlq1sYoe1SSj8=,iv:Qu3sgwvRXfYaksP8HpOPpwx+A5C9bdtWmFB40jGg6pM=,tag:ZRhZ4in9YbSbCnulyOmqTw==,type:str]
|
||||
porkbun_secret_key: ENC[AES256_GCM,data:5sZiwTlfVXBUBZRR25Y/CdapZHo58lkwt/r3rhCa6e0p3AX6J7BUNppL4qI4+wr7L6H0ERBkBtfeOAxyjMVmVsgRJ38=,iv:t+OUaBdfy+KBk+gWl4qnhFE627WTg+gcMXcXUpdMc8w=,tag:61eYqKTiwTOBxqnMqRn+dA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
@@ -41,8 +38,8 @@ sops:
|
||||
eUxTaTJVRlpNNWZodE8yZXpWTlpCWVkKHtJFmHUSNfy46J1BJdOvIRjegQrTWdfH
|
||||
KSbKbz7ezBOOPlrR7eDEx2FIjP4TVBRksYq+NYockmKVk+VGsc5pBQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-10-22T19:33:56Z"
|
||||
mac: ENC[AES256_GCM,data:XaWrqy8GTvvc9b+pvqEKc0Pnai5THfeFg+OEyWbzcxPyNFPKD54kWUWm8t0PGntyWM/G8j/Ar36jnnoprInNyy/g7HuAPCNUojdFUFgvTST1TJqSbLprUJ/buCjbph38xWXCxDNxAycv0TdTHfT+q5laCEv1mNkcv4ZPJ0vJq7A=,iv:xROcRftKIIXkU6TBG5U72fF7F4VTbapqudJIcka0BLo=,tag:PbRoRKW1W8KBZD/GuaKi2w==,type:str]
|
||||
lastmodified: "2024-10-21T21:38:20Z"
|
||||
mac: ENC[AES256_GCM,data:9xwuUolD29FFk44FTcQogSlulGrqyd6NLR6Jl1vAJkKcuoA531GZVUIvyhKhpwezGuheVBiH+AjqmEAoCK6pIMWO1METDlc3Q2jshLURyc6v0a0dgKpUoU5d1afc09NIVOUpdfQIAOHbOaHJDbUzSb2xIu5Rie8cNbi8vkWC0Rw=,iv:AZ6HnHb3yFvSDU8LeF5+rRZZv4eywY3QlhDeWLfJG+c=,tag:y6a7bg0BfmzwsbCqQfFdwQ==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.1
|
||||
|
||||
Reference in New Issue
Block a user