helix: new deployment

hosts/helix/default.nix

@@ -1,10 +1,10 @@
-{ self, profiles, suites, ... }:
+{ self, profiles, suites, pkgs, ... }:
 {
   imports = [
     ./configuration.nix
     ../profiles/core
     ../profiles/server
-    ../profiles/metrics
+    # ../profiles/metrics
     ../profiles/gitea
     ../profiles/woodpecker-server
     ../profiles/rss-bridge
@@ -19,10 +19,31 @@
     extraGroups = [ "wheel" ];
   };
 
+  age.secrets.helix-wg.file = "${self}/secrets/helix-wg.age";
+  age.secrets.helix-wg.owner = "anish";
   mossnet.wg = {
     enable = true;
     ips = [ "10.0.69.5/24" ];
-    privateKeyFile = "/home/anish/wg/wg-priv";
+    privateKeyFile = "/run/agenix/helix-wg";
   };
 
+  services.postgresql.package = pkgs.postgresql_11;
+  services.postgresqlBackup = {
+    # TODO needs working wireguard to box
+    enable = false;
+    databases = [ "gitea" "freshrss" "woodpecker" ];
+    location = "/mnt/two/postgres";
+  };
+
+  mossnet.backup = {
+    enable = true;
+    name = "helix";
+    paths = [
+      "/var/lib/gitea"
+      "/var/lib/freshrss"
+      "/var/lib/woodpecker"
+      "/var/lib/microbin"
+    ];
+
+  };
 }