mirror of
https://github.com/foo-dogsquared/nixos-config.git
synced 2025-04-25 18:19:10 +00:00
hosts/plover: add application data for backup
This commit is contained in:
parent
aedd3f7a15
commit
582393da5e
@ -343,11 +343,10 @@ in
|
|||||||
|
|
||||||
# Of course, what is a server without a backup? A professionally-handled
|
# Of course, what is a server without a backup? A professionally-handled
|
||||||
# production system so we can act like one.
|
# production system so we can act like one.
|
||||||
services.borgbackup.jobs.host-backup = let
|
services.borgbackup.jobs =
|
||||||
patterns = [
|
let
|
||||||
config.sops.secrets."plover/borg/patterns/keys".path
|
jobCommonSettings = { patternFiles ? [ ], patterns ? [ ], paths ? [ ] }: {
|
||||||
];
|
inherit paths;
|
||||||
in {
|
|
||||||
compression = "zstd,11";
|
compression = "zstd,11";
|
||||||
dateFormat = "+%F-%H-%M-%S-%z";
|
dateFormat = "+%F-%H-%M-%S-%z";
|
||||||
doInit = true;
|
doInit = true;
|
||||||
@ -355,27 +354,57 @@ in
|
|||||||
mode = "repokey-blake2";
|
mode = "repokey-blake2";
|
||||||
passCommand = "cat ${config.sops.secrets."plover/borg/password".path}";
|
passCommand = "cat ${config.sops.secrets."plover/borg/password".path}";
|
||||||
};
|
};
|
||||||
extraCreateArgs = lib.concatStringsSep " "
|
extraCreateArgs =
|
||||||
(builtins.map (patternFile: "--patterns-from ${patternFile}") patterns);
|
let
|
||||||
|
args = [
|
||||||
|
(lib.concatStringsSep " "
|
||||||
|
(builtins.map (patternFile: "--patterns-from ${lib.escapeShellArg patternFile}") patternFiles))
|
||||||
|
(lib.concatStringsSep " "
|
||||||
|
(builtins.map (pattern: "--pattern ${lib.escapeShellArg pattern}") patterns))
|
||||||
|
];
|
||||||
|
in
|
||||||
|
lib.concatStringsSep " " args;
|
||||||
extraInitArgs = "--make-parent-dirs";
|
extraInitArgs = "--make-parent-dirs";
|
||||||
# We're setting it since it is required plus we're replacing all of them
|
# We're setting it since it is required plus we're replacing all of them
|
||||||
# with patterns anyways.
|
# with patterns anyways.
|
||||||
paths = [];
|
|
||||||
persistentTimer = true;
|
persistentTimer = true;
|
||||||
preHook = ''
|
preHook = ''
|
||||||
extraCreateArgs="$extraCreateArgs --stats"
|
extraCreateArgs="$extraCreateArgs --stats"
|
||||||
'';
|
'';
|
||||||
prune = {
|
prune.keep = {
|
||||||
keep = {
|
|
||||||
weekly = 4;
|
weekly = 4;
|
||||||
monthly = 12;
|
monthly = 12;
|
||||||
yearly = 6;
|
yearly = 6;
|
||||||
};
|
};
|
||||||
};
|
|
||||||
repo = "cr6pf13r@cr6pf13r.repo.borgbase.com:repo";
|
repo = "cr6pf13r@cr6pf13r.repo.borgbase.com:repo";
|
||||||
startAt = "monthly";
|
startAt = "monthly";
|
||||||
environment.BORG_RSH = "ssh -i ${config.sops.secrets."plover/ssh-key".path}";
|
environment.BORG_RSH = "ssh -i ${config.sops.secrets."plover/ssh-key".path}";
|
||||||
};
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Backup for host-specific files. They don't change much so it is
|
||||||
|
# acceptable for it to be backed up monthly.
|
||||||
|
host-backup = jobCommonSettings {
|
||||||
|
patternFiles = [
|
||||||
|
config.sops.secrets."plover/borg/patterns/keys".path
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Backups for various services.
|
||||||
|
services-backup = jobCommonSettings
|
||||||
|
{
|
||||||
|
paths = [
|
||||||
|
# Vaultwarden
|
||||||
|
"/var/lib/bitwarden_rs"
|
||||||
|
|
||||||
|
# Gitea
|
||||||
|
config.services.gitea.dump.backupDir
|
||||||
|
|
||||||
|
# PostgreSQL database dumps
|
||||||
|
config.services.postgresqlBackup.location
|
||||||
|
];
|
||||||
|
} // { startAt = "weekly"; };
|
||||||
|
};
|
||||||
|
|
||||||
programs.ssh.extraConfig = ''
|
programs.ssh.extraConfig = ''
|
||||||
Host *.repo.borgbase.com
|
Host *.repo.borgbase.com
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user