vps-arm-2024-12-03-15-47-46

configs/common-linux.nix

@@ -6,7 +6,7 @@
   ...
 }: {
   imports = [
-    ./configs/common.nix
+    ./common.nix
   ];
 
   boot = {

fs-diff.sh

@@ -8,8 +8,7 @@ OLD_TRANSID=${OLD_TRANSID#transid marker was }
 sudo btrfs subvolume find-new "/fs-diff/root" "$OLD_TRANSID" |
 sed '$d' |
 cut -f17- -d' ' |
-sort |
+sort |uniq |
-uniq |
 while read path; do
   path="/$path"
   if [ -L "$path" ]; then

machine/vps-arm/configuration.nix

@@ -5,24 +5,22 @@
   outputs,
   inputs,
   ...
-}: let
+}: {
-  secrets = import ../../configs/secrets.nix;
-  be = import ../../configs/borg-exclude.nix;
-in {
   imports = [
     ./hardware-configuration.nix
     ../../configs/common-linux.nix
     ../../configs/docker.nix
     ../../configs/user.nix
 
-    ../../services/atuin.nix
     ../../services/adguardhome.nix
+    ../../services/atuin.nix
     ../../services/frigate.nix
     ../../services/gitea.nix
+    ../../services/goaccess.nix
+    ../../services/headscale.nix
+    ../../services/immich.nix
     ../../services/nextcloud.nix
     ../../services/uptime-kuma.nix
-    ../../services/headscale.nix
-    ../../services/goaccess.nix
   ];
 
   sops = {

services/adguardhome.nix

@@ -20,7 +20,7 @@ in {
           forceSSL = true;
           enableACME = true;
           locations = {
-            "/" = {proxyPass = "https://127.0.0.1:3003/";};
+            "/" = {proxyPass = "https://127.0.0.1:3004/";};
           };
         };
       };
@@ -71,7 +71,7 @@ in {
           allow_unencrypted_doh = false;
           port_dns_over_tls = 853;
           port_dns_over_quic = 0;
-          port_https = 3003;
+          port_https = 3004;
           certificate_chain = "";
           private_key = "";
           certificate_path = "/var/lib/AdGuardHome/chain.pem";

services/frigate.nix

@@ -3,9 +3,7 @@
   lib,
   pkgs,
   ...
-}: let
+}: {
-  secrets = import ../configs/secrets.nix;
-in {
   environment = {
     persistence."/persist" = {
       directories = [

services/goaccess.nix

@@ -3,9 +3,7 @@
   lib,
   pkgs,
   ...
-}: let
+}: {
-  secrets = import ../configs/secrets.nix;
-in {
   environment = {
     systemPackages = with pkgs; [
       goaccess

services/immich.nix

@@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  environment = {
+    persistence."/persist" = {
+      directories = [
+        "/var/lib/immich"
+        "/var/lib/redis-immich"
+      ];
+    };
+  };
+
+  services = {
+    nginx = {
+      virtualHosts = {
+        "immich.szczepan.ski" = {
+          forceSSL = true;
+          enableACME = true;
+          locations = {"/" = {proxyPass = "http://[::1]:2283/";};};
+        };
+      };
+    };
+
+    # postgresql = {
+    #   enable = true;
+    #   ensureDatabases = [
+    #     config.services.nextcloud.config.dbname
+    #   ];
+    #   ensureUsers = [
+    #     {
+    #       name = config.services..config.dbuser;
+    #       ensureDBOwnership = true;
+    #       # ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";
+    #     }
+    #   ];
+    # };
+
+    immich = {
+      enable = true;
+      settings.server.externalDomain = "https://immich.szczepan.ski";
+    };
+  };
+}

services/nextcloud.nix

@@ -5,11 +5,6 @@
   ...
 }: {
   environment = {
-    systemPackages = with pkgs; [
-      goaccess
-      xd
-      nyx
-    ];
     persistence."/persist" = {
       directories = [
         "/var/lib/nextcloud"