huge refactoring

features/backups.nix

@@ -0,0 +1,36 @@
+{ config, ... }:
+{
+  sops.secrets.borgRepoPassword = {};
+  
+  opt.services.borgbackup.jobs = {
+    localBackup = {
+      paths = "/";
+      exclude = [
+        "/nix"
+        "/srv/Multimedia"
+        "/srv/media"
+      ];
+      repo = "/srv/backups/serverBackups";
+      doInit = true;
+      encryption = {
+        mode = "repokey";
+        passCommand = "cat /run/secrets/borgRepoPassword";
+      };
+      compression = "auto,lzma";
+      startAt = "weekly";
+    };
+
+    borgPersonalServer = {
+      authorizedKeys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHyeTAANyYqMFded6mJHWuhGVXROu3TqDV2b8icjolfO root@meowcats-silly-computer"
+      ];
+      path = "/srv/backups/localComputerBackups";
+    };
+
+    /*
+    serverBackup = {
+
+    };
+    */
+  };
+}

features/containers/4get.nix

@@ -0,0 +1,16 @@
+{config, ...}:
+{
+    virtualisation.oci-containers = {
+      backend = "docker";
+      containers = {
+       fourget = {
+        image = "luuul/4get:latest";
+        environment = {
+          "FOURGET_PROTO" = "http";
+          "FOURGET_SERVER_NAME" = "192.168.1.177:6942";
+        };
+        ports = ["6942:80"];
+      }; 
+      };
+    };
+}

features/containers/default.nix

@@ -4,7 +4,8 @@
   imports = [
     ./crafty-controller.nix
     ./flaresolverr.nix
-    ./freshrss.nix
+    # ./freshrss.nix
     ./sonarr.nix
+    ./pihole-exporter.nix
   ];
 }

features/containers/pihole-exporter.nix

@@ -0,0 +1,21 @@
+{ config, ... }:
+
+{
+
+  sops.secrets.piholeHostname = {};
+  sops.secrets.piholePassword = {};
+
+  virtualisation.oci-containers = {
+    backend = "docker";
+    containers = {
+      pihole-exporter = {
+        image = "ekofr/pihole-exporter:latest";
+        ports = [ "9617:9617" ];
+        environment = {
+          "PIHOLE_HOSTNAME" = config.sops.secrets.piholeHostname;
+          "PIHOLE_PASSWORD" = config.sops.secrets.piholePassword;
+        };
+      };
+    };
+  };
+}

features/databases/default.nix

@@ -0,0 +1,21 @@
+{pkgs, config, ...} : 
+{
+  services.mysql = {
+    enable = true;
+    package = pkgs.mariadb;
+    ensureDatabases = [ "photoprism" ];
+    ensureUsers = [
+      {
+        name = "photoprism";
+        ensurePermissions = {
+          "photoprism.*" = "ALL PRIVILEGES";
+        };
+      }
+    ];
+  };
+
+  services.postgresql = {
+    enable = true;
+    package = pkgs.postgresql_15;
+  };
+}

features/multimedia/arr-suite.nix

@@ -35,7 +35,7 @@ in
     enable = true;
     openFirewall = true;
   };
-  /*
+/*
     #TODO: create duplicated instances of Sonarr.
     systemd.services."sonarrAnime" = {
       enable = true;
@@ -56,5 +56,6 @@ in
       };
       wantedBy = [ "multi-user.target" ];
     };
-  */
+*/
+
 }

features/multimedia/default.nix

@@ -0,0 +1,8 @@
+{
+  imports = [
+    ./arr-suite.nix
+    ./calibre-web.nix
+    ./slskd.nix
+    ./transmission.nix
+  ];
+}

features/photoprism.nix

@@ -1,38 +0,0 @@
-{ pkgs, config, ... }:
-{
-  sops.secrets.adminPassword = {
-    sopsFile = ../secrets/photoprism.yaml;
-    format = "dotenv";
-  };
-
-  services.photoprism = {
-    enable = true;
-    port = 2342;
-    originalsPath = "/var/lib/private/photoprism/originals";
-    settings = {
-      PHOTOPRISM_ADMIN_USER = "lospussyadminos";
-      PHOTOPRISM_ADMIN_PASSWORD = config.sops.secrets.adminPassword;
-      PHOTOPRISM_DEFAULT_LOCALE = "fr";
-      PHOTOPRISM_DATABASE_DRIVER = "mysql";
-      PHOTOPRISM_DATABASE_NAME = "photoprism";
-      PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
-      PHOTOPRISM_DATABASE_USER = "photoprism";
-      PHOTOPRISM_SITE_URL = "http://192.168.1.177:2342";
-      PHOTOPRISM_SITE_TITLE = "hyperreal photoprism???";
-    };
-  };
-
-  services.mysql = {
-    enable = true;
-    package = pkgs.mariadb;
-    ensureDatabases = [ "photoprism" ];
-    ensureUsers = [
-      {
-        name = "photoprism";
-        ensurePermissions = {
-          "photoprism.*" = "ALL PRIVILEGES";
-        };
-      }
-    ];
-  };
-}

features/prometheus.nix

@@ -6,7 +6,10 @@
     exporters = {
       node = {
         enable = true;
-        enabledCollectors = [ "systemd" ];
+        enabledCollectors = [
+          "logind"
+          "systemd"
+        ];
         port = 9002;
       };
     };

features/services/default.nix

@@ -0,0 +1,12 @@
+{config, ...}:
+{
+  imports = [
+    ./homelab-dashboard.nix
+    ./nextcloud.nix
+    ./photoprism.nix
+    ./grafana.nix
+    ./forgejo.nix
+    ./synapse-matrix.nix
+    ./uptime-kuma.nix
+  ];
+}

features/services/forgejo.nix

@@ -0,0 +1,31 @@
+{ config, ... }:
+{
+  sops.secrets.smtp_address = {};
+  sops.secrets.smtp_password = {};
+
+  services.forgejo = {
+    enable = true;
+    lfs.enable = true;
+    service.DISABLE_REGISTRATION = true;
+    database = {
+      type = "postgres";
+    };
+    server = {
+      DOMAIN = "git.hypervirtual.world";
+      ROOT_URL = "https://hypervirtual.world";
+      HTTP_PORT = 3000;
+    };
+
+    actions = {
+      ENABLED = true;
+      DEFAULT_ACTIONS_URL = "github";
+    };
+
+    mailer = {
+        ENABLED = true;
+        SMTP_ADDR = config.sops.secrets.smtp_address;
+      };
+
+    mailerPasswordFile = config.sops.secrets.smtp_password.path;
+  };
+}

features/services/grafana.nix

@@ -9,5 +9,4 @@
       };
     };
   };
-
 }

features/services/homelab-dashboard.nix

@@ -228,10 +228,10 @@ in
 
             }
             {
-              "Searx" = {
+              "4get" = {
                 icon = "searx";
                 description = "Moteur de recherche privé pour remplacer Google.";
-                href = "http://${ip}:8080";
+                href = "https://4get.hypervirtual.world";
               };
             }
           ];

features/services/nextcloud.nix

@@ -0,0 +1,11 @@
+{ config, ... }:
+{
+  services.nextcould = {
+    enable = true;
+    hostName = "cloud.hypervirtual.world";
+    database.createLocally = true;
+    config = {
+      dbtype = "pgsql";
+    };
+  };
+}

features/services/photoprism.nix

@@ -0,0 +1,22 @@
+{ pkgs, config, ... }:
+{
+  sops.secrets.photoprismUser = {};
+  sops.secrets.photoprismPassword = {};
+
+  services.photoprism = {
+    enable = true;
+    port = 2342;
+    originalsPath = "/srv/cloud/photoprism/originals";
+    settings = {
+      PHOTOPRISM_ADMIN_USER = config.sops.secrets.photoprismUser;
+      PHOTOPRISM_ADMIN_PASSWORD = config.sops.secrets.photoprismPassword;
+      PHOTOPRISM_DEFAULT_LOCALE = "fr";
+      PHOTOPRISM_DATABASE_DRIVER = "mysql";
+      PHOTOPRISM_DATABASE_NAME = "photoprism";
+      PHOTOPRISM_DATABASE_SERVER = "/run/mysqld/mysqld.sock";
+      PHOTOPRISM_DATABASE_USER = "photoprism";
+      PHOTOPRISM_SITE_URL = "http://photos.hypervirtual.world";
+      PHOTOPRISM_SITE_TITLE = "hyperreal photoprism???";
+    };
+  };
+}

features/services/synapse-matrix.nix

@@ -4,14 +4,12 @@
   lib,
   ...
 }:
-#TODO: implement 
 let
   baseUrl = "https://talk.hypervirtual.world";
 in
 {
   networking.domain = "hypervirtual.world";
-  sops.secrets.data = {
-    sopsFile = ../secrets/matrix.yaml;
+  sops.secrets.matrix_data = {
     format = "yaml";
     owner = "matrix-synapse";
   };
@@ -64,8 +62,7 @@ in
       "user-search"
     ];
 
-    extraConfigFiles = [ "/run/secrets/data" ];
-
+    extraConfigFiles = [ "/run/secrets/matrix_data" ];
   };
 
   /*
@@ -91,11 +88,6 @@ in
       };
     };
 
-    services.mautrix-whatsapp = { };
   */
 
-  services.postgresql = {
-    enable = true;
-    package = pkgs.postgresql_15;
-  };
 }