Compare commits
3 Commits
56e92e70f1
...
6de16fb116
Author | SHA1 | Date |
---|---|---|
Felix Albrigtsen | 6de16fb116 | |
Felix Albrigtsen | 12e4d22136 | |
Felix Albrigtsen | 7177ee5b17 |
|
@ -9,7 +9,7 @@
|
|||
packages = with pkgs; [
|
||||
bat
|
||||
bottom
|
||||
ncdu
|
||||
# ncdu
|
||||
neofetch
|
||||
sshfs
|
||||
sshuttle
|
||||
|
|
|
@ -1,38 +1,32 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
services.borgbackup.jobs =
|
||||
let
|
||||
borgJob = name: {
|
||||
environment.BORG_RSH = "ssh -i /root/.ssh/fealsyn1";
|
||||
environment.BORG_REMOTE_PATH = "/usr/local/bin/borg";
|
||||
repo = "ssh://backup@feal-syn1.home.feal.no/volume2/backup/borg/voyager/${name}";
|
||||
compression = "auto,zstd";
|
||||
};
|
||||
in {
|
||||
postgresDaily = borgJob "postgres::daily" // {
|
||||
paths = "/var/backup/postgres";
|
||||
startAt = "*-*-* 05:15:00"; # 2 hours after postgresqlBackup
|
||||
extraInitArgs = "--storage-quota 10G";
|
||||
encryption = {
|
||||
mode = "repokey-blake2";
|
||||
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
|
||||
};
|
||||
};
|
||||
|
||||
postgresWeekly = borgJob "postgres::weekly" // {
|
||||
paths = "/var/backup/postgres";
|
||||
startAt = "Mon *-*-* 05:15:00"; # 2 hours after postgresqlBackup
|
||||
extraInitArgs = "--storage-quota 10G";
|
||||
encryption = {
|
||||
mode = "repokey-blake2";
|
||||
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
|
||||
};
|
||||
};
|
||||
|
||||
# TODO: timemachine, nextcloud, komga, calibre
|
||||
|
||||
services.restic.backups = let
|
||||
localJob = name: paths: {
|
||||
inherit paths;
|
||||
repository = "/mnt/feal-syn1/backup/challenger/${name}";
|
||||
passwordFile = config.sops.secrets."restic/${name}".path;
|
||||
initialize = true;
|
||||
pruneOpts = [
|
||||
"--keep-daily 7"
|
||||
"--keep-weekly 4"
|
||||
"--keep-monthly 3"
|
||||
"--keep-yearly 10"
|
||||
];
|
||||
};
|
||||
in {
|
||||
postgres = (localJob "postgres" [ "/var/backup/postgres" ]) // {
|
||||
timerConfig.OnCalendar = "05:15"; # 2h after postgresqlBackup
|
||||
};
|
||||
|
||||
sops.secrets."borg/postgres" = { };
|
||||
sops.secrets."borg/transmission" = { };
|
||||
transmission = localJob "transmission" [ "/var/lib/transmission" ];
|
||||
|
||||
# TODO: timemachine, nextcloud, komga, calibre
|
||||
};
|
||||
|
||||
sops.secrets."restic/postgres" = { };
|
||||
sops.secrets."restic/transmission" = { };
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
restic
|
||||
];
|
||||
}
|
||||
|
|
|
@ -22,6 +22,12 @@
|
|||
"/mnt/feal-syn1/backup" = {
|
||||
device = "feal-syn1.home.feal.no:/volume2/backup";
|
||||
fsType = "nfs";
|
||||
options = [
|
||||
"defaults"
|
||||
"noatime"
|
||||
"rw"
|
||||
"nfsvers=3"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -33,6 +33,17 @@
|
|||
supportedFeatures = [ "kvm" "big-parallel" "benchmark" "nixos-test" ];
|
||||
mandatoryFeatures = [ ];
|
||||
|
||||
sshUser = "felixalb";
|
||||
sshKey = "/var/root/.ssh/nix-builder";
|
||||
}
|
||||
{
|
||||
hostName = "challenger.home.feal.no";
|
||||
system = "x86_64-linux";
|
||||
|
||||
maxJobs = 6;
|
||||
supportedFeatures = [ "kvm" "big-parallel" "benchmark" "nixos-test" ];
|
||||
mandatoryFeatures = [ ];
|
||||
|
||||
sshUser = "felixalb";
|
||||
sshKey = "/var/root/.ssh/nix-builder";
|
||||
}
|
||||
|
@ -50,6 +61,7 @@
|
|||
gnugrep
|
||||
jq
|
||||
nix-output-monitor
|
||||
nixpkgs-review
|
||||
ripgrep
|
||||
skhd
|
||||
sshfs
|
||||
|
@ -131,4 +143,6 @@
|
|||
# Auto upgrade nix package and the daemon service.
|
||||
services.nix-daemon.enable = true;
|
||||
nix.package = pkgs.nix;
|
||||
|
||||
system.stateVersion = 5;
|
||||
}
|
||||
|
|
|
@ -11,20 +11,19 @@
|
|||
];
|
||||
|
||||
home.packages = with pkgs; [
|
||||
emacs-macport
|
||||
feishin
|
||||
iterm2
|
||||
# prismlauncher
|
||||
spotify
|
||||
|
||||
aerc
|
||||
borgbackup
|
||||
catimg
|
||||
cocoapods
|
||||
emacs-macport
|
||||
feishin
|
||||
gnutar
|
||||
iterm2
|
||||
nix-index
|
||||
nodejs
|
||||
spotify
|
||||
tldr
|
||||
unstable.aerc
|
||||
unstable.snicat
|
||||
w3m
|
||||
zellij
|
||||
|
|
|
@ -3,9 +3,9 @@ transmission:
|
|||
nextcloud:
|
||||
adminpass: ENC[AES256_GCM,data:DL5SnyPPUxiVjfIHZ/ZYJi2pNu6x,iv:/bThFVYgHsN3Yr2EJf0+YWhAVIei9ENaHfAH1ADC5Ws=,tag:bNp+2trtwFNYOqruvqPRGw==,type:str]
|
||||
secretsjson: ENC[AES256_GCM,data:xmdwWBe8LWsSEI64KhSeXbA1B0ahfoGwNmgl33JWteF4AakdI73zfbdIhUBqqlqfbL0uCGlqCiOyRA02h8197mk=,iv:ncKz9ObwoFoVjT0qMzBJ0BqVBNx0ScdMRl82ZNQp4FI=,tag:6S8fqHhvE/gaknxsb+q3Jg==,type:str]
|
||||
borg:
|
||||
transmission: ENC[AES256_GCM,data:umr0UEKMT/n0ZRTyfq/qWX4A,iv:R92qRZqQ8onLYDlkYMtHiumFqjVuxOIZAp+k2qTcDps=,tag:WhCP5YmIutR3ckgNIw/Hww==,type:str]
|
||||
postgres: ENC[AES256_GCM,data:KHL02u+X2fGlZSUrujvkkGI=,iv:gjdPbmRHmO0APXvMJzqN+Swuh2l9mdsUJQRKsSYkEyM=,tag:0Rf9MeW7xTpj2uvnAOhuBA==,type:str]
|
||||
restic:
|
||||
transmission: ENC[AES256_GCM,data:RrnlOXT6sNoUh8MF8JXFTygN+cBV+CS0xdvE9SMTAVV0,iv:0Irhejn2TQSI7h9e4G8a65EpIKmwco9ue93lgo4jC6I=,tag:RAd2pvtL++C8rdlqch4g6Q==,type:str]
|
||||
postgres: ENC[AES256_GCM,data:MaKQs6f2sp1e42u4DRx/PUsSFnJN0Ks+BtUrMJkUwD28,iv:Wz/MtaC/hg5zVxcdZWKEHeQb5KGio653mgHf4IrE7mk=,tag:7kaYJ1DnxNGbcr31bHb0zA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -30,8 +30,8 @@ sops:
|
|||
bVhLUVBWL3QyMmVjVEswZmtDRXRRUGMKizaESv67KWTOnUkZg1R0c3BkpJrDUxJR
|
||||
heau8QcBXtNS6Ct1RsJQD3oTmBPAP1NHJ2BD11kEEtpo8FhCOjcqVQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-07-03T20:11:44Z"
|
||||
mac: ENC[AES256_GCM,data:feOeO7XrNEtbxp2c2a0EbwVAWUJ+PCZavmRT/4DMFfsJWwjogCqAia2KfC249RufAL2WFVZAw8UfymjtHHKp2v7alN3kqcIZ2rjwtkkzi8JqRQvbbCJwTXLkl8wr21lZD7UdNuAfZHxbwJRchRR/6bsLnxipW8AH8YCv1/Knsg0=,iv:fO4dUfRgJOaDuvJNgl6CVZFovVphQB4rlLIKGgzy7S4=,tag:8Ts1XozKYoSghho4ORDW0Q==,type:str]
|
||||
lastmodified: "2024-10-04T19:11:52Z"
|
||||
mac: ENC[AES256_GCM,data:sTsTQOCO6ggoz6hXKU/Nnfuvs2UjYwuYLhMZ/P+jHLV2Jn3gBnUUTsn3lEtG7fi9MOfILuTA93wdRciahAElY9me86j+TVa/9PdbW9Earh5rH7M91LyRRS74C99LedXco05gjxqc2s27ea0n25A8UF7eCgvAlD+4DP0WNUiDUcE=,iv:wn9ahsWE2RYy9pSi30Uy2/vStQCHNiwk6ZJU/OdNDuk=,tag:SZe/b9+2PuoBNZcwuS8Ong==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in New Issue