feat: add backup for server

2025-09-28 12:37:26 +08:00 · 2025-09-28 12:37:26 +08:00 · f7409e0537
commit f7409e0537
parent 20ee47caa2
14 changed files with 256 additions and 165 deletions
--- a/system/dev/dn-pre7780/sops-conf.nix
+++ b/system/dev/dn-pre7780/sops-conf.nix
@ -1,32 +1,41 @@
 { config, lib, ... }:
 let
-  inherit (lib) optionalAttrs;
+  inherit (lib) optionalAttrs mkIf hasAttr;
 in
 {
  sops = {
    secrets = {
      "wireguard/conf" = { };
-      "nextcloud/adminPassword" = lib.mkIf config.services.nextcloud.enable {
+      "nextcloud/adminPassword" = mkIf config.services.nextcloud.enable {
        owner = "nextcloud";
        group = "nextcloud";
      };
-      "openldap/adminPassword" = lib.mkIf config.services.openldap.enable {
+      "openldap/adminPassword" = mkIf config.services.openldap.enable {
        owner = config.users.users.openldap.name;
        group = config.users.users.openldap.group;
        mode = "0660";
      };
      "lam/env" = { };
-      "dovecot/openldap" = lib.mkIf (config.services.postfix.enable && config.services.openldap.enable) {
+      "dovecot/openldap" = mkIf (config.services.postfix.enable && config.services.openldap.enable) {
        owner = config.services.dovecot2.user;
        group = config.services.dovecot2.group;
        mode = "0660";
      };

-      # "acme/pdns" = {
-      #   mode = "0660";
-      #   owner = "acme";
-      #   group = "acme";
-      # };
+      "netbird/oidc/secret" = mkIf config.services.netbird.server.dashboard.enable {
+        owner = "netbird";
+      };
+
+      "netbird/coturn/password" = mkIf config.services.netbird.server.coturn.enable {
+        owner = "turnserver";
+        key = "netbird/oidc/secret";
+      };
+      "netbird/dataStoreKey" = mkIf config.services.netbird.server.management.enable {
+        owner = "netbird";
+      };
+      "acme/pdns" = mkIf (hasAttr "acme" config.users.users) {
+        owner = "acme";
+      };
    }
    // (optionalAttrs config.services.stalwart-mail.enable (
      let