From 5563a1718fc7ba7026b0ddf82eb69c5aa667db98 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Wed, 3 Nov 2021 14:43:16 +0100 Subject: [PATCH] WIP: add notes for missing persistence/backup TODO: * Look at for more inspiration https://github.com/nix-community/impermanence/pull/108 * Do home-manager * Common files https://github.com/nix-community/impermanence/issues/10 --- modules/nixos/services/aria/default.nix | 2 ++ modules/nixos/services/audiobookshelf/default.nix | 2 ++ modules/nixos/services/drone/runner-docker/default.nix | 2 ++ modules/nixos/services/drone/runner-exec/default.nix | 2 ++ modules/nixos/services/drone/server/default.nix | 2 ++ modules/nixos/services/fail2ban/default.nix | 2 ++ modules/nixos/services/flood/default.nix | 2 ++ modules/nixos/services/grocy/default.nix | 3 +++ modules/nixos/services/komga/default.nix | 2 ++ modules/nixos/services/mealie/default.nix | 3 +++ modules/nixos/services/miniflux/default.nix | 3 +++ modules/nixos/services/nextcloud/collabora.nix | 2 ++ modules/nixos/services/pdf-edit/default.nix | 2 ++ modules/nixos/services/pyload/default.nix | 3 +++ modules/nixos/services/tandoor-recipes/default.nix | 3 +++ modules/nixos/services/vikunja/default.nix | 2 ++ modules/nixos/services/woodpecker/agent-docker/default.nix | 2 ++ modules/nixos/services/woodpecker/agent-exec/default.nix | 2 ++ modules/nixos/services/woodpecker/server/default.nix | 2 ++ 19 files changed, 43 insertions(+) diff --git a/modules/nixos/services/aria/default.nix b/modules/nixos/services/aria/default.nix index acbf0b73..49466635 100644 --- a/modules/nixos/services/aria/default.nix +++ b/modules/nixos/services/aria/default.nix @@ -69,6 +69,8 @@ in }; }; + # FIXME: persistence? + # NOTE: unfortunately aria2 does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/audiobookshelf/default.nix b/modules/nixos/services/audiobookshelf/default.nix index 04ec8b91..9985a268 100644 --- a/modules/nixos/services/audiobookshelf/default.nix +++ b/modules/nixos/services/audiobookshelf/default.nix @@ -34,6 +34,8 @@ in }; }; + # FIXME: persistence? + services.fail2ban.jails = { audiobookshelf = '' enabled = true diff --git a/modules/nixos/services/drone/runner-docker/default.nix b/modules/nixos/services/drone/runner-docker/default.nix index e53c608e..1db263bd 100644 --- a/modules/nixos/services/drone/runner-docker/default.nix +++ b/modules/nixos/services/drone/runner-docker/default.nix @@ -39,5 +39,7 @@ in extraGroups = [ "docker" ]; # Give access to the daemon }; users.groups.drone-runner-docker = { }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/drone/runner-exec/default.nix b/modules/nixos/services/drone/runner-exec/default.nix index a9bb563f..c30a1a2c 100644 --- a/modules/nixos/services/drone/runner-exec/default.nix +++ b/modules/nixos/services/drone/runner-exec/default.nix @@ -63,5 +63,7 @@ in group = "drone-runner-exec"; }; users.groups.drone-runner-exec = { }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/drone/server/default.nix b/modules/nixos/services/drone/server/default.nix index a3a1e496..b5d5df7f 100644 --- a/modules/nixos/services/drone/server/default.nix +++ b/modules/nixos/services/drone/server/default.nix @@ -50,5 +50,7 @@ in inherit (cfg) port; }; }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/fail2ban/default.nix b/modules/nixos/services/fail2ban/default.nix index be5f7dad..efb07c91 100644 --- a/modules/nixos/services/fail2ban/default.nix +++ b/modules/nixos/services/fail2ban/default.nix @@ -33,5 +33,7 @@ in bantime = "10m"; }; }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/flood/default.nix b/modules/nixos/services/flood/default.nix index f3fe90b8..23154ed7 100644 --- a/modules/nixos/services/flood/default.nix +++ b/modules/nixos/services/flood/default.nix @@ -28,6 +28,8 @@ in }; }; + # FIXME: persistence? + # NOTE: unfortunately flood does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/grocy/default.nix b/modules/nixos/services/grocy/default.nix index 9045b03c..67de3778 100644 --- a/modules/nixos/services/grocy/default.nix +++ b/modules/nixos/services/grocy/default.nix @@ -37,6 +37,9 @@ in useACMEHost = config.networking.domain; }; + # FIXME: backup + # FIXME: persistence + # NOTE: unfortunately grocy does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/komga/default.nix b/modules/nixos/services/komga/default.nix index e1dc7807..94125736 100644 --- a/modules/nixos/services/komga/default.nix +++ b/modules/nixos/services/komga/default.nix @@ -36,6 +36,8 @@ in }; }; + # FIXME: persistence? + services.fail2ban.jails = { komga = '' enabled = true diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix index 664d5ba8..4eb69774 100644 --- a/modules/nixos/services/mealie/default.nix +++ b/modules/nixos/services/mealie/default.nix @@ -72,6 +72,9 @@ in }; }; + # FIXME: backup + # FIXME: persistence + services.fail2ban.jails = { mealie = '' enabled = true diff --git a/modules/nixos/services/miniflux/default.nix b/modules/nixos/services/miniflux/default.nix index 400ae000..7bcfe304 100644 --- a/modules/nixos/services/miniflux/default.nix +++ b/modules/nixos/services/miniflux/default.nix @@ -49,6 +49,9 @@ in }; }; + # FIXME: backup + # FIXME: persistence + services.fail2ban.jails = { miniflux = '' enabled = true diff --git a/modules/nixos/services/nextcloud/collabora.nix b/modules/nixos/services/nextcloud/collabora.nix index f8f42a77..dce1a995 100644 --- a/modules/nixos/services/nextcloud/collabora.nix +++ b/modules/nixos/services/nextcloud/collabora.nix @@ -46,5 +46,7 @@ in ]; }; }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/pdf-edit/default.nix b/modules/nixos/services/pdf-edit/default.nix index d59507b0..73527d90 100644 --- a/modules/nixos/services/pdf-edit/default.nix +++ b/modules/nixos/services/pdf-edit/default.nix @@ -54,6 +54,8 @@ in }; }; + # FIXME: persistence? + services.fail2ban.jails = { stirling-pdf = '' enabled = true diff --git a/modules/nixos/services/pyload/default.nix b/modules/nixos/services/pyload/default.nix index 7257d0f5..11675094 100644 --- a/modules/nixos/services/pyload/default.nix +++ b/modules/nixos/services/pyload/default.nix @@ -53,6 +53,9 @@ in }; }; + # FIXME: backup + # FIXME: persistence + services.fail2ban.jails = { pyload = '' enabled = true diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index 3447beee..62827692 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -83,6 +83,9 @@ in }; }; + # FIXME: backup + # FIXME: persistence + # NOTE: unfortunately tandoor-recipes does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 2753da3a..575ddab4 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -100,6 +100,8 @@ in ]; }; + # FIXME: persistence + # NOTE: unfortunately vikunja does not log connection failures for fail2ban }; } diff --git a/modules/nixos/services/woodpecker/agent-docker/default.nix b/modules/nixos/services/woodpecker/agent-docker/default.nix index 79d32993..2e74b67d 100644 --- a/modules/nixos/services/woodpecker/agent-docker/default.nix +++ b/modules/nixos/services/woodpecker/agent-docker/default.nix @@ -38,5 +38,7 @@ in ]; }; }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/woodpecker/agent-exec/default.nix b/modules/nixos/services/woodpecker/agent-exec/default.nix index 24161b03..42102428 100644 --- a/modules/nixos/services/woodpecker/agent-exec/default.nix +++ b/modules/nixos/services/woodpecker/agent-exec/default.nix @@ -62,5 +62,7 @@ in ]; }; }; + + # FIXME: persistence? }; } diff --git a/modules/nixos/services/woodpecker/server/default.nix b/modules/nixos/services/woodpecker/server/default.nix index adf533e8..5d252845 100644 --- a/modules/nixos/services/woodpecker/server/default.nix +++ b/modules/nixos/services/woodpecker/server/default.nix @@ -61,5 +61,7 @@ in port = cfg.rpcPort; }; }; + + # FIXME: persistence }; }