From e1912f1f1a2776953e705fd4d30323e61ddabb7d Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Apr 2025 19:36:47 -0500 Subject: [PATCH 1/4] Switch root to fish and add shell aliases. --- users/root.nix | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/users/root.nix b/users/root.nix index 8d5c05e..ab329e8 100644 --- a/users/root.nix +++ b/users/root.nix @@ -1,7 +1,20 @@ { config, pkgs, ... }: { - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPk6C4eOYzTZ8XOuUA2tErGnSTLS/l9kRDl9+5Ql+m7VtaH/KRFbu6x+C0QAIKOrRcQOjpGYUjL1aIn0HCcoEW2PSihDmOHC+W8cy8ucScy4fPI5KpFFqTZU336Fje+NS4n587gcoaa5LjKcr2KZy/ljgzl4eNSRIqy85khfH4puxsj7LwTIqsZoqDhtD/jSqaKP1C2wuYSsijLF85UnRcT9jErnL757yUv/4xb4Is+gB0zan9GiBXRca4lzb0mY8rmMXmKhc2lm/mu8ogZRdYX5R2JP1AukzYGSdOFs4iUauihgvakuou9AugD2CC+ygYIEbWkUjwKfT9nRN93Qi9 id_rsa" - ]; -} \ No newline at end of file + users.users.root = { + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPk6C4eOYzTZ8XOuUA2tErGnSTLS/l9kRDl9+5Ql+m7VtaH/KRFbu6x+C0QAIKOrRcQOjpGYUjL1aIn0HCcoEW2PSihDmOHC+W8cy8ucScy4fPI5KpFFqTZU336Fje+NS4n587gcoaa5LjKcr2KZy/ljgzl4eNSRIqy85khfH4puxsj7LwTIqsZoqDhtD/jSqaKP1C2wuYSsijLF85UnRcT9jErnL757yUv/4xb4Is+gB0zan9GiBXRca4lzb0mY8rmMXmKhc2lm/mu8ogZRdYX5R2JP1AukzYGSdOFs4iUauihgvakuou9AugD2CC+ygYIEbWkUjwKfT9nRN93Qi9 id_rsa" + ]; + shell = pkgs.fish; + }; + + programs.fish.enable = true; + + home-manager.users.root.home = { + shellAliases = { + "systemctl" = "systemctl --no-ager -l"; + "journalctl" = "journalctl --no-pager -l"; + }; + stateVersion = "24.11"; + }; +} From f6bbe8f4d9d23b2276b56c16e400cb3b9eadab86 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Apr 2025 19:37:24 -0500 Subject: [PATCH 2/4] Add localsend. --- users/nolan/desktop-minimal.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/users/nolan/desktop-minimal.nix b/users/nolan/desktop-minimal.nix index f192631..9ba8333 100644 --- a/users/nolan/desktop-minimal.nix +++ b/users/nolan/desktop-minimal.nix @@ -10,6 +10,8 @@ packages = with pkgs; [ unstable.firefoxpwa ]; }; + programs.localsend.enable = true; + home-manager.users.nolan = { programs = { firefox = { From db901f2bf5bfc52e1cb29bb41ce110a444175aee Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Apr 2025 19:38:03 -0500 Subject: [PATCH 3/4] Disable jj and add ~/.local/bin to path. --- users/nolan/desktop.nix | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/users/nolan/desktop.nix b/users/nolan/desktop.nix index 9adbe40..6f2e4e2 100644 --- a/users/nolan/desktop.nix +++ b/users/nolan/desktop.nix @@ -44,15 +44,15 @@ credential.helper = "${pkgs.git.override { withLibsecret = true; }}/bin/git-credential-libsecret"; }; }; - jujutsu = { - enable = true; - settings = { - user = { - name = "Nolan Darilek"; - email = "nolan@thewordnerd.info"; - }; - }; - }; + # jujutsu = { + # enable = true; + # settings = { + # user = { + # name = "Nolan Darilek"; + # email = "nolan@thewordnerd.info"; + # }; + # }; + # }; obs-studio = { enable = true; plugins = with pkgs.obs-studio-plugins; [ @@ -65,4 +65,8 @@ }; }; }; + + environment.sessionVariables = { + PATH = [ "$HOME/.local/bin" ]; + }; } From 56ca8bd17a1739cdd1f8199898b13750bdc5921a Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Fri, 18 Apr 2025 19:38:24 -0500 Subject: [PATCH 4/4] Get Restic backups working. --- roles/restic.nix | 48 +++++++++++++++++++++++++++--------------------- 1 file changed, 27 insertions(+), 21 deletions(-) diff --git a/roles/restic.nix b/roles/restic.nix index 8ea4abe..f5f435d 100644 --- a/roles/restic.nix +++ b/roles/restic.nix @@ -1,32 +1,38 @@ { config, pkgs, ... }: { - services.restic.backups.home = { - paths = [ "/home/.zfs/snapshot/restic" ]; + services.restic.backups.system = { + paths = [ + "/home/.zfs/snapshot/restic" + "/var/.zfs/snapshot/restic" + ]; repository = "s3:s3.us-west-001.backblazeb2.com/nolans-nixos-backups/${config.networking.hostName}"; environmentFile = config.age.secrets."restic_b2_${config.networking.hostName}".path; passwordFile = config.age.secrets."restic_password_${config.networking.hostName}".path; initialize = true; - backupPrepareCommand = "${pkgs.zfs}/bin/zfs snapshot zpool/home@restic"; - backupCleanupCommand = "${pkgs.zfs}/bin/zfs destroy zpool/home@restic"; - timerConfig = { - OnCalendar = "hourly"; - Persistent = true; - }; - }; - services.restic.backups.var = { - paths = [ "/var/.zfs/snapshot/restic" ]; - repository = "s3:s3.us-west-001.backblazeb2.com/nolans-nixos-backups/${config.networking.hostName}"; - environmentFile = config.age.secrets."restic_b2_${config.networking.hostName}".path; - passwordFile = config.age.secrets."restic_password_${config.networking.hostName}".path; - initialize = true; - backupPrepareCommand = "${pkgs.zfs}/bin/zfs snapshot zpool/var@restic"; - backupCleanupCommand = "${pkgs.zfs}/bin/zfs destroy zpool/var@restic"; - timerConfig = { - OnCalendar = "hourly"; - Persistent = true; - }; + backupPrepareCommand = '' + #!${pkgs.bash}/bin/sh + ${pkgs.zfs}/bin/zfs snapshot zpool/home@restic + ${pkgs.zfs}/bin/zfs snapshot zpool/var@restic + ''; + backupCleanupCommand = '' + #!${pkgs.bash}/bin/sh + ${pkgs.zfs}/bin/zfs destroy zpool/home@restic + ${pkgs.zfs}/bin/zfs destroy zpool/var@restic + ''; + timerConfig.OnCalendar = "hourly"; + pruneOpts = [ + "--keep-daily 7" + "--keep-weekly 5" + "--keep-monthly 12" + "--keep-yearly 2" + ]; }; + + systemd.tmpfiles.rules = [ + "d /mnt/restic 0700 root root" + ]; + age.secrets."restic_b2_${config.networking.hostName}".file = ../secrets/restic_b2_${config.networking.hostName}.age; age.secrets."restic_password_${config.networking.hostName}".file =