From 5f9108bf4d5676c054eeae463d3d4ea79ce67954 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 13:45:36 +0200 Subject: [PATCH 01/27] flake: add 'impermanence' --- flake.lock | 17 +++++++++++++++++ flake.nix | 7 +++++++ 2 files changed, 24 insertions(+) diff --git a/flake.lock b/flake.lock index 3d28d8d..b40b138 100644 --- a/flake.lock +++ b/flake.lock @@ -145,6 +145,22 @@ "type": "github" } }, + "impermanence": { + "locked": { + "lastModified": 1694622745, + "narHash": "sha256-z397+eDhKx9c2qNafL1xv75lC0Q4nOaFlhaU1TINqb8=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "e9643d08d0d193a2e074a19d4d90c67a874d932e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "impermanence", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1694422566, @@ -212,6 +228,7 @@ "flake-parts": "flake-parts", "futils": "futils", "home-manager": "home-manager", + "impermanence": "impermanence", "nixpkgs": "nixpkgs", "nur": "nur", "pre-commit-hooks": "pre-commit-hooks" diff --git a/flake.nix b/flake.nix index 8e46ea3..7970759 100644 --- a/flake.nix +++ b/flake.nix @@ -39,6 +39,13 @@ }; }; + impermanence = { + type = "github"; + owner = "nix-community"; + repo = "impermanence"; + ref = "master"; + }; + nixpkgs = { type = "github"; owner = "NixOS"; From b83f2c9e332ebf1214cc33afe1edb9e181b0ef5b Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 13:52:04 +0200 Subject: [PATCH 02/27] WIP: modules: systems: add persist This is the module that takes care of configuring impermanence at the system level. WIP: * address FIXMEs * activate home-manager persistence? * set `programs.fuse.userAllowOther = true;` ? * point `age` to persisted paths [1] ? * make sure all services and modules are persisted correctly... [1]: https://github.com/lovesegfault/nix-config/commit/b1d18d25b8cc1e50c521020442b907de377a147d --- modules/system/default.nix | 1 + modules/system/persist/default.nix | 67 ++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 modules/system/persist/default.nix diff --git a/modules/system/default.nix b/modules/system/default.nix index 9fe3b57..b3d9385 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -9,6 +9,7 @@ ./language ./nix ./packages + ./persist ./podman ./users ]; diff --git a/modules/system/persist/default.nix b/modules/system/persist/default.nix new file mode 100644 index 0000000..4c0682c --- /dev/null +++ b/modules/system/persist/default.nix @@ -0,0 +1,67 @@ +# Ephemeral root configuration +{ config, inputs, lib, ... }: +let + cfg = config.my.system.persist; +in +{ + imports = [ + inputs.impermanence.nixosModules.impermanence + ]; + + options.my.system.persist = with lib; { + enable = mkEnableOption "stateless system configuration"; + + mountPoint = lib.mkOption { + type = types.str; + default = "/persistent"; + example = "/etc/nix/persist"; + description = '' + Which mount point should be used to persist this system's files and + directories. + ''; + }; + + files = lib.mkOption { + type = with types; listOf str; + default = [ ]; + example = [ + "/etc/nix/id_rsa" + ]; + description = '' + Additional files in the root to link to persistent storage. + ''; + }; + + directories = lib.mkOption { + type = with types; listOf str; + default = [ ]; + example = [ + "/var/lib/libvirt" + ]; + description = '' + Additional directories in the root to link to persistent storage. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + environment.persistence."${cfg.mountPoint}" = { + files = [ + "/etc/machine-id" + ] + ++ cfg.files + ; + + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/systemd/coredump" + ] + ++ (lib.optionals config.virtualisation.docker.enable [ + "/var/lib/docker" + ]) + ++ cfg.directories + ; + }; + }; +} From e68ff0d43812fe2db661aadf28f8a0879a01c61c Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 14:05:42 +0200 Subject: [PATCH 03/27] modules: services: ssh-server: persist host keys --- modules/services/ssh-server/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/services/ssh-server/default.nix b/modules/services/ssh-server/default.nix index 9ae0fa8..0cabc6f 100644 --- a/modules/services/ssh-server/default.nix +++ b/modules/services/ssh-server/default.nix @@ -20,6 +20,14 @@ in }; }; + # Persist SSH keys + my.system.persist.files = [ + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_ed25519_key.pub" + "/etc/ssh/ssh_host_rsa_key" + "/etc/ssh/ssh_host_rsa_key.pub" + ]; + # Opens the relevant UDP ports. programs.mosh.enable = true; }; From 4a17b10f659969c2c796c7c452f6267a24bd7c05 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 14:06:03 +0200 Subject: [PATCH 04/27] modules: hardware: netowrking persist connections --- modules/hardware/networking/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/hardware/networking/default.nix b/modules/hardware/networking/default.nix index f0806fe..51dcfce 100644 --- a/modules/hardware/networking/default.nix +++ b/modules/hardware/networking/default.nix @@ -22,6 +22,11 @@ in config = lib.mkMerge [ (lib.mkIf cfg.wireless.enable { networking.networkmanager.enable = true; + + # Persist NetworkManager files + my.system.persist.directories = [ + "/etc/NetworkManager/system-connections" + ]; }) ]; } From f3641155a597a9eaa279ce3fb2d2d6790d6e8549 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 14:06:26 +0200 Subject: [PATCH 05/27] modules: hardware: bluetooth: persist connections --- modules/hardware/bluetooth/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/hardware/bluetooth/default.nix b/modules/hardware/bluetooth/default.nix index 2d840f9..3dd44e6 100644 --- a/modules/hardware/bluetooth/default.nix +++ b/modules/hardware/bluetooth/default.nix @@ -18,6 +18,13 @@ in services.blueman.enable = true; } + # Persist bluetooth files + { + my.system.persist.directories = [ + "/var/lib/bluetooth" + ]; + } + # Support for additional bluetooth codecs (lib.mkIf cfg.loadExtraCodecs { hardware.pulseaudio = { From 7e5516d730aa151b7e25d9b451702944a50ff394 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 22 Oct 2021 14:19:57 +0200 Subject: [PATCH 06/27] modules: services: blog: persist website data --- modules/services/blog/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/services/blog/default.nix b/modules/services/blog/default.nix index 4b646c3..6752ac2 100644 --- a/modules/services/blog/default.nix +++ b/modules/services/blog/default.nix @@ -42,5 +42,12 @@ in # Those are all subdomains, no problem my.services.nginx.virtualHosts = hostsInfo; + + my.system.persist.directories = [ + "/var/www/blog" + "/var/www/cv" + "/var/www/dev" + "/var/www/key" + ]; }; } From 4294dde2a001ebe53ff70ad86fc750d6a64df1d7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 14:43:05 +0100 Subject: [PATCH 07/27] modules: services: calibre-web: persist library --- modules/services/calibre-web/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/calibre-web/default.nix b/modules/services/calibre-web/default.nix index 858851c..b6e70d8 100644 --- a/modules/services/calibre-web/default.nix +++ b/modules/services/calibre-web/default.nix @@ -54,6 +54,11 @@ in ]; }; + my.system.persist.directories = [ + "/var/lib/${config.services.calibre-web.dataDir}" + cfg.libraryPath + ]; + services.fail2ban.jails = { calibre-web = '' enabled = true From dab0d844f55123f28548f4994deb5b79cf4b6343 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 14:43:16 +0100 Subject: [PATCH 08/27] modules: services: flood: persist data --- modules/services/flood/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/flood/default.nix b/modules/services/flood/default.nix index ff5d941..79b6c75 100644 --- a/modules/services/flood/default.nix +++ b/modules/services/flood/default.nix @@ -46,5 +46,9 @@ in inherit (cfg) port; } ]; + + my.system.persist.directories = [ + "/var/lib/${cfg.stateDir}" + ]; }; } From c8ce12945f60e2c120d968d05029910760e624d7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 14:43:28 +0100 Subject: [PATCH 09/27] modules: services: gitea: persist repositories --- modules/services/gitea/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix index 28a448d..93edf57 100644 --- a/modules/services/gitea/default.nix +++ b/modules/services/gitea/default.nix @@ -135,6 +135,11 @@ in ]; }; + my.system.persist.directories = [ + config.services.gitea.lfs.contentDir + config.services.gitea.repositoryRoot + ]; + services.fail2ban.jails = { gitea = '' enabled = true From e219b85513d9e59e8cb245a808e6271b34070cd6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:12:32 +0100 Subject: [PATCH 10/27] modules: services: matrix: persist data --- modules/services/matrix/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/matrix/default.nix b/modules/services/matrix/default.nix index c73afed..c5889ed 100644 --- a/modules/services/matrix/default.nix +++ b/modules/services/matrix/default.nix @@ -207,5 +207,9 @@ in config.services.matrix-synapse.dataDir ]; }; + + my.system.persist.directories = [ + config.services.matrix-synapse.dataDir + ]; }; } From ed89beecc421fc21c94e35652eb8010777b08afb Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:12:42 +0100 Subject: [PATCH 11/27] modules: services: paperless: persist data --- modules/services/paperless/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/paperless/default.nix b/modules/services/paperless/default.nix index c9d6220..141d969 100644 --- a/modules/services/paperless/default.nix +++ b/modules/services/paperless/default.nix @@ -160,5 +160,10 @@ in config.services.paperless.mediaDir ]; }; + + my.system.persist.directories = [ + config.services.paperless-ng.dataDir + config.services.paperless-ng.mediaDir + ]; }; } From 86f108786deac810f90c0548af4121cfe9550b23 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:12:58 +0100 Subject: [PATCH 12/27] modules: services: postgresql-backup: persist data --- modules/services/postgresql-backup/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/postgresql-backup/default.nix b/modules/services/postgresql-backup/default.nix index dff5494..3d6c03b 100644 --- a/modules/services/postgresql-backup/default.nix +++ b/modules/services/postgresql-backup/default.nix @@ -24,5 +24,9 @@ in (config.services.postgresqlBackup.location + "/*.prev.sql.gz") ]; }; + + my.system.persist.directories = [ + config.services.postgresqlBackup.location + ]; }; } From 00bee494ce14b8ba9876828f55cc1d16b253dac0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 17:13:13 +0100 Subject: [PATCH 13/27] modules: services: postgresql: persist data --- modules/services/postgresql/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/services/postgresql/default.nix b/modules/services/postgresql/default.nix index 6f51f3e..175c1ce 100644 --- a/modules/services/postgresql/default.nix +++ b/modules/services/postgresql/default.nix @@ -18,6 +18,13 @@ in }; }) + # Only persist directory if the actual service is enabled + (lib.mkIf config.services.postgresql.enable { + my.system.persist.directories = [ + config.services.postgresql.dataDir + ]; + }) + # Taken from the manual (lib.mkIf cfg.upgradeScript { containers.temp-pg.config.services.postgresql = { From 27e1e6639525ae85619a9e14448111bfde017286 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 14:30:25 +0100 Subject: [PATCH 14/27] modules: services: indexers: persist data --- modules/services/indexers/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/modules/services/indexers/default.nix b/modules/services/indexers/default.nix index fb06a0b..28a7007 100644 --- a/modules/services/indexers/default.nix +++ b/modules/services/indexers/default.nix @@ -34,6 +34,10 @@ in port = jackettPort; } ]; + + my.system.persist.directories = [ + config.services.jackett.dataDir + ]; }) (lib.mkIf cfg.nzbhydra.enable { @@ -47,6 +51,10 @@ in port = nzbhydraPort; } ]; + + my.system.persist.directories = [ + config.services.nzbhydra2.dataDir + ]; }) (lib.mkIf cfg.prowlarr.enable { @@ -61,6 +69,10 @@ in } ]; + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.prowlarr.serviceConfig.StateDirectory}" + ]; + services.fail2ban.jails = { prowlarr = '' enabled = true From 57d823cc7dc7672872adbd339e6d27fdc56a9bc0 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:11:05 +0100 Subject: [PATCH 15/27] modules: services: jellyfin: persist data --- modules/services/jellyfin/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/jellyfin/default.nix b/modules/services/jellyfin/default.nix index 2fcf51e..0692dcc 100644 --- a/modules/services/jellyfin/default.nix +++ b/modules/services/jellyfin/default.nix @@ -35,5 +35,9 @@ in }; } ]; + + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.jellyfin.serviceConfig.StateDirectory}" + ]; }; } From 7338dbb24713df113f1b1bf2293de0e65f730a2f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:11:12 +0100 Subject: [PATCH 16/27] modules: services: lohr: persist data --- modules/services/lohr/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/lohr/default.nix b/modules/services/lohr/default.nix index 245567c..7aac1ac 100644 --- a/modules/services/lohr/default.nix +++ b/modules/services/lohr/default.nix @@ -104,5 +104,9 @@ in inherit (cfg) port; } ]; + + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.lohr.serviceConfig.StateDirectory}" + ]; }; } From 2956e093867c230647add3be6e351bcedf73e25a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:11:23 +0100 Subject: [PATCH 17/27] modules: services: navidrome: persist data --- modules/services/navidrome/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/navidrome/default.nix b/modules/services/navidrome/default.nix index 6c001fd..08c6a88 100644 --- a/modules/services/navidrome/default.nix +++ b/modules/services/navidrome/default.nix @@ -53,5 +53,9 @@ in inherit (cfg) port; } ]; + + my.system.persist.directories = [ + "/var/lib/${config.systemd.services.navidrome.serviceConfig.StateDirectory}" + ]; }; } From 7234b09b28f26030375d797387a636dd7f33b15d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:11:35 +0100 Subject: [PATCH 18/27] modules: services: nextcloud: persist data --- modules/services/nextcloud/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/nextcloud/default.nix b/modules/services/nextcloud/default.nix index 1477c13..55972ab 100644 --- a/modules/services/nextcloud/default.nix +++ b/modules/services/nextcloud/default.nix @@ -83,5 +83,10 @@ in "${config.services.nextcloud.home}/data/appdata_*/preview" ]; }; + + my.system.persist.directories = [ + config.services.nextcloud.home + config.services.nextcloud.datadir + ]; }; } From e9f187e65bdef2fb22a2328fc28144e269f8aad2 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:20:11 +0100 Subject: [PATCH 19/27] modules: services: podgrab: persist data --- modules/services/podgrab/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/podgrab/default.nix b/modules/services/podgrab/default.nix index 9793d60..2994fc8 100644 --- a/modules/services/podgrab/default.nix +++ b/modules/services/podgrab/default.nix @@ -37,5 +37,10 @@ in inherit (cfg) port; } ]; + + my.system.persist.directories = + builtins.map + (d: "/var/lib/${d}") + config.systemd.services.podgrab.serviceConfig.StateDirectory; }; } From 658a96b5ac496f49a890ce28a7edfed9cbae3ce9 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:21:42 +0100 Subject: [PATCH 20/27] modules: services: rss-bridge: persist data --- modules/services/rss-bridge/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/rss-bridge/default.nix b/modules/services/rss-bridge/default.nix index 85e37c2..66858dc 100644 --- a/modules/services/rss-bridge/default.nix +++ b/modules/services/rss-bridge/default.nix @@ -20,5 +20,9 @@ in forceSSL = true; useACMEHost = config.networking.domain; }; + + my.system.persist.directories = [ + config.services.rss-bridge.dataDir + ]; }; } From 6f4030c302ba811ea4d6f8515e39b905a73c3402 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:25:44 +0100 Subject: [PATCH 21/27] modules: services: sabnzbd: persist data --- modules/services/sabnzbd/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/sabnzbd/default.nix b/modules/services/sabnzbd/default.nix index 7ab145f..ef13d4b 100644 --- a/modules/services/sabnzbd/default.nix +++ b/modules/services/sabnzbd/default.nix @@ -25,6 +25,10 @@ in } ]; + my.system.persist.files = [ + config.services.sabnzbd.configFile + ]; + services.fail2ban.jails = { sabnzbd = '' enabled = true From 8cba81e874ca70af6404b09577c70fab82dd65e7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:25:50 +0100 Subject: [PATCH 22/27] modules: services: transmission: persist data --- modules/services/transmission/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/transmission/default.nix b/modules/services/transmission/default.nix index dcba0aa..7db62db 100644 --- a/modules/services/transmission/default.nix +++ b/modules/services/transmission/default.nix @@ -90,5 +90,9 @@ in allowedTCPPorts = [ cfg.peerPort ]; allowedUDPPorts = [ cfg.peerPort ]; }; + + my.system.persist.directories = [ + config.services.transmission.home + ]; }; } From 8854cace6e0b7caca13ce35a172f4818530bf267 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:37:51 +0100 Subject: [PATCH 23/27] modules: services: nginx: persist SSL certificates --- modules/services/nginx/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix index dcaaa0f..a2f357f 100644 --- a/modules/services/nginx/default.nix +++ b/modules/services/nginx/default.nix @@ -470,5 +470,9 @@ in } ]; }; + + my.system.persist.directories = [ + config.users.user.acme.home + ]; }; } From 9c34cc4689e8a3fcc8c5e9ba9533ed952be6173a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:40:29 +0100 Subject: [PATCH 24/27] modules: services: monitoring: persist data --- modules/services/monitoring/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/monitoring/default.nix b/modules/services/monitoring/default.nix index 829bfe0..c7489f4 100644 --- a/modules/services/monitoring/default.nix +++ b/modules/services/monitoring/default.nix @@ -131,5 +131,10 @@ in inherit (cfg.grafana) port; } ]; + + my.system.persist.directories = [ + config.services.grafana.dataDir + "/var/lib/${config.services.prometheus.stateDir}" + ]; }; } From 06a9816aa4be625768a16f0f3c085132e2ecf520 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 15:58:07 +0100 Subject: [PATCH 25/27] modules: services: pirate: persist data --- modules/services/pirate/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/services/pirate/default.nix b/modules/services/pirate/default.nix index 7c341e7..d22e17c 100644 --- a/modules/services/pirate/default.nix +++ b/modules/services/pirate/default.nix @@ -18,6 +18,11 @@ let enable = true; group = "media"; }; + + # Thankfully those old style services all define users with homes + my.system.persist.directories = [ + config.users.user.${service}.home + ]; }; mkRedirection = service: { From 81d4b49e321a655c8a242d21dfe4b36725729a9f Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Fri, 5 Nov 2021 21:51:04 +0100 Subject: [PATCH 26/27] modules: services: quassel: persist data --- modules/services/quassel/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/quassel/default.nix b/modules/services/quassel/default.nix index ec686e1..18d084a 100644 --- a/modules/services/quassel/default.nix +++ b/modules/services/quassel/default.nix @@ -46,5 +46,9 @@ in # Because Quassel does not use the socket, I simply trust its connection authentication = "host quassel quassel localhost trust"; }; + + my.system.persist.directories = [ + config.services.quassel.dataDir + ]; }; } From e923fad5d6e3255bcd218227a06f40d89d65b9b1 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Sep 2023 15:55:56 +0000 Subject: [PATCH 27/27] WIP: add notes for missing persistence/backup --- modules/services/grocy/default.nix | 3 +++ modules/services/miniflux/default.nix | 3 +++ modules/services/tandoor-recipes/default.nix | 3 +++ modules/services/vikunja/default.nix | 2 ++ modules/system/persist/default.nix | 1 + 5 files changed, 12 insertions(+) diff --git a/modules/services/grocy/default.nix b/modules/services/grocy/default.nix index 87927d6..4a3183e 100644 --- a/modules/services/grocy/default.nix +++ b/modules/services/grocy/default.nix @@ -36,5 +36,8 @@ in forceSSL = true; useACMEHost = config.networking.domain; }; + + # FIXME: backup + # FIXME: persistence }; } diff --git a/modules/services/miniflux/default.nix b/modules/services/miniflux/default.nix index 6d9ffc8..4667912 100644 --- a/modules/services/miniflux/default.nix +++ b/modules/services/miniflux/default.nix @@ -49,5 +49,8 @@ in inherit (cfg) port; } ]; + + # FIXME: backup + # FIXME: persistence }; } diff --git a/modules/services/tandoor-recipes/default.nix b/modules/services/tandoor-recipes/default.nix index d78bef3..82350d7 100644 --- a/modules/services/tandoor-recipes/default.nix +++ b/modules/services/tandoor-recipes/default.nix @@ -75,5 +75,8 @@ in inherit (cfg) port; } ]; + + # FIXME: backup + # FIXME: persistence }; } diff --git a/modules/services/vikunja/default.nix b/modules/services/vikunja/default.nix index 1cdef5f..076dd4a 100644 --- a/modules/services/vikunja/default.nix +++ b/modules/services/vikunja/default.nix @@ -119,5 +119,7 @@ in config.services.vikunja.settings.files.basepath ]; }; + + # FIXME: persistence }; } diff --git a/modules/system/persist/default.nix b/modules/system/persist/default.nix index 4c0682c..18302f3 100644 --- a/modules/system/persist/default.nix +++ b/modules/system/persist/default.nix @@ -60,6 +60,7 @@ in ++ (lib.optionals config.virtualisation.docker.enable [ "/var/lib/docker" ]) + # FIXME: podman ++ cfg.directories ; };