diff options
Diffstat (limited to 'modules/private/system/backup-2.nix')
| -rw-r--r-- | modules/private/system/backup-2.nix | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix index ede5bc2..1d84667 100644 --- a/modules/private/system/backup-2.nix +++ b/modules/private/system/backup-2.nix | |||
| @@ -1,9 +1,8 @@ | |||
| 1 | { privateFiles }: | 1 | { privateFiles }: |
| 2 | { config, pkgs, resources, name, ... }: | 2 | { config, pkgs, resources, ... }: |
| 3 | { | 3 | { |
| 4 | boot.kernelPackages = pkgs.linuxPackages_latest; | 4 | boot.kernelPackages = pkgs.linuxPackages_latest; |
| 5 | myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; }; | 5 | myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; }; |
| 6 | hostEnv.FQDN = "backup-2.v.immae.eu"; | ||
| 7 | 6 | ||
| 8 | imports = builtins.attrValues (import ../..); | 7 | imports = builtins.attrValues (import ../..); |
| 9 | 8 | ||
| @@ -28,13 +27,22 @@ | |||
| 28 | firewall.enable = true; | 27 | firewall.enable = true; |
| 29 | interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList | 28 | interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList |
| 30 | (n: ips: { address = ips.ip4; prefixLength = 32; }) | 29 | (n: ips: { address = ips.ip4; prefixLength = 32; }) |
| 31 | (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.backup-2.ips); | 30 | (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips); |
| 32 | interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList | 31 | interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList |
| 33 | (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or [])) | 32 | (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or [])) |
| 34 | config.myEnv.servers.backup-2.ips); | 33 | config.hostEnv.ips); |
| 35 | defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; | 34 | defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; |
| 36 | }; | 35 | }; |
| 37 | 36 | ||
| 37 | myServices.certificates.enable = true; | ||
| 38 | services.nginx = { | ||
| 39 | enable = true; | ||
| 40 | recommendedOptimisation = true; | ||
| 41 | recommendedGzipSettings = true; | ||
| 42 | recommendedProxySettings = true; | ||
| 43 | }; | ||
| 44 | networking.firewall.allowedTCPPorts = [ 80 443 ]; | ||
| 45 | |||
| 38 | services.cron = { | 46 | services.cron = { |
| 39 | mailto = "cron@immae.eu"; | 47 | mailto = "cron@immae.eu"; |
| 40 | enable = true; | 48 | enable = true; |
| @@ -49,6 +57,7 @@ | |||
| 49 | }; | 57 | }; |
| 50 | 58 | ||
| 51 | myServices.mailRelay.enable = true; | 59 | myServices.mailRelay.enable = true; |
| 60 | myServices.mailBackup.enable = true; | ||
| 52 | myServices.monitoring.enable = true; | 61 | myServices.monitoring.enable = true; |
| 53 | myServices.databasesReplication = { | 62 | myServices.databasesReplication = { |
| 54 | postgresql = { | 63 | postgresql = { |
| @@ -57,7 +66,7 @@ | |||
| 57 | hosts = { | 66 | hosts = { |
| 58 | eldiron = { | 67 | eldiron = { |
| 59 | slot = "backup_2"; | 68 | slot = "backup_2"; |
| 60 | connection = "postgresql://backup-2:${config.myEnv.servers.backup-2.ldap.password}@eldiron.immae.eu"; | 69 | connection = "postgresql://backup-2:${config.hostEnv.ldap.password}@eldiron.immae.eu"; |
| 61 | }; | 70 | }; |
| 62 | }; | 71 | }; |
| 63 | }; | 72 | }; |
| @@ -71,7 +80,7 @@ | |||
| 71 | host = config.myEnv.servers.eldiron.ips.main.ip4; | 80 | host = config.myEnv.servers.eldiron.ips.main.ip4; |
| 72 | port = "3306"; | 81 | port = "3306"; |
| 73 | user = "backup-2"; | 82 | user = "backup-2"; |
| 74 | password = config.myEnv.servers.backup-2.ldap.password; | 83 | password = config.hostEnv.ldap.password; |
| 75 | dumpUser = "root"; | 84 | dumpUser = "root"; |
| 76 | dumpPassword = config.myEnv.databases.mysql.systemUsers.root; | 85 | dumpPassword = config.myEnv.databases.mysql.systemUsers.root; |
| 77 | }; | 86 | }; |