dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Update backup config

Browse source
This commit is contained in:
Tim Schubert 2022-04-10 16:07:17 +02:00
parent 8c404eb2db
commit f901a0f775
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
2 changed files with 28 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

68
nixos/ifrit/configuration.nix
View file

@ -4,8 +4,33 @@ let
"ifrit.dadada.li" "ifrit.dadada.li"
"bs.vpn.dadada.li" "bs.vpn.dadada.li"
"media.dadada.li" "media.dadada.li"
"backup.dadada.li"
]; ];
backups = "/mnt/storage/backup"; backups = "/mnt/storage/backup";
ddns = hostname: {
timers."ddns-${hostname}" = {
wantedBy = [ "timers.target" ];
partOf = [ "ddns-${hostname}.service" ];
timerConfig.OnCalendar = "hourly";
};
services."ddns-${hostname}" = {
serviceConfig.Type = "oneshot";
script = ''
function url() {
echo "https://svc.joker.com/nic/update?username=$1&password=$2&hostname=$3"
}
IFS=':'
read -r user password < /var/lib/ddns/credentials
unset IFS
curl_url=$(url "$user" "$password" ${hostname})
${pkgs.curl}/bin/curl -4 "$curl_url"
${pkgs.curl}/bin/curl -6 "$curl_url"
'';
};
};
in in
{ {
imports = [ imports = [
@ -49,6 +74,7 @@ in
}; };
}; };
users.users.borg.home = "/mnt/storage/backup";
services.borgbackup.repos = { services.borgbackup.repos = {
"metis" = { "metis" = {
allowSubRepos = false; allowSubRepos = false;
@ -109,11 +135,6 @@ in
"::1" = hostAliases; "::1" = hostAliases;
}; };
networking.nameservers = [
"1.1.1.1"
"1.0.0.1"
];
# weird issues with crappy plastic router # weird issues with crappy plastic router
networking.interfaces."ens3".tempAddress = "disabled"; networking.interfaces."ens3".tempAddress = "disabled";
@ -143,19 +164,6 @@ in
allowPing = true; allowPing = true;
allowedTCPPorts = [ allowedTCPPorts = [
22 # SSH 22 # SSH
80
443 # HTTP(S)
111
2049 # NFS
139
445 # SMB
];
allowedUDPPorts = [
137
138
111
2049 # NFS
51234 # Wireguard
]; ];
}; };
@ -188,30 +196,8 @@ in
}; };
environment.systemPackages = [ pkgs.curl ]; environment.systemPackages = [ pkgs.curl ];
systemd = {
timers.ddns-joker = {
wantedBy = [ "timers.target" ];
partOf = [ "ddns-joker.service" ];
timerConfig.OnCalendar = "hourly";
};
services.ddns-joker = {
serviceConfig.Type = "oneshot";
script = ''
function url() {
echo "https://svc.joker.com/nic/update?username=$1&password=$2&hostname=$3"
}
IFS=':' systemd = (ddns "bs.vpn.dadada.li") // (ddns "backup0.dadada.li");
read -r user password < /var/lib/ddns/credentials
unset IFS
curl_url=$(url "$user" "$password" bs.vpn.dadada.li)
${pkgs.curl}/bin/curl -4 "$curl_url"
${pkgs.curl}/bin/curl -6 "$curl_url"
'';
};
};
system.stateVersion = "20.03"; system.stateVersion = "20.03";
} }

8
nixos/modules/backup.nix
View file

@ -60,16 +60,10 @@ in
startAt = "monthly"; startAt = "monthly";
}; };
networking.hosts = mkIf cfg.bs {
"fd42:dead:beef:0:5054:ff:fefb:7361" = [
"media.dadada.li"
];
};
services.borgbackup.jobs.bs = mkIf cfg.bs { services.borgbackup.jobs.bs = mkIf cfg.bs {
paths = "/"; paths = "/";
exclude = backupExcludes; exclude = backupExcludes;
repo = "borg@media.dadada.li:/mnt/storage/backup/${config.networking.hostName}"; repo = "borg@backup0.dadada.li:${config.networking.hostName}";
doInit = false; doInit = false;
environment = { environment = {
BORG_RSH = "ssh -i /var/lib/borgbackup/bs/id_ed25519 -o 'StrictHostKeyChecking accept-new'"; BORG_RSH = "ssh -i /var/lib/borgbackup/bs/id_ed25519 -o 'StrictHostKeyChecking accept-new'";