From 7a2f6147a2841f8fcfde2a7a4312c134e53ba639 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:07:50 +0200
Subject: [PATCH 01/15] exposed jellyfin & cleaned some mess

---
 features/server/caddy.nix                     |  6 ++-
 features/server/default.nix                   |  2 +-
 features/server/multimedia/arr-suite.nix      | 43 +++++++++----------
 features/server/multimedia/jellyfin.nix       |  1 +
 features/server/multimedia/slskd.nix          |  4 +-
 features/server/multimedia/transmission.nix   |  4 +-
 features/server/services/freshrss.nix         | 10 ++---
 features/server/services/grafana.nix          |  1 -
 .../server/services/homelab-dashboard.nix     |  9 ++--
 features/server/services/i2p.nix              |  7 ---
 features/server/services/uptime-kuma.nix      |  1 -
 hosts/sisyphe/server-configuration.nix        |  1 +
 12 files changed, 39 insertions(+), 50 deletions(-)
 delete mode 100644 features/server/services/i2p.nix

diff --git a/features/server/caddy.nix b/features/server/caddy.nix
index 101e08e..3562437 100644
--- a/features/server/caddy.nix
+++ b/features/server/caddy.nix
@@ -24,6 +24,10 @@
         reverse_proxy :8096
       '';
 
+      "http://media.hypervirtual.world".extraConfig = ''
+        reverse_proxy :8096
+      '';
+
       "http://slskd.sisyphe.normandy.hypervirtual.world".extraConfig = ''
         reverse_proxy :5030
       '';
@@ -48,7 +52,7 @@
         reverse_proxy :3000
       '';
 
-      "http://status.normandy.hypervirtual.world".extraConfig = ''
+      "http://status.hypervirtual.world".extraConfig = ''
         reverse_proxy :4000
       '';
 
diff --git a/features/server/default.nix b/features/server/default.nix
index 519f317..0b54b2e 100644
--- a/features/server/default.nix
+++ b/features/server/default.nix
@@ -28,6 +28,6 @@
     ethtool
     networkd-dispatcher
     transcrypt
-    libressl_3_8
+    libressl_3_9
   ];
 }
diff --git a/features/server/multimedia/arr-suite.nix b/features/server/multimedia/arr-suite.nix
index af56b9f..d5e940c 100644
--- a/features/server/multimedia/arr-suite.nix
+++ b/features/server/multimedia/arr-suite.nix
@@ -1,10 +1,7 @@
 {
   config,
-  pkgs,
-  lib,
   ...
 }:
-with lib;
 
 let
   cfg = config.arrSuite;
@@ -35,27 +32,27 @@ in
     enable = true;
     openFirewall = true;
   };
-/*
-    #TODO: create duplicated instances of Sonarr.
-    systemd.services."sonarrAnime" = {
-      enable = true;
-      description = "Duplicated Sonarr instance, for animes";
-      after = [
-        "syslog.target"
-        "network.target"
-      ];
+  /*
+      #TODO: create duplicated instances of Sonarr.
+      systemd.services."sonarrAnime" = {
+        enable = true;
+        description = "Duplicated Sonarr instance, for animes";
+        after = [
+          "syslog.target"
+          "network.target"
+        ];
 
-      path = [ pkgs.sonarr ];
-      serviceConfig = {
-        Type = "simple";
-        User = "sonarr";
-        ExecStart = "${pkgs.sonarr}/bin/Sonarr -nobrowser -data=/var/lib/sonarrAnime";
-        TimeoutStopSec = "20";
-        KillMode = "process";
-        Restart = "on-failure";
+        path = [ pkgs.sonarr ];
+        serviceConfig = {
+          Type = "simple";
+          User = "sonarr";
+          ExecStart = "${pkgs.sonarr}/bin/Sonarr -nobrowser -data=/var/lib/sonarrAnime";
+          TimeoutStopSec = "20";
+          KillMode = "process";
+          Restart = "on-failure";
+        };
+        wantedBy = [ "multi-user.target" ];
       };
-      wantedBy = [ "multi-user.target" ];
-    };
-*/
+  */
 
 }
diff --git a/features/server/multimedia/jellyfin.nix b/features/server/multimedia/jellyfin.nix
index 5024104..a2001bc 100644
--- a/features/server/multimedia/jellyfin.nix
+++ b/features/server/multimedia/jellyfin.nix
@@ -16,6 +16,7 @@
       intel-media-sdk # QSV up to 11th gen
     ];
   };
+
   services.jellyfin = {
     enable = true;
     openFirewall = true;
diff --git a/features/server/multimedia/slskd.nix b/features/server/multimedia/slskd.nix
index 3835aed..5dd3797 100644
--- a/features/server/multimedia/slskd.nix
+++ b/features/server/multimedia/slskd.nix
@@ -2,11 +2,11 @@
 with lib;
 
 let
-  cfg = config.slskd;
+  cfg = config.downloads.music;
 in
 {
   options = {
-    slskd.directory = mkOption {
+    downloads.music.directory = mkOption {
       type = types.str;
       default = "/srv/media/Music";
     };
diff --git a/features/server/multimedia/transmission.nix b/features/server/multimedia/transmission.nix
index 18434b7..fdaf0cb 100644
--- a/features/server/multimedia/transmission.nix
+++ b/features/server/multimedia/transmission.nix
@@ -2,11 +2,11 @@
 with lib;
 
 let
-  cfg = config.transmission;
+  cfg = config.downloads.transmission;
 in
 {
   options = {
-    transmission = {
+    downloads.transmission = {
       directory = mkOption {
         type = lib.types.str;
         default = "/srv/Multimedia";
diff --git a/features/server/services/freshrss.nix b/features/server/services/freshrss.nix
index 3775a72..1987d24 100644
--- a/features/server/services/freshrss.nix
+++ b/features/server/services/freshrss.nix
@@ -14,18 +14,14 @@ in
 
   config = {
     sops.secrets = {
-      freshrss_username = {
-        sopsFile = ../../secrets/freshrss.yaml;
-      };
-      freshrss_password = {
-        sopsFile = ../../secrets/freshrss.yaml;
-      };
+      freshrss_username = { };
+      freshrss_password = { };
     };
 
     services.freshrss = {
       enable = true;
       language = "fr";
-      defaultUser = config.sops.secrets.freshrss_username;
+      defaultUser = "";
       baseUrl = cfg.url;
       passwordFile = config.sops.secrets.freshrss_password.path;
       database = {
diff --git a/features/server/services/grafana.nix b/features/server/services/grafana.nix
index b07a949..98ca6aa 100644
--- a/features/server/services/grafana.nix
+++ b/features/server/services/grafana.nix
@@ -4,7 +4,6 @@
     enable = true;
     settings = {
       server = {
-        http_addr = "0.0.0.0";
         http_port = 3000;
       };
     };
diff --git a/features/server/services/homelab-dashboard.nix b/features/server/services/homelab-dashboard.nix
index 6d260f0..247520d 100644
--- a/features/server/services/homelab-dashboard.nix
+++ b/features/server/services/homelab-dashboard.nix
@@ -220,12 +220,11 @@ in
         {
           "Utilitaires" = [
             {
-              "Photoprism" = {
-                icon = "photoprism";
-                description = "Sauvegarde de photos";
-                href = "http://${ip}:2342";
+              "Nextcloud" = {
+                icon = "nextcloud";
+                description = "Sauvegarde de données";
+                href = "https://cloud.hypervirtual.world";
               };
-
             }
             {
               "4get" = {
diff --git a/features/server/services/i2p.nix b/features/server/services/i2p.nix
deleted file mode 100644
index 8f5ca24..0000000
--- a/features/server/services/i2p.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ config, pkgs, ... }:
-{
-  services.i2pd = {
-    enable = true;
-    upnp.enable = true;
-  };
-}
diff --git a/features/server/services/uptime-kuma.nix b/features/server/services/uptime-kuma.nix
index 7c6ab9f..c66d2ae 100644
--- a/features/server/services/uptime-kuma.nix
+++ b/features/server/services/uptime-kuma.nix
@@ -4,7 +4,6 @@
   services.uptime-kuma = {
     enable = true;
     settings = {
-      HOST = "0.0.0.0";
       PORT = "4000";
     };
   };
diff --git a/hosts/sisyphe/server-configuration.nix b/hosts/sisyphe/server-configuration.nix
index c673d69..2361cae 100644
--- a/hosts/sisyphe/server-configuration.nix
+++ b/hosts/sisyphe/server-configuration.nix
@@ -36,6 +36,7 @@ in
       enable = true;
       allowedTCPPorts = [
         22 # ssh
+        80 # http
         8008 # matrix-synapse
         8448 # matrix-synapse
       ];

From 9afa07edfefa94503f0239a586cc228a278a03c0 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:20:43 +0200
Subject: [PATCH 02/15] prepared secrets migration

---
 flake.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/flake.nix b/flake.nix
index 5a13bb5..91e6ad4 100644
--- a/flake.nix
+++ b/flake.nix
@@ -8,8 +8,10 @@
     alejandra.url = "github:kamadorueda/alejandra/3.0.0";
     alejandra.inputs.nixpkgs.follows = "nixpkgs";
 
-    nix-secrets.url = "git.hypervirtual.world:harry123/nix-secrets.git";
-    nix-secrets.inputs.nixpkgs.follows = "nixpkgs";
+    nix-secrets = {
+      url = "git.hypervirtual.world:harry123/nix-secrets.git";
+      flake = false;
+    };
   };
 
   outputs =

From 7a041b8471d61070f1210d40f33b460a3b553d6d Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:21:32 +0200
Subject: [PATCH 03/15] fix secrets

---
 hosts/sisyphe/server-configuration.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/hosts/sisyphe/server-configuration.nix b/hosts/sisyphe/server-configuration.nix
index 2361cae..4759b0f 100644
--- a/hosts/sisyphe/server-configuration.nix
+++ b/hosts/sisyphe/server-configuration.nix
@@ -3,12 +3,14 @@
   config,
   lib,
   pkgs,
+  inputs,
   ...
 }:
 let
   ip = "192.168.1.177";
   gateway = "192.168.1.1";
   username = "homelab";
+  secrets = builtins.toString inputs.nix-secrets;
 in
 {
   # setting up networking!!
@@ -61,5 +63,5 @@ in
   sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
   sops.age.keyFile = "/var/lib/sops-nix/key.txt";
   sops.age.generateKey = true;
-  sops.defaultSopsFile = ../../secrets/secrets.yaml;
+  sops.defaultSopsFile = "${secrets}/secrets/secrets.yaml";
 }

From a0d0a157c4db708236c56e16048e059703fc6f91 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:25:03 +0200
Subject: [PATCH 04/15] fixed secrets url

---
 flake.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/flake.nix b/flake.nix
index 91e6ad4..6f6d2cc 100644
--- a/flake.nix
+++ b/flake.nix
@@ -9,7 +9,7 @@
     alejandra.inputs.nixpkgs.follows = "nixpkgs";
 
     nix-secrets = {
-      url = "git.hypervirtual.world:harry123/nix-secrets.git";
+      url = "git+https://git.hypervirtual.world/harry123/nix-secrets.git";
       flake = false;
     };
   };

From 27730ec2c049e9e04011866ee334c32272d365f8 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:34:55 +0200
Subject: [PATCH 05/15] fixed inputs not passed

---
 flake.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/flake.nix b/flake.nix
index 6f6d2cc..65dc22e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -32,6 +32,9 @@
       nixosConfigurations = {
         sisyphe = nixpkgs.lib.nixosSystem {
           system = "x86_64-linux";
+          specialArgs = {
+            inherit inputs;
+          };
           modules = [
             ./hosts/sisyphe/configuration.nix
             sops-nix.nixosModules.sops

From f7bc81be81d869b34ce82257a93164eccd31fd12 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:44:14 +0200
Subject: [PATCH 06/15] fixed secrets path

---
 features/server/backups.nix                    | 4 ++--
 features/server/multimedia/slskd.nix           | 9 +++++++--
 features/server/multimedia/transmission.nix    | 9 +++++++--
 features/server/services/homelab-dashboard.nix | 3 ++-
 flake.nix                                      | 6 +++---
 hosts/sisyphe/server-configuration.nix         | 3 +--
 6 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index d5bb32b..c3fbb88 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -1,11 +1,11 @@
-{ config, ... }:
+{ config, secrets, ... }:
 {
   imports = [
     ./backups-repos.nix
   ];
   sops.secrets.borgRepoPassword = { };
   sops.secrets.borgRemoteServerPassword = {
-    sopsFile = "/home/homelab/secrets/backup.yaml";
+    sopsFile = "${secrets}/secrets/backup.yaml";
   };
 
   services.borgbackup.jobs = {
diff --git a/features/server/multimedia/slskd.nix b/features/server/multimedia/slskd.nix
index 5dd3797..6a5a34c 100644
--- a/features/server/multimedia/slskd.nix
+++ b/features/server/multimedia/slskd.nix
@@ -1,4 +1,9 @@
-{ config, lib, ... }:
+{
+  config,
+  lib,
+  secrets,
+  ...
+}:
 with lib;
 
 let
@@ -14,7 +19,7 @@ in
   config = {
 
     sops.secrets.slskd = {
-      sopsFile = ../../../secrets/slskd.env;
+      sopsFile = "${secrets}/secrets/slskd.env";
       format = "dotenv";
     };
 
diff --git a/features/server/multimedia/transmission.nix b/features/server/multimedia/transmission.nix
index fdaf0cb..6362b54 100644
--- a/features/server/multimedia/transmission.nix
+++ b/features/server/multimedia/transmission.nix
@@ -1,4 +1,9 @@
-{ config, lib, ... }:
+{
+  config,
+  secrets,
+  lib,
+  ...
+}:
 with lib;
 
 let
@@ -16,7 +21,7 @@ in
 
   config = {
     sops.secrets.transmission = {
-      sopsFile = ../../../secrets/transmission.json;
+      sopsFile = "${secrets}/secrets/transmission.json";
       path = "/var/lib/secrets/transmission/settings.json";
     };
 
diff --git a/features/server/services/homelab-dashboard.nix b/features/server/services/homelab-dashboard.nix
index 247520d..ea89733 100644
--- a/features/server/services/homelab-dashboard.nix
+++ b/features/server/services/homelab-dashboard.nix
@@ -1,6 +1,7 @@
 {
   config,
   lib,
+  secrets,
   pkgs,
   ...
 }:
@@ -33,7 +34,7 @@ in
   #TODO: add Radarr/Sonarr/... api key support
   config = {
     sops.secrets."homepage" = {
-      sopsFile = ../../../secrets/homepage.env;
+      sopsFile = "${secrets}/secrets/homepage.env";
       format = "dotenv";
     };
 
diff --git a/flake.nix b/flake.nix
index 65dc22e..817e05f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -23,18 +23,18 @@
     }@inputs:
     let
       username = "harry123";
+      secrets = builtins.toString inputs.nix-secrets;
 
       specialArgs = {
         inherit username;
+        inherit secrets;
       };
     in
     {
       nixosConfigurations = {
         sisyphe = nixpkgs.lib.nixosSystem {
           system = "x86_64-linux";
-          specialArgs = {
-            inherit inputs;
-          };
+          specialArgs = specialArgs;
           modules = [
             ./hosts/sisyphe/configuration.nix
             sops-nix.nixosModules.sops
diff --git a/hosts/sisyphe/server-configuration.nix b/hosts/sisyphe/server-configuration.nix
index 4759b0f..8140f1f 100644
--- a/hosts/sisyphe/server-configuration.nix
+++ b/hosts/sisyphe/server-configuration.nix
@@ -3,14 +3,13 @@
   config,
   lib,
   pkgs,
-  inputs,
+  secrets,
   ...
 }:
 let
   ip = "192.168.1.177";
   gateway = "192.168.1.1";
   username = "homelab";
-  secrets = builtins.toString inputs.nix-secrets;
 in
 {
   # setting up networking!!

From e2b6e2a6a279260a574a5140f1314eb301da249e Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:46:55 +0200
Subject: [PATCH 07/15] fixed timer name

---
 features/server/backups.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index c3fbb88..70d8472 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -75,7 +75,7 @@
     };
   };
 
-  systemd.timers.borgmatic = {
+  systemd.timers."borgmatic" = {
     enable = true;
     unit = "borgmatic.service";
     wantedBy = [ "timers.target" ];

From 62acd3389ba3f5a28d87b4ff717973152a85d9a2 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:48:06 +0200
Subject: [PATCH 08/15] fixed typo

---
 features/server/backups.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index 70d8472..d6e0ba0 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -77,7 +77,7 @@
 
   systemd.timers."borgmatic" = {
     enable = true;
-    unit = "borgmatic.service";
+    Unit = "borgmatic.service";
     wantedBy = [ "timers.target" ];
     timerConfig = {
       OnCalendar = "*-*-* 03:00:00";

From 9c47e497d059edcdd25bb1255feb2c0ca5009040 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:49:10 +0200
Subject: [PATCH 09/15] (bug): moved parameter

---
 features/server/backups.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index d6e0ba0..bc4bff7 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -77,12 +77,12 @@
 
   systemd.timers."borgmatic" = {
     enable = true;
-    Unit = "borgmatic.service";
     wantedBy = [ "timers.target" ];
     timerConfig = {
       OnCalendar = "*-*-* 03:00:00";
       Persistent = true;
       WakeSystem = true;
+      Unit = "borgmatic.service";
     };
   };
 }

From 2048ba68ea04e3f8866d675186a72844a8bbd8ef Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:51:32 +0200
Subject: [PATCH 10/15] fixed object type

---
 features/server/backups-repos.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/features/server/backups-repos.nix b/features/server/backups-repos.nix
index 282cf6f..6dfc3b7 100644
--- a/features/server/backups-repos.nix
+++ b/features/server/backups-repos.nix
@@ -1,5 +1,5 @@
-U2FsdGVkX1+pKUtcxhT27nl6afKy5paC7y9iBtZgbq2rnuJebgGFCD0AxE1TOWMV
-RaWwqeK7YaU7MnImh+b7JfR3C7b6OgQz3+V+gGhC8f10e23maH/me3m3SNsxLp4w
-BS4SQZzrWc5WHS+QHTCH7tfUyFPYBs8xnfMAN+TGqB/ud0l7ZZ7MRvpU2IHpzoi1
-8ek6OT+w/oyXU3o5eVklEuXpTEB2dcGJ41hbXCEDn7ELyfpaF/+Tx5yGGIJ73FvS
-+P2s1wpjWnrHPj78aphmdm8Q/PZ81vDU4/e2nyg4OcHyOPXVVnwhRUWl1Y9/a/sK
+U2FsdGVkX1+alugeaL42d1DXdx+FlLJ9RQErEECKiXmHETExGwdgvNOSSjSXfWc0
+Mo22lNDdaoVtCK2gcsBqdxxI8Y6RlxuJvznyk7MO3dqT+CYSxbOS8NMfCu7q+NDg
+zelWePoV+99RmeI7dbkgFrwzw1F3YEXlrTnfmsr72Qb9kje1j9GRaN73Tvc3+PMN
+Rq0QmIXluZLSt0z1dfn/lOSY9Q4kB2t/60ErNAC4tL58sK7Dry6G2mjT8pHwOzF8
+yXP1iuae6jhNDmlgoXuH76ktVYdS+nbURWjvt0uFQENyU29+r9pCpJDhExNdvPKX

From 8caf7286c0e614ea3f52b0dbc4d31e20479a5d67 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 12:57:12 +0200
Subject: [PATCH 11/15] fixed typo

---
 features/server/backups.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index bc4bff7..aa04e38 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -64,7 +64,7 @@
           "/srv/freshrss"
           "/srv/Minecraft"
         ];
-        postgres_databases = [
+        postgresql_databases = [
           "forgejo"
           "nextcloud"
           "matrix-synapse"

From a3cf4ca32787dbea12cc1715642524e2b1c1b15d Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 13:07:10 +0200
Subject: [PATCH 12/15] fixed config again

---
 features/server/backups.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index aa04e38..b7f3fcc 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -65,9 +65,9 @@
           "/srv/Minecraft"
         ];
         postgresql_databases = [
-          "forgejo"
-          "nextcloud"
-          "matrix-synapse"
+          { name = "forgejo"; }
+          { name = "nextcloud"; }
+          { name = "matrix-synapse"; }
         ];
         exclude_patterns = [ "/home/*/.cache" ];
         encryption_passcommand = "cat /run/secrets/borgRemoteServerPassword";

From 6e87a94b20bf0fbd9b21b1f7494c7af41f8040ca Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 13:40:21 +0200
Subject: [PATCH 13/15] path to custom ssh key

---
 features/server/backups.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index b7f3fcc..70540b2 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -71,6 +71,7 @@
         ];
         exclude_patterns = [ "/home/*/.cache" ];
         encryption_passcommand = "cat /run/secrets/borgRemoteServerPassword";
+        ssh_command = "ssh -i /home/homelab/.ssh/backup/id_ed25519";
       };
     };
   };

From 83625c3fa07086a035338f91dcd4a8ec3b370172 Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 14:19:54 +0200
Subject: [PATCH 14/15] (bug): impossible to connect to remote server

---
 features/server/backups.nix | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index 70540b2..565e187 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -1,4 +1,9 @@
-{ config, secrets, ... }:
+{
+  config,
+  secrets,
+  pkgs,
+  ...
+}:
 {
   imports = [
     ./backups-repos.nix
@@ -8,6 +13,14 @@
     sopsFile = "${secrets}/secrets/backup.yaml";
   };
 
+  sops.secrets.sshBorgOffsiteBackup = {
+    sopsFile = "${secrets}/secrets/backup.yaml";
+  };
+
+  sops.secrets.borgOffsiteBackupHostKeys = {
+    sopsFile = "${secrets}/secrets/backup.yaml";
+  };
+
   services.borgbackup.jobs = {
     /*
             localBackup = {
@@ -71,7 +84,7 @@
         ];
         exclude_patterns = [ "/home/*/.cache" ];
         encryption_passcommand = "cat /run/secrets/borgRemoteServerPassword";
-        ssh_command = "ssh -i /home/homelab/.ssh/backup/id_ed25519";
+        ssh_command = "ssh -o GlobalKnownHostsFile=${config.sops.secrets.borgOffsiteBackupHostKeys.path} -i ${config.sops.secrets.sshBorgOffsiteBackup.path}";
       };
     };
   };

From 65381a0ca484777cfbd0dc76e02d5ffb051cf6de Mon Sep 17 00:00:00 2001
From: harry <harryh@ik.me>
Date: Sun, 25 Aug 2024 15:30:38 +0200
Subject: [PATCH 15/15] (bug): canihazcat :(

---
 features/server/backups.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/features/server/backups.nix b/features/server/backups.nix
index 565e187..505917e 100644
--- a/features/server/backups.nix
+++ b/features/server/backups.nix
@@ -83,7 +83,7 @@
           { name = "matrix-synapse"; }
         ];
         exclude_patterns = [ "/home/*/.cache" ];
-        encryption_passcommand = "cat /run/secrets/borgRemoteServerPassword";
+        encryption_passcommand = "${pkgs.coreutils}/bin/cat /run/secrets/borgRemoteServerPassword";
         ssh_command = "ssh -o GlobalKnownHostsFile=${config.sops.secrets.borgOffsiteBackupHostKeys.path} -i ${config.sops.secrets.sshBorgOffsiteBackup.path}";
       };
     };