Squibid
e20755851c
I'd like less generations please side note: it's a bit weird that you can't specify how many generations you'd like to keep, like what if I want 3 generations to stay available?
51 lines
1.7 KiB
Nix
51 lines
1.7 KiB
Nix
# that name actually sucks ass
|
|
# but it manages my money pretty well
|
|
#
|
|
# see https://github.com/miniluz/nixos-config/blob/8f0e417e34fa5bbb97b13215ee4843f85c6033be/modules/nixos/selfhosting/actual.nix#L13
|
|
# for a good config
|
|
# and https://github.com/Jonas-Sander/actual-backup for backups
|
|
{ lib, config, ... }:
|
|
{
|
|
options.actual.enable = lib.mkEnableOption "enable money management";
|
|
config = lib.mkIf config.actual.enable {
|
|
services.gatus.settings.endpoints = [
|
|
{
|
|
name = "actual";
|
|
group = "local";
|
|
url = "https://localhost:3000/";
|
|
interval = "30s";
|
|
client.insecure = true;
|
|
conditions = [
|
|
"[connected] == true"
|
|
"[CERTIFICATE_EXPIRATION] > 48h"
|
|
];
|
|
}
|
|
];
|
|
|
|
users.users.actual = {
|
|
isSystemUser = true;
|
|
group = "actual";
|
|
};
|
|
users.groups.actual = {};
|
|
|
|
sops.secrets."actual/key".owner = config.users.users.actual.name;
|
|
sops.secrets."actual/cert".owner = config.users.users.actual.name;
|
|
|
|
services.actual = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
settings = {
|
|
https = {
|
|
# for people trying to re-create my setup the key and cert were
|
|
# generated using the following command:
|
|
# openssl req -newkey rsa:4096 -x509 -days 36500 -sha512 -nodes -out certificate.pem -keyout privatekey.pem
|
|
# I've set the days to 36500 because I don't intend on being around
|
|
# after November 2125, and renewing certs is a pain in the ass on a
|
|
# local (and trusted) network
|
|
key = config.sops.secrets."actual/key".path;
|
|
cert = config.sops.secrets."actual/cert".path;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|