so much shit my b, adding db backups tho

flake.nix

@@ -77,6 +77,14 @@
         modules = [
           ./hosts/darwin/cen-it-07/configuration.nix
           inputs.home-manager.darwinModules.default
+          nix-homebrew.darwinModules.nix-homebrew
+          {
+            nix-homebrew = {
+              enable = true;  # install homebrew
+              enableRosetta = true;   # install homebrew for rosetta as well
+              user = "blake";  # user owning homebrew prefix
+            };
+          }
         ];
       };
     };

modules/holocron/perms/default.nix

@@ -42,7 +42,7 @@ in {
               user=$(basename "$user_dir")
               echo "starting $user_dir"
               chown -Rc "$user:$user" "$user_dir"
-              chmod -Rc 700 "$user_dir"
+              chmod -Rc 770 "$user_dir"
             fi
           done
           echo "fin"

modules/holocron/smb/default.nix

@@ -16,6 +16,16 @@ let
       "create mask" = "0775";
       "directory mask" = "0775";
     };
+    timemachine = {
+        "path" = "/mnt/Shares/tm_share";
+        "valid users" = "username";
+        "public" = "no";
+        "writeable" = "yes";
+        "force user" = "username";
+        "fruit:aapl" = "yes";
+        "fruit:time machine" = "yes";
+        "vfs objects" = "catia fruit streams_xattr";
+    };
     users = {
       path = "/holocron/users";
       browseable = true;

modules/homelab/immich/default.nix

@@ -58,7 +58,7 @@ in {
       home = cfg.data_dir;
       createHome = true;
       group = service;
-      extraGroups = ["video" "render"];
+      extraGroups = ["video" "render" "blake"];
     };
 
     # enable the ${service} service
@@ -72,13 +72,17 @@ in {
       mediaLocation = cfg.data_dir;
       host = "0.0.0.0";
       port = cfg.port;
-      settings.server.externalDomain = "https://pics.blakedheld.xyz";
+      settings = null;
+      #settings.server.externalDomain = "https://photos.blakedheld.xyz";
     };
 
     # override umask to make permissions work out
     #    systemd.services."${toString service}-server".serviceConfig = {
     #      UMask = lib.mkForce "0007";
     #    };
+    #    systemd.services."${toString service}-machine-learning".serviceConfig = {
+    #      UMask = lib.mkForce "0007";
+    #    };
 
     #    # open firewall
     #    networking.firewall.allowedTCPPorts = [ cfg.port ];

modules/system/backups/default.nix

@@ -1,5 +1,9 @@
-{ config, lib, pkgs, ... }:
-
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 /*
 this module enables a backup script made with borg!
 to use import & set the options below
@@ -13,13 +17,11 @@ in a borg archive to the specified repo
     ${service} = { paths = [ cfg.data_dir ]; };
   };
 */
-
 let
   cfg = config.system.backups;
   sec = config.sops.secrets;
   borg = "${pkgs.borgbackup}/bin/borg";
-in
-{
+in {
   options.system.backups = {
     enable = lib.mkEnableOption "enables backups with borg";
     baks = lib.mkOption {
@@ -45,7 +47,6 @@ in
   };
 
   config = lib.mkIf (cfg.enable && cfg.baks != {}) {
-    
     systemd.tmpfiles.rules = [
       "d /holocron/archives 2770 root archives - -"
     ];
@@ -78,8 +79,8 @@ in
 
             if [ "$mode" = "split" ]; then
               # loop for each backup
-              ${lib.concatStringsSep "\n\n" (lib.mapAttrsToList (bak_name: bak_paths:
-                ''
+              ${lib.concatStringsSep "\n\n" (lib.mapAttrsToList (
+              bak_name: bak_paths: ''
                   echo "------------ Backing up ${bak_name} ------------"
                   archive="$timestamp-${bak_name}"
                   echo "backing up: ${lib.concatStringsSep " " bak_paths.paths} → $archive"
@@ -100,7 +101,8 @@ in
                   --keep-monthly=-1
                 echo "backup run complete at \"$BORG_REPO::$archive\""
               ''
-              ) cfg.baks)}
+            )
+            cfg.baks)}
                 exit 0
             else
             # flatten all paths from cfg.baks into one big list
@@ -152,6 +154,29 @@ in
       };
     };
 
+    # db backups
+    services.mysqlBackup = lib.mkIf config.services.mysql.enable {
+      # mc servers use this
+      enable = true;
+      location = "/var/backup/mysql";
+      user = "root";
+      startAt = "03:58";
+      compression = "zstd";
+      databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases
+    };
+    services.postgresqlBackup = config.services.postgresql.enable {
+      # immich uses this
+      enable = true;
+      location = "/var/backup/postgresql";
+      compression = "gzip"; # optional: "xz", "zstd", "none"
+      startAt = "03:58";
+      user = "postgres";
+      databases = ["immich"]; # set to all databases defined in esure databases
+      #databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases
+    };
+
+    services.mysql.ensureDatabases = ["FUCKING_NOTICE_ME"];
+
     # install borg binary
     environment.systemPackages = with pkgs; [borgbackup tree];
 

users/blake/default.nix

@@ -10,7 +10,7 @@
     users = {
       blake = {
         isNormalUser = true;
-        extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft" "archives" ]; # Enable ‘sudo’ for the user.
+        extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft" "archives" "immich" ]; # Enable ‘sudo’ for the user.
         uid = 1000;
         shell = pkgs.zsh;
         group = "blake";

users/blake/dots/darwin/default.nix

@@ -0,0 +1,10 @@
+{
+  pkgs,
+  config,
+  lib,
+  inputs,
+  ...
+}:
+{
+
+}

users/blake/home.nix

@@ -19,6 +19,7 @@ in
 {
   imports = [
     inputs.sops-nix.homeManagerModules.sops
+    ./dots/darwin
     ./dots/neovim
     ./dots/lf
     ./dots/zsh