Skip to content

Backup and snapshots with restic #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
99linesofcode wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Backup and snapshots with restic #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
90f1da3
fix: import and inherit missing lib causing undefined variable error
99linesofcode Nov 6, 2025
6247c5a
refactor(sops): regenerate master key
99linesofcode Nov 6, 2025
67d69c6
fix(impermanence): mount /persist to resolve decryption and as a resu…
99linesofcode Nov 6, 2025
6772373
feat(docker): persist docker configuration, images and volumes
99linesofcode Nov 6, 2025
819208d
fix(dns): use ipv4 DNS servers for the time being
99linesofcode Nov 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .sops.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
keys:
- &master age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg
- &master age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr
- &host_luna age10a049meemjvgdgukx6zu5lwu82mqul83l7fyd66tzy9sm8637s7q07ujez
- &host_mars age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy
creation_rules:
Expand Down
2 changes: 2 additions & 0 deletions hosts/luna/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
{
lib,
modulesPath,
pkgs,
...
Expand All @@ -7,6 +8,7 @@
let
username = "shorty";
in
with lib;
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
Expand Down
1 change: 1 addition & 0 deletions hosts/luna/disko.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ in
];
};
"/persist" = {
mountpoint = "/persist";
mountOptions = [
"compress=zstd"
"noatime"
Expand Down
6 changes: 3 additions & 3 deletions hosts/luna/users/shorty/secrets/id_ed25519
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCUzljQWlRb0ZyNHA1cUNN\nZ09QNXhFS2Q0UEJ5MDRkc29nVWJKQzZabWlZCmdpTjlIbU50Y2hPNU5mS2JGdTFJ\nTHltNEJJRWs0SVBEK2JzcklzaWp6emsKLS0tIFVTbHlOWnNhbWorSndFTmlCMjVj\nZjJkaHZaSUl2YW00MUttaWFFczZOUFEKO6+2ZzBOTwC6bFSf/y34l/okKgy2jYhj\n++IQltnjSEuoVZO9CaBiB0c2eknz382fd4N2uiepF8mRCd7dBHhvqw==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvOXI0Z0ZIM2MydzUwWTBX\nVTVhQ0lVR0lIS3JjSjN3VzNmMU1qWFIyWVdRCmhUeHd6elRuM0RMYW5QdHBSdnlo\nWmxPRXdlQjJtMUpxREluSHpPZUlpeWsKLS0tIGtKTExwTG5XMlFHTUQ3eXRDL2w3\nRTZTWGZkQUtHT2pVUU45RTEySmxsMTgKyrJUCN5ooCRoZe+VJeEW1mIPLnTIWxRw\nZ3PzJkw0YPEq8B+RvWjKDeip5uj1RWJOgU5sl1ngf5CbN37uUIAlAQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age10a049meemjvgdgukx6zu5lwu82mqul83l7fyd66tzy9sm8637s7q07ujez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYajRJUTIzdnp4VE5zVnVB\nVHFjbXpZeU11L1JreURNaHNQYWkvM2hmTnhvCjR0V3M3SGJXcDN3NkVoV3NUZ1NV\nNVNlaVdQcXYvYVI3Nm9qMWlPK1VVQVkKLS0tIEFNOGNhTVdKd3h1d3l6czVXQXpX\nRXJHeXExbDRtRkJWUXVxRjZ4OWloSjQKcajyJcZCZoel1qXKES5NmZ/iHgQtiG2Y\npjZqIBrw6FNH1oTXmErLJIBxVW9d5I3bU/xQ2A5jNd3o8OAC9MsTAw==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPVzFOQlMxdzJLRmtOMmd5\nQVIzYWwwbkRlb0tJOTRKcFlzUlVqNnNUSFRVCkd3SzNBbGhQNU5LL2RKbWlGcEh2\nM2Y0NlNicEl1S2thSHNPZDFubUIvOUkKLS0tIGNTQTR6dmxaV21UNGN2T3FoUWFG\nMDcxN0pIZjVORDRTcmhMd1RUaGZ6djQKySiQjwuQwTx8WmAqrqu94pByd+cUM5O8\nG38dnvUaRhC5DjShbinPJiVdchV9lqllU2dYaWq9voY/RCJH4EMm6Q==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-24T11:14:20Z",
Expand Down
6 changes: 3 additions & 3 deletions hosts/luna/users/shorty/secrets/id_ed25519.pub
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2SFdqdUZkenRqUjV3d2o5\nS0VXTE1Cak80SHdXcnpCd0FmSTBBR0FwVjNRCjFEYXlLOCtHbUg4RlhmVkV6aldB\nbWxTRDhBd3grcnloMHNSSnFuN3RtTTQKLS0tIGNtTUI2WDVKV0pDU0NwQjRxdFZF\nK3IvQ1pyS3BSbVk5QjUyZk9tVmtFak0KW//YyXr6+6NSlUdatMX00O5dlioLBnqv\njq84ZsgCrzm7KAhStvH3icOGdP1skQ82Wp8B76X3IQQvIqTXLT+Jkw==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0MUNCU0VEaWF5cVNydGNQ\nZXRKNzlla3k5RkRNZkM1dE5oN29HeXVRRDI0CmkrM2U0TEFMMk9LUEhDQzlBMGpQ\nKzB5bHFWRnFhR2xrMHpYMVdnUmJSNUUKLS0tIEVuUWF6N0YzUTVzR1lscnphWWxy\nNy9UaVNITFlxQ3NnNWNDMzRWVnkxUGcKvKmoT3SqPcyM2Fhoxc8mSJl06rV8hlhI\nFftuxCOO/04lIA7FHHrEHRwON/OZKSwe8ZHkq8ojvUyhPsS9CF3COg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age10a049meemjvgdgukx6zu5lwu82mqul83l7fyd66tzy9sm8637s7q07ujez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvUUxkNVFDVlFYOXpQVk45\nMEtTdEQvMEwramdLQW9XNVBNVDN5Z1JqMlFzClZTakNJVFBSSEFWdlBRN0xITXlS\nYkE2dk0rNDFrcnFwZ2FPL3ZvRTlINEUKLS0tIFhhdkF6ZWwvR3JJMTA2L0hITGsz\nYkhac0FKeHhqUUplblMrd1dpNldNdUUKGQZlACAnWYpxAVO5tHnHg/cJXypujWEk\n9t4pSQIamiFJQ7zeUuNjEPRppQYKuPCkGx6hZ7PUiuLLDNWdL/GzpQ==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOOUZmOHRBR0NkUkdmRnk3\nMGI2QlBVc2RqbHMvS1FCSmV1WHBNSjRYZkdRCjhaNk1OZ2lCbGhtTml5SStsc1ZN\nOWY2ODNCdGt1ekJKZjE2NnQwVjNGMzAKLS0tIFFoZndSVWR5cmhMTGZmVnUyNk0x\naS9FSWU1SS9zakRIWnpYTEladUxTR2cKdJUuLUlnb4/wrooyOx1rCt/sOcrBNna3\nAkglRjSmmgAmU8xkdA3ul/3ROIwn22xgp61BIRCwPVCLDOx5KfQ8/w==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-26T18:29:50Z",
Expand Down
6 changes: 3 additions & 3 deletions hosts/luna/users/shorty/secrets/passwd
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBaNXJ4TDNxa2FQS2FRSCs2\nVUNSME5SSEtUWTE5OHUveUtHWGVXMHRZZ3pvClljV0Z5OFNyWVpRU3ZTQlVjZng2\nTkc2S0pod01Oa3dHeWlHQWdYTTFnQTAKLS0tIEJpSHk2RHFabG54eGNPTVRIMHBU\nNkZTWVRMenZZamdzTHBzUUFJbGVsT3MKTwwrMTNUIOq8lTvC7uPyYV0n/6eVsF1v\nDIWopzau+JLckuGeddi5W++D3qT2V1Y+37u9MqbBeks1oQ7NENtbvw==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBY1ZtdkVEUjRBZkZHNXox\ndWFhY3dIR2UzRmljNWU2cHk0dC9IU2pxVEVjCnhObHUzdVE3Sm9zdGEwK2pKVldP\neUtCZlk3VHhrQk1mMjFaSjI5ZTZqc3cKLS0tIFJyRjlLbk9ZUWVaZEd6UVRNOElt\ncTFPN0x1ckZXVFVGdVhYU2k0SjFiZG8KhvILNAzA44RmuvHlzmqVozyB6r2ZbQch\nl3S8pq0pQ5yN+4DKWKeNK8QEFZ5QCs8Ts/14wbJpdrVsQCkHy5R29w==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age10a049meemjvgdgukx6zu5lwu82mqul83l7fyd66tzy9sm8637s7q07ujez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPalNaM2s3MU5uTTNrY0Zz\naTRmbktXVjhmYnZZTTl0WVJZYnZSZHBmclZVClFiYXBpM2xDc2JJZmV1V2dPVEIv\nTjdnU0dmSy96czhMV3YyZGxxRnBEQUUKLS0tIHNoazhXd3M0Wks2Vk1BSTArd1Rt\nNWQ0QTI4bm83U0xhN21ZWmxOTjhVK1UK9jKeX87VhO40kEUG4JDkLOgTKHb5i+5d\nEVJY3KEsbbF0V3H0ND9GJ8MuF1b9RMWjGMkEcardkLuy1M1nmtetDw==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvWGJwaC9MMUJnZ0hVNG1H\nWGhKZzBkbEFpU1g3ZWJCUWlWRFdjMUY4cWxvCmhGUzFhU1ZJMW9Yc1E3Z1FLVXl2\nODhSWEJaUG9EQUhpSE5sd3MrNFA5U3cKLS0tIDlzY1gvMGI5WG83OTh4aVB2UWNO\nd2hoUGVnN01EZnhCY3MyL3FFWm1GTkUKpHob+VsJ7nmI+6avBOl2+hNz+9RQge9Y\n4WJQWkjokBNDVe/UOzRBWBWFzP/BmBzDSSepeqGWLP33ZP8R2wUnjQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-03-11T21:49:48Z",
Expand Down
6 changes: 3 additions & 3 deletions hosts/mars/users/shorty/secrets/id_ed25519
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtY3RYcThGR25EalVJYkZZ\nLzUrOFZTTnI3VkRzTCt3WFVMaHdKN0JldkdjCjQyN0RkeEpxZGxRNTdScHVCTlhP\nUXltd0N2eXIxNjZ1ZzJMNjBlV3NwcFUKLS0tIEU2VEVXcTFWazcvZjJZTkVDVHpU\nbDlTK0tPam5CL0dtWi9LQVl6TVZFZFEKIl9wJGCTj/nvVABbetcZOZZw3jXvGAI2\nnAqhoEKTtiMexBmip2eiIt+bKFSTD4TAlsd+uayFZ7J7ACbJecXlTw==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuaDlMUVZwMExGNk1mU3lX\nWG94RmxXckg3R1BIOTZnbnQ1MTFBVmxobWdnCkZoUDZzNGkyRjRRRlBJdDF3QUt3\nVGltVzhSY2tzMEo0eTltQ08zWkN1dTgKLS0tIHhDRFRyL2I4Qnp1OHhWV2ZaUld2\nOXh0V1BuTkN0NUJHTm53UzNzcmRKMG8K6IBsrkRwRFJDt4jjhUUg7UcWLQK94t02\nZggif+q3yDuFkVRfVS6yxyMXti9BdcoCmcGS7O/fBRcdh61LMEwxRw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzSmtzM044em9sR3R2TnN5\nSmUybWNKMmZtTmszcVRTbURjdk9zdnQ3ajNFCktaZTVmZWQzWUNMSGZLQmFBMkdx\nWUFUNXNmYzFSazhGZTVzbU41eFBhUFkKLS0tIGwxNzFydHYwR1dnSFdqZGJ3MkFj\neVk5TUhoa1orYlJHcm1jNVBPemJVTncK6qiqkJT9UOFjxv+NiYmYuVB1EMXRU1R3\nsMagZ7ZNkr+ZXEkxl2HhHHTa/vvQvzFfimppIIg9x/+Hz/ACc/5wxw==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvTmJtemFEVzhSay9HamdM\nMzBiMC8zZnpXcVFlNHJQNG41K0FiSTBsQlZ3CmkzRUI2a21hcmFNbDBva25JcTFk\nbWNpQldhZG5qM2pxZCtWcER0S2lEMFEKLS0tIGRDa0JEZkFOaThGMTh1TTFpSmRh\nSm9LYlhqSzNhRDlnTUF6MEhjZlBSanMKHzSjslqK/HiSNMaBtNYNX06Dkfjb7Auf\nDwC+LzRhpSJdi6W99OLYiCyIOMeeCZs73u9gOw2ZwXRaCxE0lMM8mQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-24T11:14:20Z",
Expand Down
6 changes: 3 additions & 3 deletions hosts/mars/users/shorty/secrets/id_ed25519.pub
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOR1R0eTI4cnpWRkZacjl5\nZVlxNkFBYmcyZS9DQU10REx6OFhXckliVmwwCkhWMk5GQWExT2YrWHVlcTN4M3hJ\nNWVRQkF1dHR1aFllWmZuT1VkZzNBbFkKLS0tIEtEaVFVQ3JSY205aFpzZU4rTjE4\nejlFWFdzSW5RL2IwY3NCZGdBSUk5S2cK30gyNvKixN2YVjnfeKPvHZ8whO9E2LmC\n3TgQMWonEpK6YNw/7KNSjvs9N2dcIg3xq9kSJJe2I0oX+Zihv2GZvw==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKdkEwN3V1eEZSSXBhZmJN\nMnQvdFpqcFVZazNQN3hJV21QN3I0MmpWZms4Cno2V0xyemJBUXhXVHE5SEdrUmFr\nYWsvdXJOaWNYcE5jN0M3MGhmclpXY2MKLS0tIEJvb2F3UEVkY0UxUlp5TWNua2RF\nZmdzQWpYclBBeXFITzlLbVp5QmNrdkUKK/AzjA5MyrKAhTrKy5V+NwaUW93QATcP\n6TjphiCafQhquVI1bc+E9R9tUSnrUrwRveIUfbmHipXAn1xB/H0n/g==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyaFJyN3BneSs4RWFtQWVz\nblM5N245TzFGRzdPRzNyQk43SldWN1JHbmprCjFZajhhbTJBd0xlYTB2RVZmOTVT\nM2FCU1VQVTRaQlVKRDVncExuU09GZzgKLS0tIFlDM1NRZFJMUUk4YjJxSThNWTJp\nMXVOTkEzbWJuL1RNQ29MNzkwcTdNMUkKp8Ad8LB5s1h4dbbuVX/s+AgZaee6Un9M\nRhq1xtvDh/7vfpGu/btfoivBhU+OO4eyTHxo54llcsnRgkrqAxj1GA==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxQ0orSWRzZE03RHRUZVdS\ndUkwRzFJN3h4WUxVSGtyMVlkemt4aHNRQWcwCjdBMUJUaUpCYUpvREFyVmxVdTlJ\nZWZTaTV5aVd6eW1NUkNnQXF5RlJqRE0KLS0tIFVTd0ZxQm5jVkhLVUQ0UFZCN3RK\nYW1CM2psaUgyZSswK1RJVkJHN0l1aFEK5j6BWgI40tvPDhSLCqOSytfwKQWwtueZ\n+VaBhRjy5yw2UQ6k/2/hb8oCLja7DFGoirnZMCZewLhX38Rnvp7hxQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-26T18:29:50Z",
Expand Down
6 changes: 3 additions & 3 deletions hosts/mars/users/shorty/secrets/passwd
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPTU93dlZWekh2d1NURGd5\nOHF2RDlqejhROXZNSXdWT1p6cXg2eTFhQlNFCkdBUVgxRTVWMmFSaFJEdlpjSW90\nT1NCaThMYUFMSFdTY3pCd3NES05lakEKLS0tIE1aK2JYSEdJWlhobWFnTkFrdDJv\nbGdJRzd5YmFIN0lISkEzUkROSVMrcXMK2ewODkbZIp/zS7MqCMP65eg/y/WiqWFX\nx4Tc1vFiH7AYnG9eW+jidsmbc4OOs1CzU03MmqJcnhuIcTLh1TdRwg==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJMTRWM2RBdHVob21nK2o2\nY29MM3JEc1lUNFNjcFdKVEdzem9FbC9lWFhRCjZMeituVzlTVExTc2UxU21jWis2\nRFViS055Ump6OXozYTJhSXVUSUlRNlUKLS0tIDFBTU4xZ21YUVhPTUgraFdlSTVY\nZEdrb0huVmVXWUw3SHNLTVg2enZMR0kKpbLnkp0Qjph+EwcKRwOdcqSmIIDXR6XH\nopLe7bAwLlzZWK4Vvs3UuXfOtSZaCvHUAEvi1QMDgO92q2EZw1tTrw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzQzhjVmJJdmNRYmNleWk1\nU2JIeWFpajc1UlFXdHhXRnVBOStUTmVvakZFCm9hYll3NXR2OG1Fd0hZejZmcVhj\naUc4a1NGYWU0clY3bm4xdThhSXZsemcKLS0tIG9idWxGdDVUbGc3YWtVcjNaMm9p\nMUtQL3gvblEwNENBblNPdnJpYXJaUTAKzsw8wrJhMuBw7z+Ewj6/lyMwgVnMOgaG\nMTMN6nUiaX4WjL1OPJrcdthNICTW73niale2vCNZPt9LQqL8l51SuA==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4dmhOMmlYWnB0Y3Z6NWdW\ncThUbWg1empjbVRnS3FvY0MxTzlQczJod1dZCkFiRXB5eDg0TWptbUl3YVVJTGpH\ncW1SOThXejZDa1lFWG9NMnNIOG5aWEUKLS0tIElpOFJuL05sQTY3ZHJoOEdqRjJL\nUFRqY0Z4L3B5eFRFR2xOWVJtL3V3Nk0KKHTY3ErygB7/sSCjIrEDI2IY68/QKGUX\nmzgaDB2tqFDFMmNm9jLiawBprtTXxbaY0W7mwF+mBXQMF3IFj3BQ0w==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-03-11T21:49:48Z",
Expand Down
8 changes: 4 additions & 4 deletions hosts/shared/secrets/rclone.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,16 @@
"sops": {
"age": [
{
"recipient": "age1hy523tlslqas8qgs0lxgxanp9gx06fjekn608w4qf66mxkjzmucqh0g6vg",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4MGM2dnMwNGlSQ1JhYys2\nSGUwRis4YzVDZVdlWllVajhrV3puR2x6VnhzCitXU2N0cWJISEdqeFlRUVltdEw2\nT2s1eUpBT1A2VXowYWhhMXJoV2RKUVUKLS0tIHlJWm5QUktpU0dFWlJpZnNsY3FR\na3B2ZVBYeXZtenhHVFNhb2ZWTFprNEEKTiMVhH4bRAp7+qy4MhZTZirW8Iusi7/w\nMirjR7WtHYI1fHtg09ZBRqxAbclxFah1f3Lpe5PzvZ09Aa3pMyuzEA==\n-----END AGE ENCRYPTED FILE-----\n"
"recipient": "age1fczq47wpa2wpm9ejy85qw3axw2c9v0f4qrywv5amnuqsjc87ws6qx75pfr",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjV3R6b2wvZ0U3RjdMbVJO\naElNLzN5MkQ3L3pheUZOcHJ1Qm81RXJnVGlnClliUFFOOTJrTWtmRFJkWlNPa05i\ndlVYNEExVDBYRkNSd2ZUMHFkWG1DVU0KLS0tICttSHo4K3JVeDlsQVNJTDZJNExX\nVnViWWV1VzVZUkpyN29FczRSVjNTSDQKUevwEgjQDm+kNG27/NLyU6L5eOG2JRB3\nUqInB7bdt6+VknQszVUShce+FFep+7aKg6Pwi0CpZ7cNKUBRbSviDw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age10a049meemjvgdgukx6zu5lwu82mqul83l7fyd66tzy9sm8637s7q07ujez",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxNUV4VE03dHNZeEh3SU5t\nbjJDdUxSMHN4OWpIbitHZk9wQ1k1b3dBOGprCkdNbThOM0xPS04wNENtVEY2MmZM\nY0NsM2FKK2ZyZm5xMTI4Q3FsZ0Vkd0UKLS0tIC8vY3I5VmoxbmM2a0xrVFI5am9G\naHJVVnJqTytLTFpoQ3h0WXN2ZFVIaGsKV14Jcw9BNzqqPDWLetPBFKMdJgKKzuAG\nY6m2UYcYZwNUW+PEldrJw9EKz+LmsVRccB+k7SrenlMpazdKhjS2Ag==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqcFYrZHpLanRIK0Q4c1hr\nYktmYStKd0loRlpTQmVQUkE3NDZWS1I5YlFrCnJoYW5lRGNvdEhPTGJzRzVSQXJI\nQUx4ZFN2TnV4WnN6M3Q3Y3RkL2xGdUEKLS0tIFl1eWw4enY5QlZCdEp3SlF3RFVR\nRkJERldsamFpNG5SekpIc2ZwcHowQmMK0TiAWqcBk0nft+PzRWJBGmhhQrxZJRie\nrBf5hVmseKAWTVeuSeBVi1XVGLqQttsLClNmu8J7g2nPmHaiAqztOg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1epkfxmjk0tlne8rmxqq77u06q3lnf5xfjcrwq42nuasswefndyfscw84cy",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4c0hkN0VTSGdkdjJyaUZ6\nSUE4K0YwNnpOaDg0MnUzVFNWK01jY1FQUWtVCnBvTEZYVW5Oc3lZWW5FREI1QXgy\nZ3d4Ny9IdWN0cU5HOEZNWEJEWml2SncKLS0tIGd3THh0TXZHbU03T2YrNUdGbjdN\nNlB2L0R1dFNOdzZyY2FxaVVPMlJjNkkKgCSaMuigobeNLC19vzGT/loYkHIHPCke\nFzAIKJpyi3LVCYFxKAxH3H6yHnrZE0Tl00lO+h3yo8pyJUqEhVSNEA==\n-----END AGE ENCRYPTED FILE-----\n"
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2SFZOSWZidWZBSlczOGVm\nZzdNcG4wMlROSDkzQ0NjN2ZINU5GYXVldVNJCnBYM1N2TUZXVHRCbzByRE91Q1F4\nM2JTajgrK3MvZElqdEJ2SXF3OFhKN00KLS0tIFZFL28xM3VjMHB6UVBubWx6c0dz\nVk1xcGpOUFdWNUlpUk5PK2tCblVEdE0Kp1uoxyEGpW06HmeXQHN5yigoqPBYtFv7\nPQG2F0YaWGqR6HNREgQB276qEmjkIRHEhHE1RnCxw900UvuOw4HsTQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-02-12T10:44:19Z",
Expand Down
8 changes: 8 additions & 0 deletions modules/btrfs.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,14 @@ with lib;
"compress=zstd"
"noatime"
];
"/persist" = {
options = [
"subvol=persist"
"compress=zstd"
"noatime"
];
neededForBoot = true;
};
"/var/log" = {
options = [
"subvol=log"
Expand Down
3 changes: 3 additions & 0 deletions modules/docker.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,5 +103,8 @@ with lib;
};
};

host.impermanence.directories = mkIf config.host.impermanence.enable [
"/var/lib/docker"
];
};
}
44 changes: 25 additions & 19 deletions modules/impermanence.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
pkgs,
...
}:

let
cfg = config.host.impermanence;
Expand All @@ -25,30 +30,31 @@ with lib;

boot.initrd.systemd = {
services.rollback = {
description = "Rollback BTRFS root subvolume to a pristine state";
wantedBy = [ "initrd.target" ];
after = [ "systemd-cryptsetup@pool0_0.service" ];
before = [ "sysroot.mount" ];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = # sh
''
mkdir -p /mnt
mount -o subvol=/ /dev/mapper/pool0_0 /mnt
description = "Rollback BTRFS root subvolume to a pristine state";
serviceConfig = {
Type = "oneshot";
ExecStart =
pkgs.writeShellScript "btrfs-rollback" # sh
''
mkdir -p /mnt
mount -o subvol=/ /dev/mapper/pool0_0 /mnt

btrfs subvolume list -o /mnt/root | cut -f9 -d ' ' | while read subvolume; do
echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume"
done
btrfs subvolume list -o /mnt/root | cut -f9 -d ' ' | while read subvolume; do
echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume"
done

echo "deleting /root subvolume..."
btrfs subvolume delete /mnt/root
echo "deleting /root subvolume..."
btrfs subvolume delete /mnt/root

echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/root-blank /mnt/root
echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/root-blank /mnt/root

umount /mnt
'';
umount /mnt
'';
};
};
};
};
Expand Down
6 changes: 2 additions & 4 deletions modules/network/dnsmasq.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,10 @@ with lib;
server = [
"9.9.9.9"
"149.112.112.112"
"2620:fe::fe"
"2620:fe::9"
"1.1.1.1"
"1.0.0.1"
"2606:4700:4700::1111"
"2606:4700:4700::1001"
"8.8.8.8"
"8.8.4.4"
];
};
};
Expand Down
6 changes: 4 additions & 2 deletions modules/network/manager.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,10 @@ with lib;
nameservers = [
"9.9.9.9"
"149.112.112.112"
"2620:fe::fe"
"2620:fe::9"
"1.1.1.1"
"1.0.0.1"
"8.8.8.8"
"8.8.4.4"
];
resolvconf.enable = false;
stevenblack.enable = true; # stevenblack hosts file blocklist
Expand Down