diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 52eb452..9aa2e34 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -226,7 +226,6 @@ postgresql = { enable = true; adminUsers = ["leyla"]; - impermanence.enable = false; }; # temp enable desktop environment for setup @@ -245,7 +244,6 @@ reverseProxy = { enable = true; openFirewall = true; - impermanence.enable = false; acme = { enable = true; email = "jan-leila@protonmail.com"; @@ -255,7 +253,6 @@ ollama = { enable = true; exposePort = true; - impermanence.enable = false; environmentVariables = { OLLAMA_KEEP_ALIVE = "24h"; @@ -290,7 +287,6 @@ enable = true; authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/defiant".path; useRoutingFeatures = "server"; - impermanence.enable = false; extraUpFlags = [ "--advertise-exit-node" "--advertise-routes=192.168.0.0/24" @@ -303,33 +299,24 @@ ]; }; - syncthing = { - enable = true; - impermanence.enable = false; - }; + syncthing.enable = true; - fail2ban = { - enable = true; - impermanence.enable = false; - }; + fail2ban.enable = true; jellyfin = { enable = true; domain = "media.jan-leila.com"; extraDomains = ["jellyfin.jan-leila.com"]; - impermanence.enable = false; }; immich = { enable = true; domain = "photos.jan-leila.com"; - impermanence.enable = false; }; forgejo = { enable = true; reverseProxy.domain = "git.jan-leila.com"; - impermanence.enable = false; }; searx = { @@ -340,7 +327,6 @@ actual = { enable = true; domain = "budget.jan-leila.com"; - impermanence.enable = false; }; home-assistant = { @@ -348,7 +334,6 @@ domain = "home.jan-leila.com"; openFirewall = true; postgres.enable = true; - impermanence.enable = false; extensions = { sonos.enable = true; @@ -361,13 +346,11 @@ enable = true; domain = "documents.jan-leila.com"; passwordFile = config.sops.secrets."services/paperless_password".path; - impermanence.enable = false; }; panoramax = { enable = false; openFirewall = true; - impermanence.enable = false; }; crab-hole = { @@ -375,7 +358,6 @@ port = 8085; openFirewall = true; show_doc = true; - impermanence.enable = false; downstreams = { host = { enable = true; @@ -391,38 +373,31 @@ mediaDir = "/srv/qbittorent"; openFirewall = true; webuiPort = 8084; - impermanence.enable = false; }; sonarr = { enable = true; openFirewall = true; - impermanence.enable = false; }; radarr = { enable = true; openFirewall = true; - impermanence.enable = false; }; bazarr = { enable = true; openFirewall = true; - impermanence.enable = false; }; lidarr = { enable = true; openFirewall = true; - impermanence.enable = false; }; jackett = { enable = true; openFirewall = true; - impermanence.enable = false; }; flaresolverr = { enable = true; openFirewall = true; - impermanence.enable = false; }; }; diff --git a/configurations/nixos/defiant/default.nix b/configurations/nixos/defiant/default.nix index d53f9cc..3013946 100644 --- a/configurations/nixos/defiant/default.nix +++ b/configurations/nixos/defiant/default.nix @@ -4,6 +4,5 @@ ./hardware-configuration.nix ./configuration.nix ./packages.nix - ./legacy-impermanence.nix ]; } diff --git a/configurations/nixos/defiant/legacy-impermanence.nix b/configurations/nixos/defiant/legacy-impermanence.nix deleted file mode 100644 index 5d6081c..0000000 --- a/configurations/nixos/defiant/legacy-impermanence.nix +++ /dev/null @@ -1,214 +0,0 @@ -# Legacy impermanence module for defiant -# This module contains all the impermanence configurations that were previously -# handled by individual service modules on the main branch. It allows us to -# merge the storage-refactor branch into main while keeping current functionality, -# and then migrate services one at a time to the new automated impermanence system. -# -# To migrate a service to the new system: -# 1. Remove the service's configuration from this file -# 2. Set `impermanence.enable = true` for that service in configuration.nix -# 3. Remove `impermanence.enable = false` from the service configuration -{ - config, - lib, - ... -}: { - config = lib.mkIf config.storage.impermanence.enable { - environment.persistence."/persist/replicate/system/root" = { - enable = true; - hideMounts = true; - directories = lib.mkMerge [ - # PostgreSQL - (lib.mkIf config.services.postgresql.enable [ - { - directory = "/var/lib/postgresql/16"; - user = "postgres"; - group = "postgres"; - } - ]) - - # Reverse Proxy (ACME) - (lib.mkIf config.services.reverseProxy.enable [ - { - directory = "/var/lib/acme"; - user = "acme"; - group = "acme"; - } - ]) - - # Ollama - (lib.mkIf config.services.ollama.enable [ - { - directory = "/var/lib/private/ollama"; - user = config.services.ollama.user; - group = config.services.ollama.group; - mode = "0700"; - } - ]) - - # Tailscale - (lib.mkIf config.services.tailscale.enable [ - { - directory = "/var/lib/tailscale"; - user = "root"; - group = "root"; - } - ]) - - # Syncthing - (lib.mkIf config.services.syncthing.enable [ - { - directory = "/mnt/sync"; - user = "syncthing"; - group = "syncthing"; - } - { - directory = "/etc/syncthing"; - user = "syncthing"; - group = "syncthing"; - } - ]) - - # Fail2ban - (lib.mkIf config.services.fail2ban.enable [ - { - directory = "/var/lib/fail2ban"; - user = "fail2ban"; - group = "fail2ban"; - } - ]) - - # Jellyfin - (lib.mkIf config.services.jellyfin.enable [ - { - directory = "/var/lib/jellyfin"; - user = "jellyfin"; - group = "jellyfin"; - } - { - directory = "/var/cache/jellyfin"; - user = "jellyfin"; - group = "jellyfin"; - } - ]) - - # Immich - (lib.mkIf config.services.immich.enable [ - { - directory = "/var/lib/immich"; - user = "immich"; - group = "immich"; - } - ]) - - # Forgejo - (lib.mkIf config.services.forgejo.enable [ - { - directory = "/var/lib/forgejo"; - user = "forgejo"; - group = "forgejo"; - } - ]) - - # Actual - (lib.mkIf config.services.actual.enable [ - { - directory = "/var/lib/private/actual"; - user = "actual"; - group = "actual"; - } - ]) - - # Home Assistant - (lib.mkIf config.services.home-assistant.enable [ - { - directory = "/var/lib/hass"; - user = "hass"; - group = "hass"; - } - ]) - - # Paperless - (lib.mkIf config.services.paperless.enable [ - { - directory = "/var/lib/paperless"; - user = "paperless"; - group = "paperless"; - } - ]) - - # Crab-hole - (lib.mkIf config.services.crab-hole.enable [ - { - directory = "/var/lib/private/crab-hole"; - user = "crab-hole"; - group = "crab-hole"; - } - ]) - - # qBittorrent - (lib.mkIf config.services.qbittorrent.enable [ - { - directory = "/var/lib/qBittorrent/"; - user = "qbittorrent"; - group = "qbittorrent"; - } - ]) - - # Sonarr - (lib.mkIf config.services.sonarr.enable [ - { - directory = "/var/lib/sonarr/.config/NzbDrone"; - user = "sonarr"; - group = "sonarr"; - } - ]) - - # Radarr - (lib.mkIf config.services.radarr.enable [ - { - directory = "/var/lib/radarr/.config/Radarr"; - user = "radarr"; - group = "radarr"; - } - ]) - - # Bazarr - (lib.mkIf config.services.bazarr.enable [ - { - directory = "/var/lib/bazarr"; - user = "bazarr"; - group = "bazarr"; - } - ]) - - # Lidarr - (lib.mkIf config.services.lidarr.enable [ - { - directory = "/var/lib/lidarr/.config/Lidarr"; - user = "lidarr"; - group = "lidarr"; - } - ]) - - # Jackett - (lib.mkIf config.services.jackett.enable [ - { - directory = "/var/lib/jackett/.config/Jackett"; - user = "jackett"; - group = "jackett"; - } - ]) - - # FlareSolverr - (lib.mkIf config.services.flaresolverr.enable [ - { - directory = "/var/lib/flaresolverr"; - user = "flaresolverr"; - group = "flaresolverr"; - } - ]) - ]; - }; - }; -}