start borg backups

- fix matrix clients
- fix zen - uuuugh, stupid home-manager...
2025-09-14 22:03:45 +02:00 · 2025-09-14 22:03:21 +02:00 · 2025-09-14 22:01:09 +02:00 · 2025-09-14 22:00:53 +02:00 · 2025-09-11 22:09:47 +02:00
9 changed files with 77 additions and 53 deletions
--- a/flake.lock
+++ b/flake.lock
@ -686,22 +686,6 @@
        "type": "github"
      }
    },
    "nixpkgs_10": {
      "locked": {
        "lastModified": 1727348695,
        "narHash": "sha256-J+PeFKSDV+pHL7ukkfpVzCOO7mBSrrpJ3svwBFABbhI=",
        "owner": "nixos",
        "repo": "nixpkgs",
        "rev": "1925c603f17fc89f4c8f6bf6f631a802ad85d784",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1756578978,
@ -1186,7 +1170,9 @@
    "zen-browser": {
      "inputs": {
        "home-manager": "home-manager_2",
-        "nixpkgs": "nixpkgs_10"
+        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1756876659,
--- a/flake.nix
+++ b/flake.nix
@ -41,7 +41,10 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    zen-browser.url = "github:0xc000022070/zen-browser-flake";
+    zen-browser = {
      url = "github:0xc000022070/zen-browser-flake";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nix-minecraft.url = "github:Infinidoge/nix-minecraft";
--- a/modules/home/application/matrix/default.nix
+++ b/modules/home/application/matrix/default.nix
@ -10,6 +10,10 @@ in
  };
  config = mkIf cfg.enable {
-    home.packages = with pkgs; [ fractal ];
+    home.packages = with pkgs; [ fractal element-desktop ];
    programs.element-desktop = {
      enable = true;
    };
  };
 }
--- a/modules/home/application/zen/default.nix
+++ b/modules/home/application/zen/default.nix
@ -19,6 +19,8 @@ in
    };
    programs.zen-browser = {
      enable = true;
      policies = {
        AutofillAddressEnabled = true;
        AutofillCreditCardEnabled = false;
--- a/modules/home/desktop/plasma/default.nix
+++ b/modules/home/desktop/plasma/default.nix
@ -64,7 +64,7 @@ in
        };
        kwalletrc = {
-          Wallet.Enabled = false;
+          Wallet.Enabled = true;
        };
        plasmarc = {
--- a/modules/nixos/home-manager/default.nix
+++ b/modules/nixos/home-manager/default.nix
@ -1,6 +1,6 @@
 { ... }:
 {
  config = {
-    home-manager.backupFileExtension = "back";
+    home-manager.backupFileExtension = "homeManagerBackup";
  };
 }
--- a/modules/nixos/services/backup/borg/default.nix
+++ b/modules/nixos/services/backup/borg/default.nix
@ -0,0 +1,26 @@
 { config, lib, pkgs, namespace, ... }:
 let
  inherit (lib) mkIf mkEnableOption;
  cfg = config.${namespace}.services.backup.borg;
 in
 {
  options.${namespace}.services.backup.borg = {
    enable = mkEnableOption "Borg Backup";
  };
  config = mkIf cfg.enable {
    services = {
      borgbackup.jobs = {
        media = {
          paths = "/var/media/test";
          encryption.mode = "none";
          environment.BORG_SSH = "ssh -i /home/chris/.ssh/id_ed25519 -4";
          repo = "ssh://chris@beheer.hazelhof.nl:222/home/chris/backups/media";
          compression = "auto,zstd";
          startAt = "daily";
        };
      };
    };
  };
 }
--- a/modules/nixos/services/communication/conduit/default.nix
+++ b/modules/nixos/services/communication/conduit/default.nix
@ -3,7 +3,7 @@ let
  inherit (builtins) toString toJSON;
  inherit (lib) mkIf mkEnableOption;
-  cfg = config.${namespace}.services.communication.conduit;
+  cfg = config.${namespace}.services.communication.matrix;
  domain = "kruining.eu";
  fqn = "matrix.${domain}";
@ -12,43 +12,24 @@ let
  database = "synapse";
 in
 {
-  options.${namespace}.services.communication.conduit = {
+  options.${namespace}.services.communication.matrix = {
-    enable = mkEnableOption "conduit (Matrix server)";
+    enable = mkEnableOption "Matrix server (Synapse)";
  };
  config = mkIf cfg.enable {
-    # ${namespace}.services = {
+    ${namespace}.services = {
-    #   persistance.postgresql.enable = true;
+      persistance.postgresql.enable = true;
-    #   virtualisation.podman.enable = true;
+      # virtualisation.podman.enable = true;
-    # };
+    };
-    networking.firewall.allowedTCPPorts = [ 4001 8448 ];
+    networking.firewall.allowedTCPPorts = [ 4001 ];
    services = {
      matrix-conduit = {
        enable = false;
        settings.global = {
          address = "::";
          port = port;
          server_name = domain;
          database_backend = "rocksdb";
          # database_path = "/var/lib/matrix-conduit/";
          allow_check_for_updates = false;
          allow_registration = false;
          enable_lightning_bolt = false;
        };
      };
      matrix-synapse = {
        enable = true;
        extras = [ "oidc" ];
-        plugins = with config.services.matrix-synapse.package.plugins; [];
+        # plugins = with config.services.matrix-synapse.package.plugins; [];
        settings = {
          server_name = domain;
@ -56,10 +37,32 @@ in
          enable_registration = false;
          registration_shared_secret = "tZtBnlhEmLbMwF0lQ112VH1Rl5MkZzYH9suI4pEoPXzk6nWUB8FJF4eEnwLkbstz";
-          
+
          url_preview_enabled = true;
          precence.enabled = true;
          sso = {
            client_whitelist = [ "http://[::1]:9092" ];
            update_profile_information = true;
          };
          oidc_providers = [
            {
              discover = true;
              idp_id = "zitadel";
              idp_name = "Zitadel";
              issuer = "https://auth.amarth.cloud";
              client_id = "337858153251143939";
              client_secret = "ePkf5n8BxGD5DF7t1eNThTL0g6PVBO5A1RC0EqPp61S7VsiyXvDs8aJeczrpCpsH";
              scopes = [ "openid" "profile" ];
              # user_mapping_provider.config = {
              #   localpart_template = "{{ user.prefered_username }}";
              #   display_name_template = "{{ user.name }}";
              # };
            }
          ];
          database = {
            # this is postgresql (also the default, but I prefer to be explicit)
            name = "psycopg2";
@ -95,7 +98,7 @@ in
        settings = {
          appservice = {
            provisioning.enabled = false;
-            port = 40011;
+            # port = 40011;
          };
          homeserver = {
@ -118,7 +121,7 @@ in
        settings = {
          appservice = {
            provisioning.enabled = false;
-            port = 40012;
+            # port = 40012;
          };
          homeserver = {
--- a/systems/x86_64-linux/ulmo/default.nix
+++ b/systems/x86_64-linux/ulmo/default.nix
@ -10,7 +10,7 @@
      authentication.authelia.enable = true;
      authentication.zitadel.enable = true;
-      communication.conduit.enable = true;
+      communication.matrix.enable = true;
      development.forgejo.enable = true;
Author	SHA1	Message	Date
Chris Kruining	6ed8bd861b	start borg backups Some checks failed Test action / kaas (push) Failing after 1s Details	2025-09-14 22:03:45 +02:00
Chris Kruining	1a4746819b	- fix matrix clients - fix zen - uuuugh, stupid home-manager...	2025-09-14 22:03:21 +02:00
Chris Kruining	d35165ebc0	add sso support for matrix server	2025-09-14 22:01:09 +02:00
Chris Kruining	3816942600	finally have the matrix bridges working!	2025-09-14 22:00:53 +02:00
Chris Kruining	992ddba373	rename matrix module	2025-09-11 22:09:47 +02:00