sigma: memos

hosts/sigma/default.nix

@@ -11,6 +11,7 @@
     ./hardware.nix
     ./jellyfin.nix
     ./mail.nix
+    ./memos.nix
     ./network.nix
     ./sonarr.nix
   ];

hosts/sigma/memos.nix

@@ -0,0 +1,18 @@
+{...}: {
+  virtualisation.oci-containers.containers = {
+    memos = {
+      # https://www.usememos.com/docs/install/self-hosting
+      image = "docker.io/neosmemo/memos:stable";
+      environment = {
+        # https://github.com/usememos/memos/issues/2433#issuecomment-1797316081
+        MEMOS_METRIC = "false";
+      };
+      ports = [
+        "127.0.0.1:5230:5230"
+      ];
+      volumes = [
+        "memos:/var/opt/memos"
+      ];
+    };
+  };
+}

modules/base/default.nix

@@ -11,6 +11,7 @@
     ./network.nix
     ./nix.nix
     ./packages.nix
+    ./podman.nix
     ./ripgrep.nix
     ./ssh.nix
     ./sudo.nix

modules/base/podman.nix

@@ -0,0 +1,27 @@
+{...}: {
+  # Podman can run rootless containers and be a drop-in replacement for Docker.
+  # It is used for systemd services containers defined using
+  # `virtualisation.oci-containers`.
+  # https://wiki.nixos.org/wiki/Podman
+  virtualisation.containers.enable = true;
+  virtualisation.podman = {
+    enable = true;
+    # Automatically `podman system prune` weekly
+    autoPrune.enable = true;
+    # Required for containers under podman-compose to be able to talk to each
+    # other.
+    defaultNetwork.settings.dns_enabled = true;
+  };
+
+  # Persist docker volumes
+  environment.persistence."/nix/persist" = {
+    directories = [
+      {
+        directory = "/var/lib/containers";
+        user = "root";
+        group = "root";
+        mode = "0700";
+      }
+    ];
+  };
+}

modules/borg.nix

@@ -90,9 +90,10 @@
       "! /**/found.000/*"
 
       "! /**/.cache"
-      "! /**/Cache"
       "! /**/cache"
+      "! /**/Cache"
       "! /srv/torrents"
+      "! /var/lib/containers/overlay*"
       "! /var/lib/docker/overlay2"
       "- *.tmp"