Modules

This module is responsible for configuring standard NixOS options and services, all of my modules have their own erase-your-darlings.nix file which makes any changes that they need.

This requires a setting up ZFS in a specific way when first installing NixOS. See the "set up a new host" runbook.

Options:

Declared in: shared/erase-your-darlings/default.nix

finder

finder is a webapp to read downloaded manga. There is no public deployment.

finder uses a containerised elasticsearch database, and requires read access to the filesystem where manga is stored. It does not manage the manga, only provides an interface to search and read.

The database can be recreated from the manga files, so this module does not include a backup script.

Options:

Declared in: shared/finder/default.nix

FoundryVTT is a virtual tabletop to run roleplaying games. It is licensed software and needs to be downloaded after purchase. This module doesn't manage the FoundryVTT program files, only operating it.

The downloaded FoundryVTT program files must be in ''${dataDir}/bin.

Backups: the data files - this requires briefly stopping the service, so don't schedule backups during game time.

Erase your darlings: overrides the dataDir.

Options:

Declared in: shared/foundryvtt/default.nix

minecraft

Minecraft Java Edition runner. Supports multiple servers, with mods. This module doesn't manage the Minecraft server files, only operating them.

Yes, I know there's a NixOS minecraft module, but it uses the Minecraft in nixpkgs and only runs one server, whereas I want to run multiple modded servers.

The Minecraft server files must be in ''${dataDir}/{name}.

This module does not include a backup script. Servers must be backed up independently.

Erase your darlings: overrides the dataDir.

Options:

Declared in: shared/minecraft/default.nix

oci-containers

To do

Run podman containers run as a non-root user.

An abstraction over running containers as systemd units, enforcing some good practices:

Container DNS behaves the same under docker and podman.
Ports are exposed on 127.0.0.1, rather than 0.0.0.0.
Volumes are backed up by bind-mounts to the host filesystem.

Switching between using docker or podman for the container runtime should be totally transparent.

Erase your darlings: overrides the volumeBaseDir.

Options:

Declared in: shared/oci-containers/default.nix

pleroma

Pleroma is a fediverese server.

Pleroma uses a containerised postgres database.

Backups: the postgres database, uploaded files, and custom emojis.

Erase your darlings: transparently stores data on the persistent volume.

Options:

Declared in: shared/pleroma/default.nix

resolved

resolved is a recursive DNS server for LAN DNS.

Provides a grafana dashboard.

Options:

Declared in: shared/resolved/default.nix

restic-backups

Manage regular incremental, compressed, and encrypted backups with restic.

Backups are uploaded to the barrucadu-backups-a19c48 B2 bucket.

List all the snapshots with:

nix run .#backups                                # all snapshots
nix run .#backups -- snapshots --host <hostname> # for a specific host
nix run .#backups -- snapshots --tag <tag>       # for a specific tag

Restore a snapshot to <restore-dir> with:

nix run .#backups restore <snapshot> [<restore-dir>]

If unspecified, the snapshot is restored to /tmp/restic-restore-<snapshot>.

Alerts:

Creating or uploading a snapshot fails.

Options:

Declared in: shared/restic-backups/default.nix

torrents

Transmission is a bittorrent client. This module configures it along with a web UI.

This module does not include a backup script. Torrented files must be backed up independently.

Erase your darlings: transparently stores session data on the persistent volume.

Options:

Declared in: shared/torrents/default.nix

umami

umami is a web analytics tool.

umami uses a containerised postgres database.

Backups: the postgres database.

Options:

Declared in: shared/umami/default.nix

nixfiles