From 8526b265231304ea2a621b6b1669d935c0cb0900 Mon Sep 17 00:00:00 2001
From: Alexander Szczepanski <alexander@szczepan.ski>
Date: Tue, 3 Dec 2024 15:47:46 +0100
Subject: [PATCH] vps-arm-2024-12-03-15-47-46

---
 configs/common-linux.nix          |  2 +-
 fs-diff.sh                        |  3 +-
 machine/vps-arm/configuration.nix | 12 ++++----
 services/adguardhome.nix          |  4 +--
 services/frigate.nix              |  4 +--
 services/goaccess.nix             |  4 +--
 services/immich.nix               | 46 +++++++++++++++++++++++++++++++
 services/nextcloud.nix            |  5 ----
 8 files changed, 57 insertions(+), 23 deletions(-)
 create mode 100644 services/immich.nix

diff --git a/configs/common-linux.nix b/configs/common-linux.nix
index bc693c6..572a829 100644
--- a/configs/common-linux.nix
+++ b/configs/common-linux.nix
@@ -6,7 +6,7 @@
   ...
 }: {
   imports = [
-    ./configs/common.nix
+    ./common.nix
   ];
 
   boot = {
diff --git a/fs-diff.sh b/fs-diff.sh
index ef450df..10dcd70 100755
--- a/fs-diff.sh
+++ b/fs-diff.sh
@@ -8,8 +8,7 @@ OLD_TRANSID=${OLD_TRANSID#transid marker was }
 sudo btrfs subvolume find-new "/fs-diff/root" "$OLD_TRANSID" |
 sed '$d' |
 cut -f17- -d' ' |
-sort |
-uniq |
+sort |uniq |
 while read path; do
   path="/$path"
   if [ -L "$path" ]; then
diff --git a/machine/vps-arm/configuration.nix b/machine/vps-arm/configuration.nix
index 9aa85f1..c2cf7c6 100644
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@@ -5,24 +5,22 @@
   outputs,
   inputs,
   ...
-}: let
-  secrets = import ../../configs/secrets.nix;
-  be = import ../../configs/borg-exclude.nix;
-in {
+}: {
   imports = [
     ./hardware-configuration.nix
     ../../configs/common-linux.nix
     ../../configs/docker.nix
     ../../configs/user.nix
 
-    ../../services/atuin.nix
     ../../services/adguardhome.nix
+    ../../services/atuin.nix
     ../../services/frigate.nix
     ../../services/gitea.nix
+    ../../services/goaccess.nix
+    ../../services/headscale.nix
+    ../../services/immich.nix
     ../../services/nextcloud.nix
     ../../services/uptime-kuma.nix
-    ../../services/headscale.nix
-    ../../services/goaccess.nix
   ];
 
   sops = {
diff --git a/services/adguardhome.nix b/services/adguardhome.nix
index 897b8ab..31149f5 100644
--- a/services/adguardhome.nix
+++ b/services/adguardhome.nix
@@ -20,7 +20,7 @@ in {
           forceSSL = true;
           enableACME = true;
           locations = {
-            "/" = {proxyPass = "https://127.0.0.1:3003/";};
+            "/" = {proxyPass = "https://127.0.0.1:3004/";};
           };
         };
       };
@@ -71,7 +71,7 @@ in {
           allow_unencrypted_doh = false;
           port_dns_over_tls = 853;
           port_dns_over_quic = 0;
-          port_https = 3003;
+          port_https = 3004;
           certificate_chain = "";
           private_key = "";
           certificate_path = "/var/lib/AdGuardHome/chain.pem";
diff --git a/services/frigate.nix b/services/frigate.nix
index 1487780..ec8676f 100644
--- a/services/frigate.nix
+++ b/services/frigate.nix
@@ -3,9 +3,7 @@
   lib,
   pkgs,
   ...
-}: let
-  secrets = import ../configs/secrets.nix;
-in {
+}: {
   environment = {
     persistence."/persist" = {
       directories = [
diff --git a/services/goaccess.nix b/services/goaccess.nix
index ad305b2..f39e759 100644
--- a/services/goaccess.nix
+++ b/services/goaccess.nix
@@ -3,9 +3,7 @@
   lib,
   pkgs,
   ...
-}: let
-  secrets = import ../configs/secrets.nix;
-in {
+}: {
   environment = {
     systemPackages = with pkgs; [
       goaccess
diff --git a/services/immich.nix b/services/immich.nix
new file mode 100644
index 0000000..3722772
--- /dev/null
+++ b/services/immich.nix
@@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  environment = {
+    persistence."/persist" = {
+      directories = [
+        "/var/lib/immich"
+        "/var/lib/redis-immich"
+      ];
+    };
+  };
+
+  services = {
+    nginx = {
+      virtualHosts = {
+        "immich.szczepan.ski" = {
+          forceSSL = true;
+          enableACME = true;
+          locations = {"/" = {proxyPass = "http://[::1]:2283/";};};
+        };
+      };
+    };
+
+    # postgresql = {
+    #   enable = true;
+    #   ensureDatabases = [
+    #     config.services.nextcloud.config.dbname
+    #   ];
+    #   ensureUsers = [
+    #     {
+    #       name = config.services..config.dbuser;
+    #       ensureDBOwnership = true;
+    #       # ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";
+    #     }
+    #   ];
+    # };
+
+    immich = {
+      enable = true;
+      settings.server.externalDomain = "https://immich.szczepan.ski";
+    };
+  };
+}
diff --git a/services/nextcloud.nix b/services/nextcloud.nix
index 2c62faf..9c3e738 100644
--- a/services/nextcloud.nix
+++ b/services/nextcloud.nix
@@ -5,11 +5,6 @@
   ...
 }: {
   environment = {
-    systemPackages = with pkgs; [
-      goaccess
-      xd
-      nyx
-    ];
     persistence."/persist" = {
       directories = [
         "/var/lib/nextcloud"