# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, stablePkgs, impermanence, ... }: let home = "/home/rilla"; offline-backups = pkgs.writeScriptBin "offline-backups" '' #!${pkgs.dash}/bin/dash set -xe for x in 0 1 2; do ${pkgs.systemd}/bin/systemctl start "mnt-backups-''${x}.mount" done && \ /run/wrappers/bin/doas -u btrbk \ ${pkgs.btrbk}/bin/btrbk \ --config /etc/btrbk/offline-backups.conf \ --progress \ --verbose \ "$@" ''; in { imports = [ ../../hardware-configuration/capibara.nix ../../common ../../common/desktop.nix ]; home-manager = { users.rilla.imports = [ ../../home/capibara.nix "${impermanence}/home-manager.nix" ]; }; fileSystems = { "/" = { device = "tmpfs"; fsType = "tmpfs"; options = [ "defaults" "size=2G" "mode=755" ]; }; "/mnt/btr_root" = { device = "/dev/mapper/root"; fsType = "btrfs"; options = [ "subvolid=5" "compress=zstd" ]; }; "/mnt/btr_data" = { device = "/dev/mapper/data"; fsType = "btrfs"; options = [ "subvolid=5" "compress=zstd" ]; }; "/mnt/persist" = { device = "/dev/mapper/data"; fsType = "btrfs"; options = [ "subvol=persist" "compress=zstd" ]; neededForBoot = true; }; "/mnt/logs" = { device = "/dev/mapper/root"; fsType = "btrfs"; options = [ "subvol=logs" "compress=zstd" ]; neededForBoot = true; }; "/mnt/data" = { device = "/dev/mapper/data"; fsType = "btrfs"; options = [ "subvol=data" "compress=zstd" ]; neededForBoot = true; }; "/mnt/secrets" = { device = "narwhal:/secrets"; fsType = "nfs"; options = [ "noauto" ]; }; "/mnt/secrets/gnupg" = { device = "/dev/mapper/gnupg_secrets"; fsType = "btrfs"; options = [ "noauto" ]; }; "/nix" = { device = "/dev/mapper/root"; fsType = "btrfs"; options = [ "subvol=nix" "compress=zstd" ]; }; "/boot" = { device = "/dev/disk/by-uuid/c99d1f1b-45a4-4a25-b5b8-bc76464c6825"; fsType = "ext4"; }; "/swap" = { device = "/dev/mapper/root"; fsType = "btrfs"; options = [ "subvol=swap" ]; }; "/mnt/vfs_share" = { device = "/dev/mapper/data"; fsType = "btrfs"; options = [ "subvol=vfs_share" "compress=zstd" ]; neededForBoot = true; }; "/mnt/backups/0" = { device = "/dev/mapper/backups0"; fsType = "btrfs"; options = [ "noauto" "subvolid=5" "compress=zstd" ]; }; "/mnt/backups/1" = { device = "/dev/mapper/backups1"; fsType = "btrfs"; options = [ "noauto" "subvolid=5" "compress=zstd" ]; }; "/mnt/backups/2" = { device = "/dev/mapper/backups2"; fsType = "btrfs"; options = [ "noauto" "subvolid=5" "compress=zstd" ]; }; }; swapDevices = [{ device = "/swap/swapfile"; }]; environment.etc = { crypttab = { text = '' backups0 UUID="e45232d5-f46f-46f3-a150-be26374b3357" /etc/luks-keys/backups.bin noauto backups1 UUID="5b3da928-4862-4451-89cd-5bd6a95466d0" /etc/luks-keys/backups.bin noauto backups2 UUID="cbfa9cba-dee2-4d0b-8cde-2f1d1849b22c" /etc/luks-keys/backups.bin noauto gnupg_secrets /mnt/secrets/gnupg.img none noauto ''; }; }; environment.variables = { NIXOS_CONFIG = "${home}/configs/nix-config/capibara.nix"; LV2_PATH = "${home}/.nix-profile/lib/lv2:${home}/Audio/plugins/lv2:/run/current-system/sw/lib/lv2"; LXVST_PATH = "${home}/.nix-profile/lib/lxvst:${home}/Audio/plugins/lxvst:/run/current-system/sw/lib/lxvst"; LADSPA_PATH = "${home}/.nix-profile/lib/ladspa:${home}/Audio/plugins/ladspa:/run/current-system/sw/lib/ladspa"; }; networking.networkmanager.wifi.macAddress = "CC:AF:78:75:29:32"; nixpkgs.config.allowUnfree = true; programs.steam.enable = true; boot = { loader = { grub = { efiSupport = false; efiInstallAsRemovable = false; enable = true; device = "/dev/disk/by-id/ata-KINGSTON_SKC600MS512G_50026B7783FC3D2F"; }; }; initrd = { luks = { devices = { root = { device = "/dev/disk/by-uuid/869b4b9e-5004-4625-877f-6b1c9489ac8f"; allowDiscards = true; }; data = { device = "/dev/disk/by-uuid/6a9246a0-984b-471c-9950-be16db3060f5"; allowDiscards = true; }; }; reusePassphrases = true; }; }; }; services.earlyoom.enable = true; # Power management powerManagement.enable = true; services.upower.enable = true; # services.thermald.enable = true; services.tlp.enable = true; services.power-profiles-daemon.enable = false; environment.systemPackages = with pkgs; [ powertop acpi offline-backups ]; #services.beesd.filesystems = { # root = { # spec = "/dev/mapper/root"; # hashTableSizeMB = 256; # verbosity = "info"; # extraOptions = [ "--loadavg-target" "2.0" ]; # }; #}; # todo: target and/or archive services.btrbk.instances = { btrbk = { onCalendar = "*:0/30"; # every 30 minutes settings = { snapshot_preserve = "2d"; snapshot_preserve_min = "latest"; snapshot_create = "onchange"; volume."/mnt/btr_data" = { snapshot_dir = "btrbk_snapshots"; subvolume = { data = { }; persist = { }; }; }; }; }; # doas -u btrbk btrbk -c /etc/btrbk/offline-backups.conf --dry-run --progress --verbose run offline-backups = { onCalendar = null; settings = { ssh_user = "btrbk"; ssh_identity = "/etc/btrbk/id_ed25519"; backend_remote = "btrfs-progs-doas"; snapshot_create = "onchange"; snapshot_preserve_min = "latest"; target_preserve_min = "all"; volume = { "ssh://narwhal:22/mnt/btr_pool" = { stream_buffer = "50%"; stream_compress = "zstd"; snapshot_dir = "btrbk_snapshots_offline"; subvolume = { backups = { }; books = { }; certs = { }; data = { }; docker_volumes = { }; home = { }; http = { }; music = { }; secrets = { }; transmission = { }; videos = { }; }; target = { "/mnt/backups/0/btr_backup/narwhal" = { }; "/mnt/backups/1/btr_backup/narwhal" = { }; "/mnt/backups/2/btr_backup/narwhal" = { }; }; }; "ssh://suricata:22/mnt/btr_pool" = { stream_buffer = "50%"; snapshot_dir = "btrbk_snapshots_offline"; compat_remote = "busybox"; subvolume = { home = { }; rancher_config = { }; backups = { }; configs = { }; }; target = { "/mnt/backups/0/btr_backup/suricata" = { }; "/mnt/backups/1/btr_backup/suricata" = { }; "/mnt/backups/2/btr_backup/suricata" = { }; }; }; "ssh://caladan/mnt/btr_pool" = { stream_buffer = "50%"; snapshot_dir = "btrbk_snapshots_offline"; compat_remote = "busybox"; subvolume = { certs = { }; volumes = { }; }; target = { "/mnt/backups/0/btr_backup/caladan" = { }; "/mnt/backups/1/btr_backup/caladan" = { }; "/mnt/backups/2/btr_backup/caladan" = { }; }; }; "/mnt/btr_data" = { snapshot_dir = "btrbk_snapshots_offline"; subvolume = { data = { }; persist = { }; }; target = { "/mnt/backups/0/btr_backup/capibara" = { }; "/mnt/backups/1/btr_backup/capibara" = { }; "/mnt/backups/2/btr_backup/capibara" = { }; }; }; }; }; }; }; services.xserver.deviceSection = '' Option "TearFree" "true" ''; xdg.portal = { enable = true; wlr.enable = true; extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; }; networking = { hostName = "capibara"; interfaces = { eno0.useDHCP = true; wlp2s0.useDHCP = true; }; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? }