voyager: add time machine, cleanup

2023-11-16 15:54:54 +01:00 · 2023-11-16 15:54:54 +01:00 · 57062782a0
commit 57062782a0
parent 8838b0ecf7
3 changed files with 51 additions and 9 deletions
--- a/flake.nix
+++ b/flake.nix
@ -48,7 +48,6 @@
            ./hosts/voyager/configuration.nix
            voyager-addons.nixosModules.default
            sops-nix.nixosModules.sops
-            matrix-synapse-next.nixosModules.synapse
          ];
        };
        edison = nixpkgs.lib.nixosSystem {
--- a/hosts/voyager/configuration.nix
+++ b/hosts/voyager/configuration.nix
@ -13,17 +13,18 @@
      ./services/snappymail.nix
      #./vms.nix

-      ./services/nginx
-      ./services/postgres.nix
-      ./services/kanidm.nix
-      ./services/jellyfin.nix
-      ./services/transmission.nix
-      ./services/metrics
-      ./services/gitea.nix
-      ./services/vaultwarden.nix
      ./services/calibre.nix
      ./services/fancontrol.nix
+      ./services/gitea.nix
+      ./services/jellyfin.nix
      ./services/jupyter.nix
+      ./services/kanidm.nix
+      ./services/metrics
+      ./services/nginx
+      ./services/postgres.nix
+      ./services/timemachine.nix
+      ./services/transmission.nix
+      ./services/vaultwarden.nix
      # ./services/searx.nix
      # ./services/code-server.nix

--- a/hosts/voyager/services/timemachine.nix
+++ b/hosts/voyager/services/timemachine.nix
@ -0,0 +1,42 @@
+{ config, pkgs, ... }:
+  let
+    timeMachineDir = "/tank/backup/worf";
+    user = "worf-backup";
+    sizeLimit = "800000"; # MiB
+    allowedIPs = "192.168.10.2 192.168.10.5"; #TODO
+  in {
+  services.avahi = {
+    enable = true;
+    publish = {
+      enable = true;
+      userServices = true;
+    };
+  };
+
+  services.netatalk = {
+    enable = true;
+
+    settings = {
+      Global = {
+        "mimic model" = "TimeCapsule6,106";  # show the icon for the first gen TC
+        "hosts allow" = allowedIPs;
+      };
+
+      "worf-time-machine" = {
+        "time machine" = "yes";
+        "path" = timeMachineDir;
+        "valid users" = user;
+        "vol size limit" = sizeLimit;
+      };
+    };
+  };
+
+  users.extraUsers.worf-backup = {
+    isSystemUser = true;
+    name = user;
+    group = user;
+  };
+  users.groups."${user}" = {};
+
+  networking.firewall.allowedTCPPorts = [ 548 636 ];
+}