nixos-config/profiles/servers/atticd.nix

{ config, lib, inputs, ... }: {
  imports = [ inputs.attic.nixosModules.atticd ];
  sops.secrets.atticd.sopsFile = inputs.self.secretsDir + /home-hypervisor/atticd.yaml;
  sops.secrets.atticd.restartUnits = [ "atticd.service" ];

  services.atticd = {
    enable = true;
    credentialsFile = config.sops.secrets.atticd.path;
    user = "atticd";
    group = "atticd";
    settings = {
      listen = "127.0.0.1:8083";
      database.url = "postgresql:///atticd?host=/run/postgresql";
      allowed-hosts = [ "cache.ataraxiadev.com" ];
      api-endpoint = "https://cache.ataraxiadev.com/";
      require-proof-of-possession = false;
      garbage-collection = {
        interval = "3 days";
        default-retention-period = "1 month";
      };
      chunking = {
        nar-size-threshold = 64 * 1024; # 64 KiB
        min-size = 16 * 1024; # 16 KiB
        avg-size = 64 * 1024; # 64 KiB
        max-size = 256 * 1024; # 256 KiB
      };
    };
  };

  users.groups.atticd = {};
  users.users.atticd = {
    isSystemUser = true;
    group = "atticd";
  };

  systemd.services.atticd = {
    serviceConfig.DynamicUser = lib.mkForce false;
  };

  services.postgresql = {
    enable = true;
    ensureUsers = [{
      name = "atticd";
      ensureDBOwnership = true;
    }];
    ensureDatabases = [ "atticd" ];
  };

  backups.postgresql.atticd = {};

  persist.state.directories = [ "/var/lib/atticd" ];
}
deadnix, cleanup 2024-02-08 23:21:10 +03:00			`{ config, lib, inputs, ... }: {`
add attic 2023-06-13 23:11:47 +03:00			`imports = [ inputs.attic.nixosModules.atticd ];`
use sops instead of secrets module 2024-01-22 16:44:51 +03:00			`sops.secrets.atticd.sopsFile = inputs.self.secretsDir + /home-hypervisor/atticd.yaml;`
			`sops.secrets.atticd.restartUnits = [ "atticd.service" ];`
add attic 2023-06-13 23:11:47 +03:00
			`services.atticd = {`
			`enable = true;`
use sops instead of secrets module 2024-01-22 16:44:51 +03:00			`credentialsFile = config.sops.secrets.atticd.path;`
change atticd config 2023-06-15 01:53:59 +03:00			`user = "atticd";`
			`group = "atticd";`
add attic 2023-06-13 23:11:47 +03:00			`settings = {`
			`listen = "127.0.0.1:8083";`
change atticd config 2023-06-15 01:53:59 +03:00			`database.url = "postgresql:///atticd?host=/run/postgresql";`
add attic 2023-06-13 23:11:47 +03:00			`allowed-hosts = [ "cache.ataraxiadev.com" ];`
			`api-endpoint = "https://cache.ataraxiadev.com/";`
			`require-proof-of-possession = false;`
			`garbage-collection = {`
change atticd config 2023-06-15 01:53:59 +03:00			`interval = "3 days";`
			`default-retention-period = "1 month";`
add attic 2023-06-13 23:11:47 +03:00			`};`
			`chunking = {`
			`nar-size-threshold = 64 * 1024; # 64 KiB`
			`min-size = 16 * 1024; # 16 KiB`
			`avg-size = 64 * 1024; # 64 KiB`
			`max-size = 256 * 1024; # 256 KiB`
			`};`
			`};`
			`};`

change atticd config 2023-06-15 01:53:59 +03:00			`users.groups.atticd = {};`
			`users.users.atticd = {`
			`isSystemUser = true;`
			`group = "atticd";`
			`};`

			`systemd.services.atticd = {`
			`serviceConfig.DynamicUser = lib.mkForce false;`
			`};`

			`services.postgresql = {`
			`enable = true;`
			`ensureUsers = [{`
			`name = "atticd";`
server changes 2023-12-18 02:08:29 +03:00			`ensureDBOwnership = true;`
change atticd config 2023-06-15 01:53:59 +03:00			`}];`
			`ensureDatabases = [ "atticd" ];`
			`};`

backup postresql db's with rustic 2024-01-24 17:28:46 +03:00			`backups.postgresql.atticd = {};`

change atticd config 2023-06-15 01:53:59 +03:00			`persist.state.directories = [ "/var/lib/atticd" ];`
add attic 2023-06-13 23:11:47 +03:00			`}`