finish new backups and restructure gameservers

modules/homelab/backups/default.nix

@@ -4,7 +4,17 @@
   pkgs,
   ...
 }:
-/**/
+/*
+to restore mysql/marinadb database:
+mysql -u root -p -e "DROP DATABASE IF EXISTS <database_name>;"  # delete old db if still lingering
+mysql -u root -p -e "CREATE DATABASE IF NOT EXISTS <database_name>;"  # create empty db w/ correct name
+zstd -dc <path_to_backup> | mysql -u root -p <database_name>
+
+to restore a postgres database:
+sudo -u postgres psql -c "DROP DATABASE IF EXISTS <database_name>;"   # delete old db if lingering (prolly wont work)
+sudo -u postgres psql -c "CREATE DATABASE <database_name>;"   # create empty db w/ correct name
+zstd -dc <path_to_backup> | sudo -u postgres psql -d immich   # restore from the dump
+*/
 let
   cfg = config.homelab.backups;
   sec = config.sops.secrets;
@@ -30,7 +40,7 @@ in {
         repo = cfg.backup_repo;
         paths = lib.flatten (lib.attrsets.mapAttrsToList (_: arg: arg.paths) cfg.baks);
         compression = "auto,zstd";
-        startAt = "daily";
+        startAt = "03:30";
         group = "archives";
         encryption.mode = "repokey-blake2";
         encryption.passCommand = "cat ${sec."borg_passwd".path}";
@@ -53,7 +63,7 @@ in {
       enable = true;
       location = "/var/backup/mysql";
       user = "root";
-      calendar = "*-*-* *:59:45"; # goes fast, included in back up with server dirs at **:00
+      calendar = "daily"; # goes fast, included in back up with server dirs at **:00
       compressionAlg = "zstd";
       databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases
     };
@@ -62,7 +72,7 @@ in {
       enable = true;
       location = "/var/backup/postgresql";
       compression = "zstd"; # optional: "xz", "zstd", "none"
-      startAt = "03:59"; # the dump is included in a backup taken at 4:00
+      startAt = "daily"; # the dump is included in a backup taken at 4:00
       databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases
     };
 

modules/homelab/immich/default.nix

@@ -5,14 +5,7 @@
   inputs,
   unstable_pkgs,
   ...
-}:
-/*
-to restore database ensure it exists 
-
-sudo -u postgres psql -c "DROP DATABASE IF EXISTS immich; CREATE DATABASE immich;"
-zstd -dc <path_to_backup> | sudo -u postgres psql -d immich
-*/
-let
+}: let
   service = "immich";
   cfg = config.homelab.${service};
   sec = config.sops.secrets;

modules/homelab/minecraft_recpro/default.nix

@@ -1,178 +0,0 @@
-{
-  pkgs,
-  config,
-  lib,
-  ...
-}:
-/*
-to restore db make sure it exists with rebuild or command below
-then use zstd command to decompress and restore in one go
-
-mysql -u root -p -e "CREATE DATABASE IF NOT EXISTS minecraft_recpro_db;"
-zstd -dc <path_to_backup> | mysql -u root -p minecraft_recpro_db
-*/
-let
-  service = "minecraft_recpro";
-  cfg = config.gameservers.${service};
-  sec = config.sops.secrets;
-  servers = {
-    velocity = {
-      data_dir = "/var/lib/gameservers/minecraft_recpro/velocity";
-      db_dump = "/var/backup/mysql/${service}_db.zst";
-      ram = "2G";
-    };
-    smp = {
-      data_dir = "/var/lib/gameservers/minecraft_recpro/smp";
-      ram = "12G";
-    };
-    superflat = {
-      data_dir = "/var/lib/gameservers/minecraft_recpro/superflat";
-      ram = "4G";
-    };
-    bento = {
-      data_dir = "/var/lib/gameservers/minecraft_recpro/bento";
-      ram = "2G";
-    };
-  };
-in {
-  options.gameservers.${service} = {
-    enable = lib.mkEnableOption "enables ${service}";
-    url = lib.mkOption {
-      type = lib.types.str;
-      default = "mc.recoil.pro";
-      description = "set domain for ${service}";
-    };
-    data_dir = lib.mkOption {
-      type = lib.types.str;
-      default = "/var/lib/gameservers/${service}";
-      description = "set data directory for ${service}";
-    };
-    ids = lib.mkOption {
-      type = lib.types.int;
-      default = 25565;
-      description = "set uid and pid of ${service} user (matches port by default)";
-    };
-    backup = lib.mkOption {
-      type = lib.types.bool;
-      default = false;
-      description = "enable backups for ${service}";
-    };
-    motd = lib.mkOption {
-      type = lib.types.nullOr lib.types.str;
-      default = "velocity";
-    };
-    backup_repo = lib.mkOption {
-      type = lib.types.path;
-      default = "/holocron/archives/gameservers/minecraft/recpro_stack";
-      description = "path to take hourly backups to with borg!";
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    # declare ${service} group
-    users.groups.minecraft = {gid = lib.mkForce cfg.ids;};
-
-    # declare ${service} user
-    users.users.minecraft = {
-      description = "minecraft server user";
-      uid = lib.mkForce cfg.ids;
-      isSystemUser = true;
-      shell = pkgs.bash;
-      group = "minecraft";
-      extraGroups = [];
-    };
-
-    systemd.tmpfiles.rules =
-      lib.attrsets.mapAttrsToList (
-        name: cfg: "d ${cfg.data_dir} 0770 minecraft minecraft -"
-      )
-      servers;
-
-    # Create a systemd service per server running in tmux
-    systemd.services =
-      lib.attrsets.mapAttrs (name: srv: {
-        description = "minecraft_recpro: ${name}";
-        after = ["network.target"];
-        wants = ["network.target"];
-        serviceConfig = {
-          User = "minecraft";
-          Group = "minecraft";
-          WorkingDirectory = srv.data_dir;
-          UMask = "0007";
-          ExecStart = "${pkgs.openjdk21}/bin/java -Xmx${srv.ram} -jar server.jar nogui";
-          Restart = "on-failure";
-          KillMode = "process";
-        };
-        wantedBy = ["multi-user.target"];
-      })
-      servers;
-
-    environment.systemPackages = with pkgs; [openjdk21 mcrcon];
-
-    services.mysql = {
-      enable = true;
-      package = pkgs.mariadb;
-      ensureDatabases = ["minecraft_recpro_db"];
-      ensureUsers = [
-        {
-          name = "minecraft";
-          ensurePermissions = {"minecraft_recpro_db.*" = "ALL PRIVILEGES";};
-        }
-      ];
-      initialScript = pkgs.writeText "minecraft_recpro-init.sql" ''
-        CREATE USER IF NOT EXISTS 'minecraft_recpro'@'localhost' IDENTIFIED BY 'IKNOWTHISISBADIJUSTNEEDTHISTOWORKRNPLS';
-        GRANT ALL PRIVILEGES ON minecraft_recpro_db.* TO 'minecraft_recpro'@'localhost';
-        FLUSH PRIVILEGES;
-      '';
-    };
-
-    # open firewall
-    networking.firewall.allowedTCPPorts = [25777 25565 25566 25567];
-
-    sops.secrets = {
-      "velocity_forwarding" = {
-        owner = "minecraft";
-        group = "minecraft";
-        path = "/var/lib/gameservers/minecraft_recpro/velocity/forwarding.secret";
-        mode = "0400";
-      };
-      "minecraft_recpro_db_passwd" = {
-        owner = "mysql";
-        group = "mysql";
-      };
-    };
-
-    # backups minecraft_recpro with borg!
-    services.borgbackup.jobs.${service} = {
-      archiveBaseName = service;
-      repo = cfg.backup_repo;
-      paths = lib.flatten (
-        lib.attrValues (
-          lib.mapAttrs (_: srv:
-            [srv.data_dir]
-            ++ (
-              if builtins.hasAttr "db_dump" srv
-              then [srv.db_dump]
-              else []
-            ))
-          servers
-        )
-      );
-      compression = "auto,zstd";
-      preHook = "systemctl start mysql-backup.service";
-      startAt = "*-*-* *:00:00";
-      group = "archives";
-      encryption.mode = "repokey-blake2";
-      encryption.passCommand = "cat ${config.sops.secrets."borg_passwd".path}";
-      extraArgs = ["--verbose" "--show-rc" "--umask" "0007"];
-      extraCreateArgs = ["--list" "--stats" "--filter" "AME"];
-      prune.keep = {
-        within = "1d"; # Keep all archives from the last day
-        hourly = 24;
-        daily = 7;
-        weekly = 12;
-        monthly = -1; # Keep at least one archive for each month
-      };
-    };
-  };
-}