harry123/nix-config
1
0
Fork 0
mirror of https://github.com/harryssecret/homelab-nix.git synced 2025-01-18 13:29:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

changed backup strategy

Browse source
This commit is contained in:
Harry 2024-08-23 23:03:29 +02:00
parent 031f14bd1f
commit 53a8915ab8
4 changed files with 76 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitattributes vendored
View file

@ -1,3 +1,4 @@
#pattern filter=crypt diff=crypt merge=crypt #pattern filter=crypt diff=crypt merge=crypt
features/server/services/forgejo-smtp.nix filter=crypt diff=crypt features/server/services/forgejo-smtp.nix filter=crypt diff=crypt
features/server/services/nextcloud-network.nix filter=crypt diff=crypt features/server/services/nextcloud-network.nix filter=crypt diff=crypt
features/server/backups-repos.nix filter=crypt diff=crypt

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
secrets/backup.yaml

5
features/server/backups-repos.nix Normal file
View file

@ -0,0 +1,5 @@
U2FsdGVkX1+pKUtcxhT27nl6afKy5paC7y9iBtZgbq2rnuJebgGFCD0AxE1TOWMV
RaWwqeK7YaU7MnImh+b7JfR3C7b6OgQz3+V+gGhC8f10e23maH/me3m3SNsxLp4w
BS4SQZzrWc5WHS+QHTCH7tfUyFPYBs8xnfMAN+TGqB/ud0l7ZZ7MRvpU2IHpzoi1
8ek6OT+w/oyXU3o5eVklEuXpTEB2dcGJ41hbXCEDn7ELyfpaF/+Tx5yGGIJ73FvS
+P2s1wpjWnrHPj78aphmdm8Q/PZ81vDU4/e2nyg4OcHyOPXVVnwhRUWl1Y9/a/sK

94
features/server/backups.nix
View file

@ -1,35 +1,46 @@
{ config, ... }: { config, ... }:
{ {
imports = [
];
sops.secrets.borgRepoPassword = { }; sops.secrets.borgRepoPassword = { };
sops.secrets.borgRemoteServerPassword = {
sopsFile = ../../secrets/backup.yaml;
};
services.borgbackup.jobs = { services.borgbackup.jobs = {
localBackup = {
paths = "/";
exclude = [
"/nix"
"/srv/Multimedia"
"/srv/media"
"/srv/backups/serverBackups"
"/srv/backups/localComputerBackups"
"/var/cache"
"/tmp"
"/proc"
"/sys"
];
repo = "/srv/backups/serverBackups";
doInit = true;
encryption = {
mode = "repokey";
passCommand = "cat /run/secrets/borgRepoPassword";
};
compression = "auto,lzma";
startAt = "weekly";
};
/* /*
serverBackup = { localBackup = {
paths = "/";
exclude = [
"/nix"
"/srv/Multimedia"
"/srv/media"
"/srv/backups/serverBackups"
"/srv/backups/localComputerBackups"
"/var/cache"
"/var/run"
"/tmp"
"/proc"
"/sys"
"/dev"
"/mnt"
"/run"
];
repo = "/srv/backups/serverBackups";
doInit = true;
encryption = {
mode = "repokey";
passCommand = "cat /run/secrets/borgRepoPassword";
};
compression = "auto,lzma";
startAt = "weekly";
};
}; /*
serverBackup = {
};
*/ */
}; };
@ -41,4 +52,37 @@
path = "/srv/backups/localComputerBackups"; path = "/srv/backups/localComputerBackups";
}; };
}; };
services.borgmatic = {
enable = true;
configurations = {
remoteServer = {
source_directories = [
"/var"
"/etc"
"/home"
"/srv/freshrss"
"/srv/Minecraft"
];
postgres_databases = [
"forgejo"
"nextcloud"
"matrix-synapse"
];
exclude_patterns = [ "/home/*/.cache" ];
encryption_passcommand = "cat /run/secrets/borgRemoteServerPassword";
};
};
};
systemd.timers.borgmatic = {
enable = true;
unit = "borgmatic.service";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*-*-* 03:00:00";
Persistent = true;
WakeSystem = true;
};
};
} }