blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de0117edff2f46d1c6a8215d848fa05ff0185609
nix/modules/homelab/backups/default.nix
blake de0117edff yveltal init
2025-10-25 14:36:52 -05:00

90 lines
3.4 KiB
Nix
Executable File
Raw Blame History

{
config,
lib,
pkgs,
...
}:
/*
to restore mysql/marinadb database:
mysql -u root -p -e "DROP DATABASE IF EXISTS <database_name>;" # delete old db if still lingering
mysql -u root -p -e "CREATE DATABASE IF NOT EXISTS <database_name>;" # create empty db w/ correct name
zstd -dc <path_to_backup> | mysql -u root -p <database_name>
to restore a postgres database:
sudo -u postgres psql -c "DROP DATABASE IF EXISTS <database_name>;" # delete old db if lingering (prolly wont work)
sudo -u postgres psql -c "CREATE DATABASE <database_name>;" # create empty db w/ correct name
zstd -dc <path_to_backup> | sudo -u postgres psql -d immich # restore from the dump
*/
let
cfg = config.homelab.backups;
sec = config.sops.secrets;
in {
options.homelab.backups = {
enable = lib.mkEnableOption "enables borg backups for state files and db backup services";
baks = lib.mkOption {
type = lib.types.attrsOf (lib.types.attrsOf (lib.types.listOf lib.types.path));
default = {};
description = "backup jobs, nested attribute sets should be <bak_name> = paths [<list_of_paths>]";
};
backup_repo = lib.mkOption {
type = lib.types.path;
default = "/holocron/archives/homelab";
description = "path to take daily backups to with borg!";
};
};
config = lib.mkIf cfg.enable {
# backups homelab with borg
services.borgbackup.jobs.homelab = lib.mkIf (cfg.baks != {}) {
archiveBaseName = "homelab";
repo = cfg.backup_repo;
paths = lib.flatten (lib.attrsets.mapAttrsToList (_: arg: arg.paths) cfg.baks);
compression = "auto,zstd";
startAt = "03:30";
group = "archives";
encryption.mode = "repokey-blake2";
encryption.passCommand = "cat ${sec."borg_passwd".path}";
preHook = ''
systemctl start mysql-backup.service
systemctl start $(systemctl list-unit-files 'postgresqlBackup-*.service' --no-legend --no-pager | cut -d' ' -f1)
'';
extraArgs = ["--verbose" "--show-rc" "--umask" "0007"];
extraCreateArgs = ["--list" "--stats" "--filter" "AME"];
prune.keep = {
within = "1d"; # Keep all archives from the last day
daily = 7;
weekly = 12;
monthly = -1; # Keep at least one archive for each month
};
};
# mysql backups currently minecraft_recpro is the only thing using this
services.mysqlBackup = lib.mkIf (config.services.mysql.ensureDatabases != []) {
enable = true;
location = "/var/backup/mysql";
user = "root";
calendar = "daily"; # goes fast, included in back up with server dirs at **:00
compressionAlg = "zstd";
databases = config.services.mysql.ensureDatabases; # set to all databases defined in esure databases
};
# postgresql backups currently immich is the only user
services.postgresqlBackup = lib.mkIf (config.services.postgresql.ensureDatabases != []) {
enable = true;
location = "/var/backup/postgresql";
compression = "zstd"; # optional: "xz", "zstd", "none"
startAt = "daily"; # the dump is included in a backup taken at 4:00
databases = config.services.postgresql.ensureDatabases; # set to all databases defined in esure databases
};
# helpful and for scripts
environment.systemPackages = with pkgs; [borgbackup tree];
sops.secrets = {
"borg_passwd" = {
owner = "root";
group = "root";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink