mirror of
https://git.feal.no/felixalb/nixos-config.git
synced 2025-01-10 04:11:15 +01:00
63 lines
2.0 KiB
Nix
63 lines
2.0 KiB
Nix
|
{ config, pkgs, lib, ... }:
|
||
|
{
|
||
|
services.borgbackup.jobs =
|
||
|
let
|
||
|
borgJob = name: {
|
||
|
environment.BORG_RSH = "ssh -i /root/.ssh/fealsyn1";
|
||
|
environment.BORG_REMOTE_PATH = "/usr/local/bin/borg";
|
||
|
repo = "ssh://backup@feal-syn1.home.feal.no/volume2/backup/borg/defiant/${name}";
|
||
|
compression = "auto,zstd";
|
||
|
};
|
||
|
in {
|
||
|
postgresDaily = borgJob "postgres::daily" // {
|
||
|
paths = "/data/backup/postgresql";
|
||
|
startAt = "*-*-* 05:15:00"; # 2 hours after postgresqlBackup
|
||
|
extraInitArgs = "--storage-quota 10G";
|
||
|
encryption = {
|
||
|
mode = "repokey-blake2";
|
||
|
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
postgresWeekly = borgJob "postgres::weekly" // {
|
||
|
paths = "/data/backup/postgresql";
|
||
|
startAt = "Mon *-*-* 05:15:00"; # 2 hours after postgresqlBackup
|
||
|
extraInitArgs = "--storage-quota 10G";
|
||
|
encryption = {
|
||
|
mode = "repokey-blake2";
|
||
|
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
gitea = borgJob "gitea::weekly" // {
|
||
|
paths = "/tank/services/gitea";
|
||
|
startAt = "Mon *-*-* 05:15:00";
|
||
|
extraInitArgs = "--storage-quota 20G";
|
||
|
encryption = {
|
||
|
mode = "repokey-blake2";
|
||
|
passCommand = "cat ${config.sops.secrets."borg/gitea".path}";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
minecraft = borgJob "minecraft::weekly" // {
|
||
|
paths = "/var/lib/minecraft-wack";
|
||
|
startAt = "weekly";
|
||
|
extraInitArgs = "--storage-quota 20G";
|
||
|
encryption.mode = "none";
|
||
|
|
||
|
preHook = ''
|
||
|
${pkgs.mcrcon}/bin/mcrcon -p wack "say Starting Backup" "save-off" "save-all"
|
||
|
'';
|
||
|
|
||
|
postHook = ''
|
||
|
${pkgs.mcrcon}/bin/mcrcon -p wack "save-all" "say Completed Backup" "save-on" "save-all"
|
||
|
'';
|
||
|
};
|
||
|
|
||
|
};
|
||
|
|
||
|
# TODO: Matrix (keys,media,db), home-assistant, pihole, vaultwarden
|
||
|
sops.secrets."borg/postgres" = { };
|
||
|
sops.secrets."borg/gitea" = { };
|
||
|
}
|