From 8c19c9a228fa2197ef28c88c3adc483e2df6a548 Mon Sep 17 00:00:00 2001
From: blake <me@blakedheld.xyz>
Date: Tue, 14 Oct 2025 13:18:31 -0500
Subject: [PATCH] add copyparty

---
 flake.nix                              |   1 +
 hosts/snowbelle/configuration.nix      |   2 +
 modules/holocron/copyparty/default.nix | 122 +++++++++++++++++++++++++
 modules/holocron/default.nix           |   1 +
 modules/system/backups/default.nix     |   2 +-
 5 files changed, 127 insertions(+), 1 deletion(-)
 create mode 100644 modules/holocron/copyparty/default.nix

diff --git a/flake.nix b/flake.nix
index e5e09b0..5ca3e38 100644
--- a/flake.nix
+++ b/flake.nix
@@ -21,6 +21,7 @@
       url = "github:NotAShelf/nvf";
       inputs.nixpkgs.follows = "nixpkgs-unstable";
     };
+    copyparty.url = "github:9001/copyparty";
   };
   outputs = { self, nixpkgs, nixpkgs-unstable, ... }@inputs: 
     let
diff --git a/hosts/snowbelle/configuration.nix b/hosts/snowbelle/configuration.nix
index ad7a9c6..1981962 100644
--- a/hosts/snowbelle/configuration.nix
+++ b/hosts/snowbelle/configuration.nix
@@ -27,6 +27,7 @@ in
     nvidia.enable = true;
   };
   holocron = {
+    copyparty.enable = true;
     zfs.enable = true;
     smb.enable = true;
     nfs.enable = true;
@@ -124,6 +125,7 @@ in
     7704    # srv - hass
     7705    # srv - zigbee2mqtt
     7901    # srv - uptime kuma
+    7902    # srv - copyparty
     25777   # srv - minecraft
     25565   #        ^  ^  ^
     25566   #        |  |  |
diff --git a/modules/holocron/copyparty/default.nix b/modules/holocron/copyparty/default.nix
new file mode 100644
index 0000000..091da20
--- /dev/null
+++ b/modules/holocron/copyparty/default.nix
@@ -0,0 +1,122 @@
+{
+  pkgs,
+  config,
+  lib,
+  inputs,
+  ...
+}: let
+  service = "copyparty";
+  cfg = config.holocron.${service};
+  sec = config.sops.secrets;
+  homelab = config.modules.homelab;
+in {
+  options.holocron.${service} = {
+    enable = lib.mkEnableOption "enables ${service}";
+
+    # set port options
+    port = lib.mkOption {
+      type = lib.types.int;
+      default = 7902;
+      description = "set port for ${service} (default: ${toString cfg.port}";
+    };
+    url = lib.mkOption {
+      type = lib.types.str;
+      default = "${service}.${homelab.base_domain}";
+      description = "set domain for ${service}";
+    };
+    data_dir = lib.mkOption {
+      type = lib.types.str;
+      default = "/var/lib/${service}";
+      description = "set data directory for ${service}";
+    };
+    ids = lib.mkOption {
+      type = lib.types.int;
+      default = cfg.port;
+      description = "set uid and pid of ${service} user (matches port by default)";
+    };
+    backup = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = "enable backups for ${service}";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    imports = [inputs.copyparty.nixosModules.default];
+
+    # declare ${service} group
+    users.groups.${service} = {
+      gid = lib.mkForce cfg.ids;
+    };
+
+    # declare ${service} user
+    users.users.${service} = {
+      description = "${service} server user";
+      uid = lib.mkForce cfg.ids;
+      isSystemUser = true;
+      home = cfg.data_dir;
+      createHome = true;
+      group = service;
+      extraGroups = [];
+    };
+
+    # enable the ${service} service
+    services.${service} = {
+      enable = true;
+      settings = {
+      };
+      accounts = {
+      };
+      groups = {
+      };
+      volumes = {
+      };
+      flags = {
+      };
+    };
+
+#    # override umask to make permissions work out
+#    systemd.services.${service}.serviceConfig = {
+#      UMask = lib.mkForce "0007";
+#      #      User = service;
+#      #      Group = service;
+#    };
+
+    # open firewall
+    networking.firewall.allowedTCPPorts = [cfg.port];
+
+    # add to caddy for reverse proxy
+    services.caddy.virtualHosts."${cfg.url}" = {
+      serverAliases = ["${service}.${homelab.public_domain}"];
+      extraConfig = ''
+        tls /etc/ssl/blakedheld.xyz.crt /etc/ssl/blakedheld.xyz.key
+        reverse_proxy 127.0.0.1:${toString cfg.port}
+      '';
+    };
+
+    # add to glance (local service)
+    modules.services.glance.links.system = [
+      {
+        title = service;
+        url = "https://${cfg.url}";
+        error-url = "http://${homelab.host_ip}:${toString cfg.port}";
+        check-url = "http://${homelab.host_ip}:${toString cfg.port}";
+        icon = "di:${service}";
+      }
+    ];
+    #
+    #    sops.secrets = {
+    #      "${service}_" = {
+    #        owner = ;
+    #        group = ;
+    #      };
+    #    };
+
+    # add to backups
+    modules.system.backups.baks = {
+      ${service} = {
+        paths = [cfg.data_dir];
+      };
+    };
+  };
+}
diff --git a/modules/holocron/default.nix b/modules/holocron/default.nix
index 18f878f..1da81bf 100644
--- a/modules/holocron/default.nix
+++ b/modules/holocron/default.nix
@@ -9,5 +9,6 @@
     ./nfs
     ./smb
     ./zfs
+    ./copyparty
   ];
 }
diff --git a/modules/system/backups/default.nix b/modules/system/backups/default.nix
index 0d0daed..93fdfe8 100644
--- a/modules/system/backups/default.nix
+++ b/modules/system/backups/default.nix
@@ -29,7 +29,7 @@ in
     };
     repo = lib.mkOption {
       type = lib.types.path;
-      default = "/holocron/borg";
+      default = "/holocron/archives/devices/snowbelle";
       description = "borg repository path";
     };
     passwd_file = lib.mkOption {