Clean up montalin configuration

host/montalin.nix

@@ -1,106 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-
-  imports = [
-    ../hardware/nuc.nix
-    ../role/base
-    ../role/dropbear
-    (import ../role/backup {
-      systemdMount = "var-backup.mount";
-      borgArchiveFolder = "/var/backup/montalin";
-    })
-  ];
-
-  boot.initrd.luks.devices = {
-    "root".device = "/dev/disk/by-uuid/3a0a5071-67ab-4e13-a0b7-d31b86f5e8b1";
-    "swap".device = "/dev/disk/by-uuid/6dee6e3c-e2f3-46c5-8751-5fce8c80ed49";
-    "backup".device = "/dev/disk/by-uuid/a965933d-516c-46cf-8384-006b1770e46b";
-  };
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/mapper/root";
-      fsType = "btrfs";
-      options = [ "defaults" "noatime" ];
-    };
-    "/var/backup" = {
-      device = "/dev/mapper/backup";
-      fsType = "ext4";
-      options = [ "defaults" "noauto" "noatime" ];
-    };
-    "/boot" = {
-      device = "/dev/disk/by-uuid/0065-E4EA";
-      fsType = "vfat";
-      options = [ "defaults" "noatime" ];
-    };
-  };
-
-  swapDevices = [{ device = "/dev/mapper/swap"; }];
-
-  # Get disk identifier with `udevadm info -n /dev/sdX | grep ID_SERIAL_SHORT`
-  services.udev.extraRules = ''
-    ACTION=="add", KERNEL=="sd[a-z]", ENV{ID_SERIAL_SHORT}=="WD-WXH1A89L54LA", RUN+="${pkgs.hdparm}/bin/hdparm -S 60 /dev/%k"
-  '';
-
-  # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "montalin"; # Define your hostname.
-  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-
-  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
-  # Per-interface useDHCP will be mandatory in the future, so this generated config
-  # replicates the default behaviour.
-  networking.useDHCP = false;
-  networking.interfaces.eno1 = {
-    ipv4.addresses = [{
-      address = "10.1.2.2";
-      prefixLength = 24;
-    }];
-  };
-  networking.interfaces.wlp1s0.useDHCP = true;
-
-  networking.defaultGateway = "10.1.2.1";
-  networking.nameservers = [ "10.1.2.1" ];
-
-  #networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-  #networking.wireless.networks = {
-  #  yummi = {
-  #    psk = "cookies!";
-  #  };
-  #};
-
-  # Configure network proxy if necessary
-  # networking.proxy.default = "http://user:password@proxy:port/";
-  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
-  # Set your time zone.
-  # time.timeZone = "Europe/Amsterdam";
-
-  # List services that you want to enable:
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  # users.users.jane = {
-  #   isNormalUser = true;
-  #   extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-  # };
-
-  # This value determines the NixOS release with which your system is to be
-  # compatible, in order to avoid breaking some software such as database
-  # servers. You should change this only after NixOS release notes say you
-  # should.
-  system.stateVersion = "19.09"; # Did you read the comment?
-
-}

host/montalin/applications/cloud.nix

@@ -0,0 +1,13 @@
+{ config, pkgs, ... }:
+{
+
+  imports = [
+
+    ../role/nextcloud
+  ];
+
+  services.nextcloud = {
+    hostName = "cloud.qo.is";
+    package = pkgs.nextcloud19;
+  }
+}

host/montalin/applications/default.nix

@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+{
+
+  imports = [
+    ./cloud.nix
+    #./dns.nix #TODO
+    #./feedreader.nix #TODO
+    #./id.nix #TODO
+    #./mx.nix #TODO
+    #./mail.nix #TODO
+  ];
+}

host/montalin/backup.nix

@@ -0,0 +1,34 @@
+{ config, pkgs, ... }:
+
+let mountService = "var-backup.mount";
+    repo = "/var/backup/montalin"; # TODO: Does this make sense?
+{
+  services.borgbackup.jobs = rec {
+    data = {
+      exclude = [
+        "/var/backup" #TODO: Does this make sense?
+        "/var/tmp"
+        "/var/cache"
+      ];
+      paths = [
+        "/etc"
+        "/home"
+        "/root"
+        "/var"
+      ];
+      preHook = "systemctl mount ${mountService}";
+      postHook = "systemctl stop ${mountService}";
+      prune.keep = {
+        within = "14d";
+        weekly = 4;
+        monthly 6;
+        yearly = -1;
+
+      };
+      removeableDevices = true;
+      repo = repo;
+      startAt = ; #TODO: systemdtime
+      environment.BORG_BASE_DIR="${repo}/borg-base-dir";
+    };
+  };
+}

host/montalin/database.nix

@@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+
+  services.postgresql = {
+    #enable = true; # Required? Better in role?
+    package = pkgs.postgresql_12;
+  };
+
+  services.postgresqlBackup.enable = true; #TODO: Role?
+}

host/montalin/default.nix

@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+{
+
+  imports = [
+    ./networking.nix
+    ./filesystems.nix
+    ./database.nix
+    ./backup.nix
+    ./applications
+
+    ../hardware/nuc.nix
+
+    ../role/base
+    ../role/dropbear
+  ];
+
+  # Set your time zone.
+  # time.timeZone = "Europe/Amsterdam";
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "19.09"; # Did you read the comment?
+
+}

host/montalin/filesystems.nix

@@ -0,0 +1,39 @@
+{ config, pkgs, ... }:
+{
+  boot.initrd.luks.devices = {
+    "root".device = "/dev/disk/by-uuid/3a0a5071-67ab-4e13-a0b7-d31b86f5e8b1";
+    "swap".device = "/dev/disk/by-uuid/6dee6e3c-e2f3-46c5-8751-5fce8c80ed49";
+    "backup".device = "/dev/disk/by-uuid/a965933d-516c-46cf-8384-006b1770e46b";
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/mapper/root";
+      fsType = "btrfs";
+      options = [ "defaults" "noatime" ];
+    };
+    "/var/backup" = {
+      device = "/dev/mapper/backup";
+      fsType = "ext4";
+      options = [ "defaults" "noauto" "noatime" ];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/0065-E4EA";
+      fsType = "vfat";
+      options = [ "defaults" "noatime" ];
+    };
+  };
+
+  swapDevices = [{ device = "/dev/mapper/swap"; }];
+
+  # Set Spin-Down times of HDDs
+  # To get the disk identifier with `udevadm info -n /dev/sdX | grep ID_SERIAL_SHORT`
+  services.udev.extraRules = ''
+    ACTION=="add", KERNEL=="sd[a-z]", ENV{ID_SERIAL_SHORT}=="WD-WXH1A89L54LA", RUN+="${pkgs.hdparm}/bin/hdparm -S 60 /dev/%k"
+  '';
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+}

host/montalin/networking.nix

@@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+
+{
+  networking.hostName = "montalin"; # Define your hostname.
+
+  networking.useDHCP = false;
+  networking.interfaces.eno1 = {
+    ipv4.addresses = [{
+      address = "10.1.2.2";
+      prefixLength = 24;
+    }];
+  };
+  networking.interfaces.wlp1s0.useDHCP = true;
+
+  networking.defaultGateway = "10.1.2.1";
+  networking.nameservers = [ "10.1.2.1" ];
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+}