diff --git a/bin/borg_lf.sh b/bin/borg_lf.sh index a31b9e1..978e5fb 100755 --- a/bin/borg_lf.sh +++ b/bin/borg_lf.sh @@ -86,8 +86,8 @@ borg mount "$REPO::$selected" "$MOUNT_POINT" cleanup() { echo "Unmounting archive..." - borg umount "$MOUNT_DIR" >/dev/null 2>&1 || true - rmdir "$MOUNT_DIR" >/dev/null 2>&1 || true + borg umount "$MOUNT_POINT" >/dev/null 2>&1 || true + rmdir "$MOUNT_POINT" >/dev/null 2>&1 || true } trap cleanup EXIT INT TERM diff --git a/hosts/nixos/snowbelle/configuration.nix b/hosts/nixos/snowbelle/configuration.nix index da274bb..b05841e 100644 --- a/hosts/nixos/snowbelle/configuration.nix +++ b/hosts/nixos/snowbelle/configuration.nix @@ -34,6 +34,7 @@ in }; homelab = { enable = true; + backups.enable = true; motd.enable = true; gitea.enable = true; glance.enable = true; diff --git a/modules/holocron/copyparty/default.nix b/modules/holocron/copyparty/default.nix index a69216d..e0dcc23 100644 --- a/modules/holocron/copyparty/default.nix +++ b/modules/holocron/copyparty/default.nix @@ -151,7 +151,7 @@ in { }; # add to backups - system.backups.baks = { + homelab.backups.baks = { ${service} = { paths = [cfg.data_dir]; }; diff --git a/modules/homelab/arr/bazarr/default.nix b/modules/homelab/arr/bazarr/default.nix index 3d9b4c0..3d67194 100644 --- a/modules/homelab/arr/bazarr/default.nix +++ b/modules/homelab/arr/bazarr/default.nix @@ -92,7 +92,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/arr/prowlarr/default.nix b/modules/homelab/arr/prowlarr/default.nix index bd3b154..85d99d5 100644 --- a/modules/homelab/arr/prowlarr/default.nix +++ b/modules/homelab/arr/prowlarr/default.nix @@ -94,7 +94,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/arr/radarr/default.nix b/modules/homelab/arr/radarr/default.nix index 23eadf1..65884c5 100644 --- a/modules/homelab/arr/radarr/default.nix +++ b/modules/homelab/arr/radarr/default.nix @@ -97,7 +97,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/arr/sonarr/default.nix b/modules/homelab/arr/sonarr/default.nix index 266446e..f9fed00 100644 --- a/modules/homelab/arr/sonarr/default.nix +++ b/modules/homelab/arr/sonarr/default.nix @@ -95,7 +95,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/audiobookshelf/default.nix b/modules/homelab/audiobookshelf/default.nix index 8547a31..6c481fd 100644 --- a/modules/homelab/audiobookshelf/default.nix +++ b/modules/homelab/audiobookshelf/default.nix @@ -98,7 +98,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/backups/default.nix b/modules/homelab/backups/default.nix new file mode 100644 index 0000000..c716af7 --- /dev/null +++ b/modules/homelab/backups/default.nix @@ -0,0 +1,75 @@ +{ + config, + lib, + pkgs, + ... +}: +/**/ +let + cfg = config.homelab.backups; + sec = config.sops.secrets; +in { + options.homelab.backups = { + enable = lib.mkEnableOption "enables borg backups for state files and db backup services"; + baks = lib.mkOption { + type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path)); + default = {}; + description = "backup jobs, nested attribute sets should be = paths []"; + }; + backup_repo = lib.mkOption { + type = lib.types.path; + default = "/holocron/archives/homelab"; + description = "path to take daily backups to with borg!"; + }; + }; + + config = lib.mkIf cfg.enable { + # backups homelab with borg + services.borgbackup.jobs.homelab = (lib.mkIf cfg.baks != {}) { + archiveBaseName = "homelab"; + repo = cfg.backup_repo; + paths = lib.flatten (lib.attrsets.mapAttrsToList (_: arg: arg.paths) cfg.baks); + compression = "auto,zstd"; + startAt = "daily"; + group = "archives"; + encryption.mode = "repokey-blake2"; + encryption.passCommand = "cat ${sec."borg_passwd".path}"; + extraArgs = ["--verbose" "--show-rc" "--umask" "0007"]; + extraCreateArgs = ["--list" "--stats" "--filter" "AME"]; + prune.keep = { + within = "1d"; # Keep all archives from the last day + daily = 7; + weekly = 12; + monthly = -1; # Keep at least one archive for each month + }; + }; + + # mysql backups currently minecraft_recpro is the only thing using this + services.mysqlBackup = lib.mkIf config.services.mysql.enable { + enable = true; + location = "/var/backup/mysql"; + user = "root"; + calendar = "*-*-* *:59:45"; # goes fast, included in back up with server dirs at **:00 + compressionAlg = "zstd"; + databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases + }; + # postgresql backups currently immich is the only user + services.postgresqlBackup = lib.mkIf config.services.postgresql.enable { + enable = true; + location = "/var/backup/postgresql"; + compression = "zstd"; # optional: "xz", "zstd", "none" + startAt = "03:59"; # the dump is included in a backup taken at 4:00 + databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases + }; + + # helpful and for scripts + environment.systemPackages = with pkgs; [borgbackup tree]; + + sops.secrets = { + "borg_passwd" = { + owner = "root"; + group = "root"; + }; + }; + }; +} diff --git a/modules/homelab/caddy/default.nix b/modules/homelab/caddy/default.nix index fb883a1..5d7c756 100644 --- a/modules/homelab/caddy/default.nix +++ b/modules/homelab/caddy/default.nix @@ -95,7 +95,7 @@ in # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/default.nix b/modules/homelab/default.nix index 122591c..59d6ca5 100644 --- a/modules/homelab/default.nix +++ b/modules/homelab/default.nix @@ -37,21 +37,12 @@ in type = lib.types.str; description = "base domain used for reverse proxy"; }; - baks = lib.mkOption { - type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path)); - default = {}; - description = "backup jobs, nested attribute sets should be = paths []"; - }; - backup_repo = lib.mkOption { - type = lib.types.path; - default = "/holocron/archives/homelab"; - description = "path to take daily backups to with borg!"; - }; }; # the order determines the order in glance :3 imports = [ ./motd + ./backups ./glance ./caddy ./home/zigbee2mqtt @@ -84,31 +75,5 @@ in }; }; - # backups homelab with borg - services.borgbackup.jobs.homelab = { - archiveBaseName = "homelab"; - repo = cfg.backup_repo; - paths = lib.flatten (lib.attrsets.mapAttrsToList (_: arg: arg.paths) config.system.backups.baks); - compression = "auto,zstd"; - startAt = "daily"; - group = "archives"; - encryption.mode = "repokey-blake2"; - encryption.passCommand = "cat ${config.sops.secrets."borg_passwd".path}"; - extraArgs = ["--verbose" "--show-rc" "--umask" "0007"]; - extraCreateArgs = ["--list" "--stats" "--filter" "AME"]; - prune.keep = { - within = "1d"; # Keep all archives from the last day - daily = 7; - weekly = 12; - monthly = -1; # Keep at least one archive for each month - }; - }; - - sops.secrets = { - "borg_passwd" = { - owner = "root"; - group = "root"; - }; - }; }; } diff --git a/modules/homelab/gitea/default.nix b/modules/homelab/gitea/default.nix index f1836d0..12e8280 100644 --- a/modules/homelab/gitea/default.nix +++ b/modules/homelab/gitea/default.nix @@ -125,7 +125,7 @@ in }; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/glance/default.nix b/modules/homelab/glance/default.nix index 1d33159..4f908a7 100644 --- a/modules/homelab/glance/default.nix +++ b/modules/homelab/glance/default.nix @@ -313,7 +313,7 @@ in }; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; diff --git a/modules/homelab/home/homeassistant/default.nix b/modules/homelab/home/homeassistant/default.nix index b83e8d9..c1cc5a2 100644 --- a/modules/homelab/home/homeassistant/default.nix +++ b/modules/homelab/home/homeassistant/default.nix @@ -109,7 +109,7 @@ in icon = "di:${nixservice}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/home/mosquitto/default.nix b/modules/homelab/home/mosquitto/default.nix index 0ef5096..8c5a316 100644 --- a/modules/homelab/home/mosquitto/default.nix +++ b/modules/homelab/home/mosquitto/default.nix @@ -92,7 +92,7 @@ in }; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/home/zigbee2mqtt/default.nix b/modules/homelab/home/zigbee2mqtt/default.nix index a20c2fc..269e777 100644 --- a/modules/homelab/home/zigbee2mqtt/default.nix +++ b/modules/homelab/home/zigbee2mqtt/default.nix @@ -123,7 +123,7 @@ in }; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/immich/default.nix b/modules/homelab/immich/default.nix index 16c1c4a..482c187 100644 --- a/modules/homelab/immich/default.nix +++ b/modules/homelab/immich/default.nix @@ -5,7 +5,14 @@ inputs, unstable_pkgs, ... -}: let +}: +/* +to restore database ensure it exists + +sudo -u postgres psql -c "DROP DATABASE IF EXISTS immich; CREATE DATABASE immich;" +zstd -dc | sudo -u postgres psql -d immich +*/ +let service = "immich"; cfg = config.homelab.${service}; sec = config.sops.secrets; @@ -111,7 +118,7 @@ in { services.postgresqlBackup.databases = ["immich"]; # set to all databases defined in esure databases # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = {paths = [cfg.data_dir "/var/lib/redis-immich" "/var/backup/postgresql/immich.sql.zstd"];}; }; }; diff --git a/modules/homelab/jellyfin/default.nix b/modules/homelab/jellyfin/default.nix index 0279c0a..f183a2f 100644 --- a/modules/homelab/jellyfin/default.nix +++ b/modules/homelab/jellyfin/default.nix @@ -93,7 +93,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/minecraft_recpro/default.nix b/modules/homelab/minecraft_recpro/default.nix index 1f7e653..75afe32 100644 --- a/modules/homelab/minecraft_recpro/default.nix +++ b/modules/homelab/minecraft_recpro/default.nix @@ -3,7 +3,15 @@ config, lib, ... -}: let +}: +/* +to restore db make sure it exists with rebuild or command below +then use zstd command to decompress and restore in one go + +mysql -u root -p -e "CREATE DATABASE IF NOT EXISTS minecraft_recpro_db;" +zstd -dc | mysql -u root -p minecraft_recpro_db +*/ +let service = "minecraft_recpro"; cfg = config.gameservers.${service}; sec = config.sops.secrets; @@ -141,7 +149,14 @@ in { #paths = lib.flatten (lib.attrValues (lib.mapAttrs (_: srv: [srv.data_dir]) servers)); paths = lib.flatten ( lib.attrValues ( - lib.mapAttrs (_: srv: [srv.data_dir] ++ (if builtins.hasAttr "db_dump_dir" srv then [srv.db_dump_dir] else [])) servers + lib.mapAttrs (_: srv: + [srv.data_dir] + ++ ( + if builtins.hasAttr "db_dump_dir" srv + then [srv.db_dump_dir] + else [] + )) + servers ) ); compression = "auto,zstd"; diff --git a/modules/homelab/qbittorrent/default.nix b/modules/homelab/qbittorrent/default.nix index e2bb94f..a4fc288 100644 --- a/modules/homelab/qbittorrent/default.nix +++ b/modules/homelab/qbittorrent/default.nix @@ -131,7 +131,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/uptime-kuma/default.nix b/modules/homelab/uptime-kuma/default.nix index de03ca4..8f2d8eb 100644 --- a/modules/homelab/uptime-kuma/default.nix +++ b/modules/homelab/uptime-kuma/default.nix @@ -93,7 +93,7 @@ in icon = "di:${service}"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/vaultwarden/default.nix b/modules/homelab/vaultwarden/default.nix index e9c4079..d150441 100644 --- a/modules/homelab/vaultwarden/default.nix +++ b/modules/homelab/vaultwarden/default.nix @@ -113,7 +113,7 @@ in }; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/homelab/yacreader/default.nix b/modules/homelab/yacreader/default.nix index f403240..8cbba51 100644 --- a/modules/homelab/yacreader/default.nix +++ b/modules/homelab/yacreader/default.nix @@ -101,7 +101,7 @@ in icon = "di:yac-reader"; }]; # add to backups - homelab.baks = { + homelab.backups.baks = { ${service} = { paths = [ cfg.data_dir ]; }; }; }; diff --git a/modules/system/backups/default.nix b/modules/system/backups/default.nix deleted file mode 100644 index 16d0643..0000000 --- a/modules/system/backups/default.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -/* -this module -*/ -let - cfg = config.system.backups; - sec = config.sops.secrets; - borg = "${pkgs.borgbackup}/bin/borg"; -in { - options.system.backups = { - enable = lib.mkEnableOption "enables backups with borg"; - baks = lib.mkOption { - type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path)); - default = {}; - description = "backup jobs, nested attribute sets should be = paths []"; - }; - gameserver_baks = lib.mkOption { - type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path)); - default = {}; - description = "backup jobs for game servers, nested attribute sets should be = paths []"; - }; - }; - - config = lib.mkIf (cfg.enable && cfg.baks != {}) { - - # mysql backups currently minecraft_recpro is the only thing using this - services.mysqlBackup = lib.mkIf config.services.mysql.enable { - enable = true; - location = "/var/backup/mysql"; - user = "root"; - calendar = "*-*-* *:59:45"; # goes fast, included in back up with server dirs at **:00 - compressionAlg = "zstd"; - databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases - }; - # postgresql backups currently immich is the only user - services.postgresqlBackup = lib.mkIf config.services.postgresql.enable { - # immich uses this - enable = true; - location = "/var/backup/postgresql"; - compression = "zstd"; # optional: "xz", "zstd", "none" - startAt = "03:59"; # the dump is included in a backup taken at 4:00 - # currently setting this in the immich file - #databases = ["immich"]; # set to all databases defined in esure databases - #databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases - }; - - # helpful and for scripts - environment.systemPackages = with pkgs; [borgbackup tree]; - - }; -} diff --git a/modules/system/backups/default.nix.old b/modules/system/backups/default.nix.old deleted file mode 100644 index 79ff0f2..0000000 --- a/modules/system/backups/default.nix.old +++ /dev/null @@ -1,279 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -/* -this module enables a backup script made with borg! -to use import & set the options below -to declare a backup add the following code -to a module and it will backup all listed paths -in a borg archive to the specified repo - - | <3yy> | - V V - system.backups.baks = { - ${service} = { paths = [ cfg.data_dir ]; }; - }; -*/ -let - cfg = config.system.backups; - sec = config.sops.secrets; - borg = "${pkgs.borgbackup}/bin/borg"; -in { - options.system.backups = { - enable = lib.mkEnableOption "enables backups with borg"; - baks = lib.mkOption { - type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path)); - default = {}; - description = "backup jobs, nested attribute sets should be = paths []"; - }; - gameserver_baks = lib.mkOption { - type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path)); - default = {}; - description = "backup jobs for game servers, nested attribute sets should be = paths []"; - }; - repo = lib.mkOption { - type = lib.types.path; - default = "/holocron/archives/devices/snowbelle"; - description = "borg repository path"; - }; - gameserver_repo = lib.mkOption { - type = lib.types.path; - default = "/holocron/archives/gameservers/borg"; - description = "borg repository path"; - }; - passwd_file = lib.mkOption { - type = lib.types.path; - default = sec."borg_passwd".path; - description = "borg repository passphrase file"; - }; - mode = lib.mkOption { - type = lib.types.str; - default = "split"; # "all" - description = "choice between creating one archive of all paths or one archive per service"; - }; - }; - - config = lib.mkIf (cfg.enable && cfg.baks != {}) { - - # create and or set perms for repo dirs - systemd.tmpfiles.rules = [ - "d ${cfg.repo} 2770 root archives - -" - "d ${cfg.gameserver_repo} 2770 root archives - -" - ]; - - # create servie to backup services - systemd.services.backups = { - description = "backup services with borg!"; - path = [pkgs.borgbackup]; - serviceConfig = { - Type = "oneshot"; - User = "root"; - Group = "archives"; # make perms shake out - UMask = "0007"; # make perms shake out - # the actual script borg is using - ExecStart = pkgs.writeShellScript "borg-backup" '' - backup() { - set -euo pipefail - export BORG_PASSPHRASE="$(cat ${cfg.passwd_file})" - export BORG_REPO="${cfg.repo}" - timestamp="$(date +'%Y-%m-%d_%H:%M:%S')" - mode=split - - # init repo in needed - if ! borg info "$BORG_REPO" >/dev/null 2>&1; then - echo "Initializing Borg repo at $BORG_REPO" - borg init --encryption=repokey "$BORG_REPO" - fi - - borg break-lock "$BORG_REPO" || true - - echo "starting backup at $timestamp" - - if [ "$mode" = "split" ]; then - # loop for each backup - ${lib.concatStringsSep "\n\n" (lib.mapAttrsToList ( - bak_name: bak_paths: '' - echo "------------ Backing up ${bak_name} ------------" - archive="$timestamp-${bak_name}" - echo "backing up: ${lib.concatStringsSep " " bak_paths.paths} → $archive" - borg create \ - --verbose \ - --filter AME \ - --list \ - --stats \ - --show-rc \ - --compression lz4 \ - "$BORG_REPO::$archive" \ - ${lib.concatStringsSep " " bak_paths.paths} - echo "pruning old backups for ${bak_name}..." - borg prune -v --list "$BORG_REPO" \ - --glob-archives "*-${bak_name}" \ - --keep-daily=7 \ - --keep-weekly=52 \ - --keep-monthly=-1 - echo "backup run complete at \"$BORG_REPO::$archive\"" - '' - ) - cfg.baks)} - exit 0 - else - # flatten all paths from cfg.baks into one big list - all_paths="${ - lib.concatStringsSep " " - (lib.flatten - (lib.mapAttrsToList (_: bak: bak.paths) cfg.baks)) - }" - borg create \ - --verbose \ - --filter AME \ - --list \ - --stats \ - --show-rc \ - --compression lzma,9 \ - "$BORG_REPO::$timestamp-${toString config.networking.hostName}" \ - $all_paths - - echo "pruning old backups for ${toString config.networking.hostName}..." - borg prune -v --list "$BORG_REPO" \ - --glob-archives "*-${toString config.networking.hostName}" \ - --keep-daily=7 \ - --keep-weekly=52 \ - --keep-monthly=-1 - echo "backup run complete at \"$BORG_REPO::${toString config.networking.hostName}\"" - exit 0 - fi - } - start_time=$(date +%s) - backup - end_time=$(date +%s) - exec_time=$((end_time - start_time)) - cpu_usage=$(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1"%"}') - echo "" - echo "backup stats:" - echo "exec time: $exec_time" - echo "cpu usage: $cpu_usage" - ''; - }; - }; - # create timer to run backups daily - systemd.timers.backups = { - description = "daily borg backup timer"; - wantedBy = ["timers.target"]; - timerConfig = { - OnCalendar = "04:00"; - Persistent = true; - }; - }; - - # create servie to backup gameservers (back these up hourly) - systemd.services.gameserver_backups = { - description = "backup services with borg!"; - path = [pkgs.borgbackup]; - serviceConfig = { - Type = "oneshot"; - User = "root"; - Group = "archives"; # make perms shake out - UMask = "0007"; # make perms shake out - # the actual script borg is using - ExecStart = pkgs.writeShellScript "borg-gameserver_backup" '' - backup() { - set -euo pipefail - export BORG_PASSPHRASE="$(cat ${cfg.passwd_file})" - export BORG_REPO="${cfg.gameserver_repo}" - timestamp="$(date +'%Y-%m-%d_%H:%M:%S')" - - # init repo in needed - if ! borg info "$BORG_REPO" >/dev/null 2>&1; then - echo "Initializing Borg repo at $BORG_REPO" - borg init --encryption=repokey "$BORG_REPO" - fi - - borg break-lock "$BORG_REPO" || true - - echo "starting backup at $timestamp" - - # loop for each backup - ${lib.concatStringsSep "\n\n" (lib.mapAttrsToList ( - bak_name: bak_paths: '' - echo "------------ Backing up ${bak_name} ------------" - archive="$timestamp-${bak_name}" - echo "backing up: ${lib.concatStringsSep " " bak_paths.paths} → $archive" - borg create \ - --verbose \ - --filter AME \ - --list \ - --stats \ - --show-rc \ - --compression lz4 \ - "$BORG_REPO::$archive" \ - ${lib.concatStringsSep " " bak_paths.paths} - echo "pruning old backups for ${bak_name}..." - borg prune -v --list "$BORG_REPO" \ - --glob-archives "*-${bak_name}" \ - --keep-hourly=24 \ - --keep-daily=7 \ - --keep-weekly=12 \ - --keep-monthly=12 - echo "backup run complete at \"$BORG_REPO::$archive\"" - '' - ) - cfg.gameserver_baks)} - exit 0 - } - start_time=$(date +%s) - backup - end_time=$(date +%s) - exec_time=$((end_time - start_time)) - cpu_usage=$(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1"%"}') - echo "" - echo "backup stats:" - echo "exec time: $exec_time" - echo "cpu usage: $cpu_usage" - ''; - }; - }; - # create timer to run backups daily - systemd.timers.gameserver_backups = { - description = "daily borg backup timer"; - wantedBy = ["timers.target"]; - timerConfig = { - OnCalendar = "*-*-* *:00:00"; # every hour, at :01 (one min after db dump) - Persistent = true; - }; - }; - - # db backups - services.mysqlBackup = lib.mkIf config.services.mysql.enable { - # mc servers use this - enable = true; - location = "/var/backup/mysql"; - user = "root"; - calendar = "*-*-* *:59:00"; - compressionAlg = "zstd"; - databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases - }; - services.postgresqlBackup = lib.mkIf config.services.postgresql.enable { - # immich uses this - enable = true; - location = "/var/backup/postgresql"; - compression = "zstd"; # optional: "xz", "zstd", "none" - startAt = "03:58"; - databases = ["immich"]; # set to all databases defined in esure databases - #databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases - }; - - # install borg binary - environment.systemPackages = with pkgs; [borgbackup tree]; - - # declare secret for repo password - sops.secrets = { - "borg_passwd" = { - owner = "root"; - group = "root"; - }; - }; - }; -} diff --git a/modules/system/default.nix b/modules/system/default.nix index f8aba3b..e9221d8 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -6,7 +6,6 @@ }: { imports = [ ./ssh - ./backups ./sops ./docker ./podman @@ -19,7 +18,6 @@ ]; system.ssh.enable = lib.mkDefault true; - system.backups.enable = lib.mkDefault true; system.sops.enable = lib.mkDefault true; system.docker.enable = lib.mkDefault false; system.tailscale.enable = lib.mkDefault true;