This makes use of the 'exec' runner instead of my usual setup using the
'docker' runner.
A future improvement would be packaging, and then using, the 'docker'
runner too/instead.
Because I think `restic` will not deal with the compressed format of
`gitea`'s native `dump` command, I set up a manual backup.
This could lead to potentially corrupted data if I happen to backup at
the exact same time as a push to a repository. However given the
frequency of backups planned, I assume that most of them will be fine.
Instead of reading from the 'secrets' directory all over the place,
consolidate all secrets-handling inside the same module.
This means that finally, the 'acme' service does not need to come read
right into this repository, however this leads to a potentially unsecure
setup (because I am storing passwords in the Nix store)... I have
decided not to care about this relatively minor issue, but I could
revisit it by using `sops-nix` in the future.
I want the ssh addresses to use 'git' as a user, so the service must be
set up with this user as well.
I also want the port to be configurable in case I need to change it.
Its configuration isn't declarative :-(.
Notably, the port needs to be changed from '8080' to '9090' in its
configuration file (at '/var/lib/sabnzbd/').
This service makes use of the default webui. I really like combustion
more, but am willing to use that one instead given the few amount of
time I actually spend looking at it
Bruno BELANYI