Compare commits
3 Commits
56e92e70f1
...
6de16fb116
Author | SHA1 | Date |
---|---|---|
Felix Albrigtsen | 6de16fb116 | |
Felix Albrigtsen | 12e4d22136 | |
Felix Albrigtsen | 7177ee5b17 |
|
@ -9,7 +9,7 @@
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
bat
|
bat
|
||||||
bottom
|
bottom
|
||||||
ncdu
|
# ncdu
|
||||||
neofetch
|
neofetch
|
||||||
sshfs
|
sshfs
|
||||||
sshuttle
|
sshuttle
|
||||||
|
|
|
@ -1,38 +1,32 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
services.borgbackup.jobs =
|
services.restic.backups = let
|
||||||
let
|
localJob = name: paths: {
|
||||||
borgJob = name: {
|
inherit paths;
|
||||||
environment.BORG_RSH = "ssh -i /root/.ssh/fealsyn1";
|
repository = "/mnt/feal-syn1/backup/challenger/${name}";
|
||||||
environment.BORG_REMOTE_PATH = "/usr/local/bin/borg";
|
passwordFile = config.sops.secrets."restic/${name}".path;
|
||||||
repo = "ssh://backup@feal-syn1.home.feal.no/volume2/backup/borg/voyager/${name}";
|
initialize = true;
|
||||||
compression = "auto,zstd";
|
pruneOpts = [
|
||||||
|
"--keep-daily 7"
|
||||||
|
"--keep-weekly 4"
|
||||||
|
"--keep-monthly 3"
|
||||||
|
"--keep-yearly 10"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
postgresDaily = borgJob "postgres::daily" // {
|
postgres = (localJob "postgres" [ "/var/backup/postgres" ]) // {
|
||||||
paths = "/var/backup/postgres";
|
timerConfig.OnCalendar = "05:15"; # 2h after postgresqlBackup
|
||||||
startAt = "*-*-* 05:15:00"; # 2 hours after postgresqlBackup
|
|
||||||
extraInitArgs = "--storage-quota 10G";
|
|
||||||
encryption = {
|
|
||||||
mode = "repokey-blake2";
|
|
||||||
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
postgresWeekly = borgJob "postgres::weekly" // {
|
transmission = localJob "transmission" [ "/var/lib/transmission" ];
|
||||||
paths = "/var/backup/postgres";
|
|
||||||
startAt = "Mon *-*-* 05:15:00"; # 2 hours after postgresqlBackup
|
|
||||||
extraInitArgs = "--storage-quota 10G";
|
|
||||||
encryption = {
|
|
||||||
mode = "repokey-blake2";
|
|
||||||
passCommand = "cat ${config.sops.secrets."borg/postgres".path}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# TODO: timemachine, nextcloud, komga, calibre
|
# TODO: timemachine, nextcloud, komga, calibre
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets."borg/postgres" = { };
|
sops.secrets."restic/postgres" = { };
|
||||||
sops.secrets."borg/transmission" = { };
|
sops.secrets."restic/transmission" = { };
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
restic
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,6 +22,12 @@
|
||||||
"/mnt/feal-syn1/backup" = {
|
"/mnt/feal-syn1/backup" = {
|
||||||
device = "feal-syn1.home.feal.no:/volume2/backup";
|
device = "feal-syn1.home.feal.no:/volume2/backup";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"noatime"
|
||||||
|
"rw"
|
||||||
|
"nfsvers=3"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,6 +33,17 @@
|
||||||
supportedFeatures = [ "kvm" "big-parallel" "benchmark" "nixos-test" ];
|
supportedFeatures = [ "kvm" "big-parallel" "benchmark" "nixos-test" ];
|
||||||
mandatoryFeatures = [ ];
|
mandatoryFeatures = [ ];
|
||||||
|
|
||||||
|
sshUser = "felixalb";
|
||||||
|
sshKey = "/var/root/.ssh/nix-builder";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
hostName = "challenger.home.feal.no";
|
||||||
|
system = "x86_64-linux";
|
||||||
|
|
||||||
|
maxJobs = 6;
|
||||||
|
supportedFeatures = [ "kvm" "big-parallel" "benchmark" "nixos-test" ];
|
||||||
|
mandatoryFeatures = [ ];
|
||||||
|
|
||||||
sshUser = "felixalb";
|
sshUser = "felixalb";
|
||||||
sshKey = "/var/root/.ssh/nix-builder";
|
sshKey = "/var/root/.ssh/nix-builder";
|
||||||
}
|
}
|
||||||
|
@ -50,6 +61,7 @@
|
||||||
gnugrep
|
gnugrep
|
||||||
jq
|
jq
|
||||||
nix-output-monitor
|
nix-output-monitor
|
||||||
|
nixpkgs-review
|
||||||
ripgrep
|
ripgrep
|
||||||
skhd
|
skhd
|
||||||
sshfs
|
sshfs
|
||||||
|
@ -131,4 +143,6 @@
|
||||||
# Auto upgrade nix package and the daemon service.
|
# Auto upgrade nix package and the daemon service.
|
||||||
services.nix-daemon.enable = true;
|
services.nix-daemon.enable = true;
|
||||||
nix.package = pkgs.nix;
|
nix.package = pkgs.nix;
|
||||||
|
|
||||||
|
system.stateVersion = 5;
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,20 +11,19 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
emacs-macport
|
|
||||||
feishin
|
|
||||||
iterm2
|
|
||||||
# prismlauncher
|
# prismlauncher
|
||||||
spotify
|
|
||||||
|
|
||||||
aerc
|
|
||||||
borgbackup
|
borgbackup
|
||||||
catimg
|
catimg
|
||||||
cocoapods
|
cocoapods
|
||||||
|
emacs-macport
|
||||||
|
feishin
|
||||||
gnutar
|
gnutar
|
||||||
|
iterm2
|
||||||
nix-index
|
nix-index
|
||||||
nodejs
|
nodejs
|
||||||
|
spotify
|
||||||
tldr
|
tldr
|
||||||
|
unstable.aerc
|
||||||
unstable.snicat
|
unstable.snicat
|
||||||
w3m
|
w3m
|
||||||
zellij
|
zellij
|
||||||
|
|
|
@ -3,9 +3,9 @@ transmission:
|
||||||
nextcloud:
|
nextcloud:
|
||||||
adminpass: ENC[AES256_GCM,data:DL5SnyPPUxiVjfIHZ/ZYJi2pNu6x,iv:/bThFVYgHsN3Yr2EJf0+YWhAVIei9ENaHfAH1ADC5Ws=,tag:bNp+2trtwFNYOqruvqPRGw==,type:str]
|
adminpass: ENC[AES256_GCM,data:DL5SnyPPUxiVjfIHZ/ZYJi2pNu6x,iv:/bThFVYgHsN3Yr2EJf0+YWhAVIei9ENaHfAH1ADC5Ws=,tag:bNp+2trtwFNYOqruvqPRGw==,type:str]
|
||||||
secretsjson: ENC[AES256_GCM,data:xmdwWBe8LWsSEI64KhSeXbA1B0ahfoGwNmgl33JWteF4AakdI73zfbdIhUBqqlqfbL0uCGlqCiOyRA02h8197mk=,iv:ncKz9ObwoFoVjT0qMzBJ0BqVBNx0ScdMRl82ZNQp4FI=,tag:6S8fqHhvE/gaknxsb+q3Jg==,type:str]
|
secretsjson: ENC[AES256_GCM,data:xmdwWBe8LWsSEI64KhSeXbA1B0ahfoGwNmgl33JWteF4AakdI73zfbdIhUBqqlqfbL0uCGlqCiOyRA02h8197mk=,iv:ncKz9ObwoFoVjT0qMzBJ0BqVBNx0ScdMRl82ZNQp4FI=,tag:6S8fqHhvE/gaknxsb+q3Jg==,type:str]
|
||||||
borg:
|
restic:
|
||||||
transmission: ENC[AES256_GCM,data:umr0UEKMT/n0ZRTyfq/qWX4A,iv:R92qRZqQ8onLYDlkYMtHiumFqjVuxOIZAp+k2qTcDps=,tag:WhCP5YmIutR3ckgNIw/Hww==,type:str]
|
transmission: ENC[AES256_GCM,data:RrnlOXT6sNoUh8MF8JXFTygN+cBV+CS0xdvE9SMTAVV0,iv:0Irhejn2TQSI7h9e4G8a65EpIKmwco9ue93lgo4jC6I=,tag:RAd2pvtL++C8rdlqch4g6Q==,type:str]
|
||||||
postgres: ENC[AES256_GCM,data:KHL02u+X2fGlZSUrujvkkGI=,iv:gjdPbmRHmO0APXvMJzqN+Swuh2l9mdsUJQRKsSYkEyM=,tag:0Rf9MeW7xTpj2uvnAOhuBA==,type:str]
|
postgres: ENC[AES256_GCM,data:MaKQs6f2sp1e42u4DRx/PUsSFnJN0Ks+BtUrMJkUwD28,iv:Wz/MtaC/hg5zVxcdZWKEHeQb5KGio653mgHf4IrE7mk=,tag:7kaYJ1DnxNGbcr31bHb0zA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -30,8 +30,8 @@ sops:
|
||||||
bVhLUVBWL3QyMmVjVEswZmtDRXRRUGMKizaESv67KWTOnUkZg1R0c3BkpJrDUxJR
|
bVhLUVBWL3QyMmVjVEswZmtDRXRRUGMKizaESv67KWTOnUkZg1R0c3BkpJrDUxJR
|
||||||
heau8QcBXtNS6Ct1RsJQD3oTmBPAP1NHJ2BD11kEEtpo8FhCOjcqVQ==
|
heau8QcBXtNS6Ct1RsJQD3oTmBPAP1NHJ2BD11kEEtpo8FhCOjcqVQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-07-03T20:11:44Z"
|
lastmodified: "2024-10-04T19:11:52Z"
|
||||||
mac: ENC[AES256_GCM,data:feOeO7XrNEtbxp2c2a0EbwVAWUJ+PCZavmRT/4DMFfsJWwjogCqAia2KfC249RufAL2WFVZAw8UfymjtHHKp2v7alN3kqcIZ2rjwtkkzi8JqRQvbbCJwTXLkl8wr21lZD7UdNuAfZHxbwJRchRR/6bsLnxipW8AH8YCv1/Knsg0=,iv:fO4dUfRgJOaDuvJNgl6CVZFovVphQB4rlLIKGgzy7S4=,tag:8Ts1XozKYoSghho4ORDW0Q==,type:str]
|
mac: ENC[AES256_GCM,data:sTsTQOCO6ggoz6hXKU/Nnfuvs2UjYwuYLhMZ/P+jHLV2Jn3gBnUUTsn3lEtG7fi9MOfILuTA93wdRciahAElY9me86j+TVa/9PdbW9Earh5rH7M91LyRRS74C99LedXco05gjxqc2s27ea0n25A8UF7eCgvAlD+4DP0WNUiDUcE=,iv:wn9ahsWE2RYy9pSi30Uy2/vStQCHNiwk6ZJU/OdNDuk=,tag:SZe/b9+2PuoBNZcwuS8Ong==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
Loading…
Reference in New Issue