fin backups
This commit is contained in:
@@ -92,7 +92,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -94,7 +94,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -97,7 +97,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -95,7 +95,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -98,7 +98,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
75
modules/homelab/backups/default.nix
Normal file
75
modules/homelab/backups/default.nix
Normal file
@@ -0,0 +1,75 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
/**/
|
||||
let
|
||||
cfg = config.homelab.backups;
|
||||
sec = config.sops.secrets;
|
||||
in {
|
||||
options.homelab.backups = {
|
||||
enable = lib.mkEnableOption "enables borg backups for state files and db backup services";
|
||||
baks = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path));
|
||||
default = {};
|
||||
description = "backup jobs, nested attribute sets should be <bak_name> = paths [<list_of_paths>]";
|
||||
};
|
||||
backup_repo = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/holocron/archives/homelab";
|
||||
description = "path to take daily backups to with borg!";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
# backups homelab with borg
|
||||
services.borgbackup.jobs.homelab = (lib.mkIf cfg.baks != {}) {
|
||||
archiveBaseName = "homelab";
|
||||
repo = cfg.backup_repo;
|
||||
paths = lib.flatten (lib.attrsets.mapAttrsToList (_: arg: arg.paths) cfg.baks);
|
||||
compression = "auto,zstd";
|
||||
startAt = "daily";
|
||||
group = "archives";
|
||||
encryption.mode = "repokey-blake2";
|
||||
encryption.passCommand = "cat ${sec."borg_passwd".path}";
|
||||
extraArgs = ["--verbose" "--show-rc" "--umask" "0007"];
|
||||
extraCreateArgs = ["--list" "--stats" "--filter" "AME"];
|
||||
prune.keep = {
|
||||
within = "1d"; # Keep all archives from the last day
|
||||
daily = 7;
|
||||
weekly = 12;
|
||||
monthly = -1; # Keep at least one archive for each month
|
||||
};
|
||||
};
|
||||
|
||||
# mysql backups currently minecraft_recpro is the only thing using this
|
||||
services.mysqlBackup = lib.mkIf config.services.mysql.enable {
|
||||
enable = true;
|
||||
location = "/var/backup/mysql";
|
||||
user = "root";
|
||||
calendar = "*-*-* *:59:45"; # goes fast, included in back up with server dirs at **:00
|
||||
compressionAlg = "zstd";
|
||||
databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases
|
||||
};
|
||||
# postgresql backups currently immich is the only user
|
||||
services.postgresqlBackup = lib.mkIf config.services.postgresql.enable {
|
||||
enable = true;
|
||||
location = "/var/backup/postgresql";
|
||||
compression = "zstd"; # optional: "xz", "zstd", "none"
|
||||
startAt = "03:59"; # the dump is included in a backup taken at 4:00
|
||||
databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases
|
||||
};
|
||||
|
||||
# helpful and for scripts
|
||||
environment.systemPackages = with pkgs; [borgbackup tree];
|
||||
|
||||
sops.secrets = {
|
||||
"borg_passwd" = {
|
||||
owner = "root";
|
||||
group = "root";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
@@ -95,7 +95,7 @@ in
|
||||
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -37,21 +37,12 @@ in
|
||||
type = lib.types.str;
|
||||
description = "base domain used for reverse proxy";
|
||||
};
|
||||
baks = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path));
|
||||
default = {};
|
||||
description = "backup jobs, nested attribute sets should be <bak_name> = paths [<list_of_paths>]";
|
||||
};
|
||||
backup_repo = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/holocron/archives/homelab";
|
||||
description = "path to take daily backups to with borg!";
|
||||
};
|
||||
};
|
||||
|
||||
# the order determines the order in glance :3
|
||||
imports = [
|
||||
./motd
|
||||
./backups
|
||||
./glance
|
||||
./caddy
|
||||
./home/zigbee2mqtt
|
||||
@@ -84,31 +75,5 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
# backups homelab with borg
|
||||
services.borgbackup.jobs.homelab = {
|
||||
archiveBaseName = "homelab";
|
||||
repo = cfg.backup_repo;
|
||||
paths = lib.flatten (lib.attrsets.mapAttrsToList (_: arg: arg.paths) config.system.backups.baks);
|
||||
compression = "auto,zstd";
|
||||
startAt = "daily";
|
||||
group = "archives";
|
||||
encryption.mode = "repokey-blake2";
|
||||
encryption.passCommand = "cat ${config.sops.secrets."borg_passwd".path}";
|
||||
extraArgs = ["--verbose" "--show-rc" "--umask" "0007"];
|
||||
extraCreateArgs = ["--list" "--stats" "--filter" "AME"];
|
||||
prune.keep = {
|
||||
within = "1d"; # Keep all archives from the last day
|
||||
daily = 7;
|
||||
weekly = 12;
|
||||
monthly = -1; # Keep at least one archive for each month
|
||||
};
|
||||
};
|
||||
|
||||
sops.secrets = {
|
||||
"borg_passwd" = {
|
||||
owner = "root";
|
||||
group = "root";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -125,7 +125,7 @@ in
|
||||
};
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -313,7 +313,7 @@ in
|
||||
};
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = {
|
||||
paths = [ cfg.data_dir ];
|
||||
};
|
||||
|
||||
@@ -109,7 +109,7 @@ in
|
||||
icon = "di:${nixservice}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -92,7 +92,7 @@ in
|
||||
};
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -123,7 +123,7 @@ in
|
||||
};
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -5,7 +5,14 @@
|
||||
inputs,
|
||||
unstable_pkgs,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
/*
|
||||
to restore database ensure it exists
|
||||
|
||||
sudo -u postgres psql -c "DROP DATABASE IF EXISTS immich; CREATE DATABASE immich;"
|
||||
zstd -dc <path_to_backup> | sudo -u postgres psql -d immich
|
||||
*/
|
||||
let
|
||||
service = "immich";
|
||||
cfg = config.homelab.${service};
|
||||
sec = config.sops.secrets;
|
||||
@@ -111,7 +118,7 @@ in {
|
||||
services.postgresqlBackup.databases = ["immich"]; # set to all databases defined in esure databases
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = {paths = [cfg.data_dir "/var/lib/redis-immich" "/var/backup/postgresql/immich.sql.zstd"];};
|
||||
};
|
||||
};
|
||||
|
||||
@@ -93,7 +93,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -3,7 +3,15 @@
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
/*
|
||||
to restore db make sure it exists with rebuild or command below
|
||||
then use zstd command to decompress and restore in one go
|
||||
|
||||
mysql -u root -p -e "CREATE DATABASE IF NOT EXISTS minecraft_recpro_db;"
|
||||
zstd -dc <path_to_backup> | mysql -u root -p minecraft_recpro_db
|
||||
*/
|
||||
let
|
||||
service = "minecraft_recpro";
|
||||
cfg = config.gameservers.${service};
|
||||
sec = config.sops.secrets;
|
||||
@@ -141,7 +149,14 @@ in {
|
||||
#paths = lib.flatten (lib.attrValues (lib.mapAttrs (_: srv: [srv.data_dir]) servers));
|
||||
paths = lib.flatten (
|
||||
lib.attrValues (
|
||||
lib.mapAttrs (_: srv: [srv.data_dir] ++ (if builtins.hasAttr "db_dump_dir" srv then [srv.db_dump_dir] else [])) servers
|
||||
lib.mapAttrs (_: srv:
|
||||
[srv.data_dir]
|
||||
++ (
|
||||
if builtins.hasAttr "db_dump_dir" srv
|
||||
then [srv.db_dump_dir]
|
||||
else []
|
||||
))
|
||||
servers
|
||||
)
|
||||
);
|
||||
compression = "auto,zstd";
|
||||
|
||||
@@ -131,7 +131,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -93,7 +93,7 @@ in
|
||||
icon = "di:${service}"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -113,7 +113,7 @@ in
|
||||
};
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
@@ -101,7 +101,7 @@ in
|
||||
icon = "di:yac-reader"; }];
|
||||
|
||||
# add to backups
|
||||
homelab.baks = {
|
||||
homelab.backups.baks = {
|
||||
${service} = { paths = [ cfg.data_dir ]; };
|
||||
};
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user