blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add archives group

Browse Source
This commit is contained in:
blake
2025-10-16 20:02:17 -05:00
parent 8438c58c19
commit 0fd7319de6
6 changed files with 36 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/backup_browse.sh
View File

@@ -54,7 +54,7 @@ fi
export BORG_PASSPHRASE export BORG_PASSPHRASE
# --- DEFAULT REPO --- # --- DEFAULT REPO ---
REPO="${1:-/holocron/backups}" REPO="${1:-/holocron/archives/servers/snowbelle}"
# --- CHECK REQUIRED COMMANDS --- # --- CHECK REQUIRED COMMANDS ---
for cmd in borg fzf find tree cp mkdir; do for cmd in borg fzf find tree cp mkdir; do

3
modules/holocron/default.nix
View File

@@ -13,4 +13,7 @@
./copyparty ./copyparty
]; ];
# define the groups used for backups and archives
users.groups.archives = {gid = 727;};
} }

13
modules/system/backups/default.nix
View File

@@ -9,7 +9,7 @@ in a borg archive to the specified repo
| <3yy> | | <3yy> |
V V V V
modules.system.backups.baks = { system.backups.baks = {
${service} = { paths = [ cfg.data_dir ]; }; ${service} = { paths = [ cfg.data_dir ]; };
}; };
*/ */
@@ -46,12 +46,17 @@ in
config = lib.mkIf (cfg.enable && cfg.baks != {}) { config = lib.mkIf (cfg.enable && cfg.baks != {}) {
systemd.tmpfiles.rules = [
"d /holocron/archives 2770 root archives - -"
];
systemd.services.backups = { systemd.services.backups = {
description = "backup service with borg!"; description = "backup service with borg!";
path = [ pkgs.borgbackup ]; path = [ pkgs.borgbackup ];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
# EnvironmentFile = config.modules.system.backups.passphraseFile; User = "root";
Group = "archives"; # make perms shake out
# the actual script borg is using # the actual script borg is using
ExecStart = pkgs.writeShellScript "borg-backup" '' ExecStart = pkgs.writeShellScript "borg-backup" ''
backup() { backup() {
@@ -59,7 +64,7 @@ in
export BORG_PASSPHRASE="$(cat ${cfg.passwd_file})" export BORG_PASSPHRASE="$(cat ${cfg.passwd_file})"
export BORG_REPO="${cfg.repo}" export BORG_REPO="${cfg.repo}"
timestamp="$(date +'%Y-%m-%d_%H:%M:%S')" timestamp="$(date +'%Y-%m-%d_%H:%M:%S')"
mode=${cfg.mode} mode=split
# init repo in needed # init repo in needed
if ! borg info "$BORG_REPO" >/dev/null 2>&1; then if ! borg info "$BORG_REPO" >/dev/null 2>&1; then
@@ -80,7 +85,7 @@ in
echo "backing up: ${lib.concatStringsSep " " bak_paths.paths} $archive" echo "backing up: ${lib.concatStringsSep " " bak_paths.paths} $archive"
borg create \ borg create \
--verbose \ --verbose \
# --filter AME \ --filter AME \
--list \ --list \
--stats \ --stats \
--show-rc \ --show-rc \

12
modules/system/home-manager/default.nix
View File

@@ -1,12 +0,0 @@
{ inputs, pkgs, config, lib, ... }:
{
home-manager."blake" = {
extraSpecialArgs = { inherit inputs; };
users = {
modules = [
../../users/blake/home.nix;
inputs.self.outputs.homeManagerModules.default;
];
};
};
}

22
modules/system/yubikey/default.nix Normal file
View File

@@ -0,0 +1,22 @@
{
pkgs,
config,
lib,
...
}:
let
service = "";
cfg = config.system.${service};
sec = config.sops.secrets;
homelab = config.homelab;
in
{
options.system.${service} = {
enable = lib.mkEnableOption "enables ${service}";
};
config = lib.mkIf cfg.enable {
};
}

2
users/blake/default.nix
View File

@@ -10,7 +10,7 @@
users = { users = {
blake = { blake = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft"]; # Enable sudo for the user. extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft" "archives" ]; # Enable sudo for the user.
uid = 1000; uid = 1000;
shell = pkgs.zsh; shell = pkgs.zsh;
group = "blake"; group = "blake";