From 10648360922559ece9bad3917ba163fc43d9db59 Mon Sep 17 00:00:00 2001 From: schweby Date: Fri, 26 Mar 2021 21:54:16 +0100 Subject: [PATCH] Revert "security: remove hexchen" This reverts commit bab826b1c711ba7303833769b08b8ef33c7a554b. Also fixes hexchen nix due new logic --- common/hexchen.nix | 2 +- common/users.nix | 16 +++++------ hosts/hainich/configuration.nix | 42 ++++++++++++++-------------- hosts/hainich/services/syncthing.nix | 18 ++++++------ 4 files changed, 39 insertions(+), 39 deletions(-) diff --git a/common/hexchen.nix b/common/hexchen.nix index 3db0968..422b8e0 100644 --- a/common/hexchen.nix +++ b/common/hexchen.nix @@ -4,6 +4,6 @@ let sources = import ../nix/sources.nix; in { imports = [ - (import sources.nix-hexchen).users.hexchen.base + (import sources.nix-hexchen {}).users.hexchen.base ]; } diff --git a/common/users.nix b/common/users.nix index 02d5cca..7ffd2a9 100644 --- a/common/users.nix +++ b/common/users.nix @@ -1,9 +1,9 @@ { config, pkgs, lib, ... }: { -# imports = [ -# ./hexchen.nix -# ]; + imports = [ + ./hexchen.nix + ]; home-manager.useGlobalPkgs = true; @@ -13,11 +13,11 @@ }; # all the actual config is imported from hexchen's nixfiles -# hexchen = { -# uid = lib.mkForce 1000; -# isNormalUser = true; -# extraGroups = [ "wheel" ]; -# }; + hexchen = { + uid = lib.mkForce 1000; + isNormalUser = true; + extraGroups = [ "wheel" ]; + }; stuebinm = { uid = 1005; diff --git a/hosts/hainich/configuration.nix b/hosts/hainich/configuration.nix index ce2a565..4e83ed6 100644 --- a/hosts/hainich/configuration.nix +++ b/hosts/hainich/configuration.nix @@ -100,27 +100,27 @@ boot.kernelPackages = pkgs.linuxPackages; -# services.restic.backups.tardis = { -# passwordFile = "/etc/restic/system"; -# s3CredentialsFile = "/etc/restic/system.s3creds"; -# paths = [ -# "/data" -# "/home" -# "/run/florinori" -# "/var/lib/containers/codimd/var/lib/codimd" -# "/var/lib/containers/codimd/var/backup/postgresql" -# "/var/lib/containers/lantifa/var/lib/mediawiki" -# "/var/lib/containers/lantifa/var/backup/mysql" -# "/var/lib/murmur" -# "/var/lib/syncthing" -# ]; -# pruneOpts = [ -# "--keep-daily 7" -# "--keep-weekly 5" -# "--keep-monthly 12" -# ]; -# repository = "b2:tardis-hainich:system"; -# }; + services.restic.backups.tardis = { + passwordFile = "/etc/restic/system"; + s3CredentialsFile = "/etc/restic/system.s3creds"; + paths = [ + "/data" + "/home" + "/run/florinori" + "/var/lib/containers/codimd/var/lib/codimd" + "/var/lib/containers/codimd/var/backup/postgresql" + "/var/lib/containers/lantifa/var/lib/mediawiki" + "/var/lib/containers/lantifa/var/backup/mysql" + "/var/lib/murmur" + "/var/lib/syncthing" + ]; + pruneOpts = [ + "--keep-daily 7" + "--keep-weekly 5" + "--keep-monthly 12" + ]; + repository = "b2:tardis-hainich:system"; + }; # This value determines the NixOS release from which the default diff --git a/hosts/hainich/services/syncthing.nix b/hosts/hainich/services/syncthing.nix index 4ec1fc5..6e56632 100644 --- a/hosts/hainich/services/syncthing.nix +++ b/hosts/hainich/services/syncthing.nix @@ -24,21 +24,21 @@ id = "72B3T74-NOMJV3X-EVJXTJF-5GGAEZB-ZDKBHXQ-VQNRYEU-YCPA2JP-L6NGAAG"; }; # zauberberg -# conway = { -# addresses = []; # empty = dynamic -# id = "HV7IU2N-Q4W3A7F-BSASR43-OB575SM-47FY2UW-7N5GMFM-PX3LWRN-HXBXMQF"; -# }; + conway = { + addresses = []; # empty = dynamic + id = "HV7IU2N-Q4W3A7F-BSASR43-OB575SM-47FY2UW-7N5GMFM-PX3LWRN-HXBXMQF"; + }; # hexchen -# storah = { -# addresses = [ "tcp://46.4.62.95:22000" "quic://46.4.62.95:22000" ]; -# id = "SGHQ2JA-7FJ6CKM-N3I54R4-UOJC5KO-7W22O62-YLTF26F-S7DLZG4-ZLP7HAM"; -# }; + storah = { + addresses = [ "tcp://46.4.62.95:22000" "quic://46.4.62.95:22000" ]; + id = "SGHQ2JA-7FJ6CKM-N3I54R4-UOJC5KO-7W22O62-YLTF26F-S7DLZG4-ZLP7HAM"; + }; }; folders = { "/var/lib/syncthing/hacc" = { id = "qt2ly-xvvvs"; - devices = [ "txsbcct" "octycs" "stuebinm-desktop" "raphael-laptop" ]; + devices = [ "txsbcct" "octycs" "stuebinm-desktop" "conway" "raphael-laptop" "storah" ]; type = "receiveonly"; versioning = { type = "simple";