diff --git a/hosts/stratus/containers/docker/actualbudget/default.nix b/hosts/stratus/containers/docker/actualbudget/default.nix index 3715936..4b700a0 100644 --- a/hosts/stratus/containers/docker/actualbudget/default.nix +++ b/hosts/stratus/containers/docker/actualbudget/default.nix @@ -1,6 +1,11 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + lib, + ... +}: let - serviceName = "actualbudget"; + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name subdomain = "budget"; serveConfig = builtins.toJSON { diff --git a/hosts/stratus/containers/docker/onlyoffice/default.nix b/hosts/stratus/containers/docker/onlyoffice/default.nix index f23c895..9a0de03 100644 --- a/hosts/stratus/containers/docker/onlyoffice/default.nix +++ b/hosts/stratus/containers/docker/onlyoffice/default.nix @@ -1,6 +1,11 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + lib, + ... +}: let - serviceName = "onlyoffice"; + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name subdomain = "office"; serveConfig = builtins.toJSON { diff --git a/hosts/stratus/containers/nspawn/forgejo/backup.nix b/hosts/stratus/containers/nspawn/forgejo/backup.nix index d50face..cb3f521 100644 --- a/hosts/stratus/containers/nspawn/forgejo/backup.nix +++ b/hosts/stratus/containers/nspawn/forgejo/backup.nix @@ -5,8 +5,13 @@ dataDir, ... }: +let + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name + userName = config.services.forgejo.user; + groupName = config.services.forgejo.group; +in { - systemd.tmpfiles.rules = [ "d ${dataDir}/backup 750 forgejo forgejo -" ]; + systemd.tmpfiles.rules = [ "d ${dataDir}/backup 750 ${userName} ${groupName} -" ]; security.polkit = { enable = true; @@ -21,9 +26,9 @@ ''; }; - myConfig.resticBackup.forgejo = { + myConfig.resticBackup.${serviceName} = { enable = true; - user = config.users.users.forgejo.name; + user = userName; healthchecks.enable = true; extraConfig = { @@ -47,11 +52,11 @@ environment.systemPackages = [ (pkgs.writeShellApplication { - name = "forgejo-restore"; + name = "${serviceName}-restore"; text = '' systemctl stop forgejo.service - sudo -u forgejo restic-forgejo restore --target / latest - sudo -u forgejo pg_restore --clean --if-exists --dbname forgejo ${dataDir}/backup/db.dump + sudo -u ${userName} restic-${serviceName} restore --target / latest + sudo -u ${userName} pg_restore --clean --if-exists --dbname forgejo ${dataDir}/backup/db.dump systemctl start forgejo.service ''; }) diff --git a/hosts/stratus/containers/nspawn/forgejo/default.nix b/hosts/stratus/containers/nspawn/forgejo/default.nix index 5747253..d07fa3d 100644 --- a/hosts/stratus/containers/nspawn/forgejo/default.nix +++ b/hosts/stratus/containers/nspawn/forgejo/default.nix @@ -1,11 +1,20 @@ +{ lib, ... }: +let + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name + subdomain = "git"; +in { - containers.forgejo.config = + containers.${serviceName}.config = { config, lib, dataDir, ... }: + let + userName = config.services.forgejo.user; + groupName = config.services.forgejo.group; + in { imports = [ ./backup.nix ]; @@ -15,7 +24,7 @@ }; systemd.tmpfiles.rules = [ - "d ${dataDir}/home 750 forgejo forgejo -" + "d ${dataDir}/home 750 ${userName} ${groupName} -" "d ${dataDir}/postgresql 700 postgres postgres -" ]; @@ -42,7 +51,7 @@ ''; myConfig.tailscale = { - subdomain = "git"; + inherit subdomain; serve = "3000"; }; }; diff --git a/hosts/stratus/containers/nspawn/nextcloud/backup.nix b/hosts/stratus/containers/nspawn/nextcloud/backup.nix index 0d93786..7c9d3d9 100644 --- a/hosts/stratus/containers/nspawn/nextcloud/backup.nix +++ b/hosts/stratus/containers/nspawn/nextcloud/backup.nix @@ -5,12 +5,17 @@ dataDir, ... }: +let + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name + userName = config.users.users.nextcloud.name; + groupName = config.users.users.nextcloud.group; +in { - systemd.tmpfiles.rules = [ "d ${dataDir}/backup 700 nextcloud nextcloud -" ]; + systemd.tmpfiles.rules = [ "d ${dataDir}/backup 700 ${userName} ${groupName} -" ]; - myConfig.resticBackup.nextcloud = { + myConfig.resticBackup.${serviceName} = { enable = true; - user = config.users.users.nextcloud.name; + user = userName; healthchecks.enable = true; extraConfig = { @@ -31,12 +36,12 @@ environment.systemPackages = [ (pkgs.writeShellApplication { - name = "nextcloud-restore"; + name = "${serviceName}-restore"; text = '' - sudo -u nextcloud ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --on - sudo -u nextcloud restic-nextcloud restore --target / latest - sudo -u nextcloud pg_restore --clean --if-exists --dbname nextcloud ${dataDir}/backup/db.dump - sudo -u nextcloud ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --off + sudo -u ${userName} ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --on + sudo -u ${userName} restic-${serviceName} restore --target / latest + sudo -u ${userName} pg_restore --clean --if-exists --dbname nextcloud ${dataDir}/backup/db.dump + sudo -u ${userName} ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --off ''; }) ]; diff --git a/hosts/stratus/containers/nspawn/nextcloud/default.nix b/hosts/stratus/containers/nspawn/nextcloud/default.nix index f72e22c..83407c5 100644 --- a/hosts/stratus/containers/nspawn/nextcloud/default.nix +++ b/hosts/stratus/containers/nspawn/nextcloud/default.nix @@ -1,8 +1,10 @@ +{ lib, ... }: let + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name subdomain = "cloud"; in { - containers.nextcloud.config = + containers.${serviceName}.config = { config, inputs, @@ -10,6 +12,10 @@ in dataDir, ... }: + let + userName = config.users.users.nextcloud.name; + groupName = config.users.users.nextcloud.group; + in { imports = [ ./email-server.nix @@ -22,7 +28,7 @@ in }; systemd.tmpfiles.rules = [ - "d ${dataDir}/home 750 nextcloud nextcloud -" + "d ${dataDir}/home 750 ${userName} ${groupName} -" "d ${dataDir}/postgresql 700 postgres postgres -" ]; diff --git a/hosts/stratus/containers/nspawn/paperless/backup.nix b/hosts/stratus/containers/nspawn/paperless/backup.nix index 60c7271..abeb98a 100644 --- a/hosts/stratus/containers/nspawn/paperless/backup.nix +++ b/hosts/stratus/containers/nspawn/paperless/backup.nix @@ -5,14 +5,19 @@ dataDir, ... }: +let + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name + userName = config.services.paperless.user; + groupName = config.users.users.${userName}.group; +in { - systemd.tmpfiles.rules = [ "d ${dataDir}/backup 700 paperless paperless -" ]; + systemd.tmpfiles.rules = [ "d ${dataDir}/backup 700 ${userName} ${groupName} -" ]; users.users.paperless.extraGroups = [ "redis-paperless" ]; - myConfig.resticBackup.paperless = { + myConfig.resticBackup.${serviceName} = { enable = true; - user = config.users.users.paperless.name; + user = userName; healthchecks.enable = true; extraConfig = { @@ -33,10 +38,10 @@ environment.systemPackages = [ (pkgs.writeShellApplication { - name = "paperless-restore"; + name = "${serviceName}-restore"; text = '' - sudo -u paperless restic-paperless restore --target / latest - sudo -u paperless ${dataDir}/paperless-manage document_importer ${dataDir}/backup + sudo -u ${userName} restic-${serviceName} restore --target / latest + sudo -u ${userName} ${dataDir}/paperless-manage document_importer ${dataDir}/backup ''; }) ]; diff --git a/hosts/stratus/containers/nspawn/paperless/default.nix b/hosts/stratus/containers/nspawn/paperless/default.nix index 88018e2..e6dfaea 100644 --- a/hosts/stratus/containers/nspawn/paperless/default.nix +++ b/hosts/stratus/containers/nspawn/paperless/default.nix @@ -1,5 +1,10 @@ +{ lib, ... }: +let + serviceName = lib.last (lib.splitString "/" (builtins.toString ./.)); # Parent directory name + subdomain = "paper"; +in { - containers.paperless.config = + containers.${serviceName}.config = { config, dataDir, @@ -18,7 +23,7 @@ }; myConfig.tailscale = { - subdomain = "paper"; + inherit subdomain; serve = "28981"; }; };