borg-backup: setup service
This commit is contained in:
parent
bea28f5f3e
commit
91eaa2f008
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
borg-backup-repo
|
||||||
|
|
@ -16,4 +16,3 @@ Grafana and Prometheus are currently used as a glorified =htop=.
|
||||||
** TODO Setup backups BitWarden
|
** TODO Setup backups BitWarden
|
||||||
** TODO Setup declarative config postgresql
|
** TODO Setup declarative config postgresql
|
||||||
** TODO Setup backup postgresql
|
** TODO Setup backup postgresql
|
||||||
** TODO Try borg backups
|
|
||||||
|
|
|
||||||
1
borg-backup-repo.example
Normal file
1
borg-backup-repo.example
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
deadbeef@deadbeef.repo.borgbase.com:repo
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
{ config, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
|
|
@ -71,6 +71,14 @@
|
||||||
|
|
||||||
# List services that you want to enable:
|
# List services that you want to enable:
|
||||||
my.services = {
|
my.services = {
|
||||||
|
borg-backup = {
|
||||||
|
enable = true;
|
||||||
|
repo = (lib.removeSuffix "\n" (builtins.readFile ./borg-backup-repo));
|
||||||
|
paths = [
|
||||||
|
"/var/lib/matrix-synapse"
|
||||||
|
];
|
||||||
|
exclude = [];
|
||||||
|
};
|
||||||
monitoring = {
|
monitoring = {
|
||||||
enable = true;
|
enable = true;
|
||||||
useACME = true;
|
useACME = true;
|
||||||
|
|
|
||||||
61
services/borg-backup.nix
Normal file
61
services/borg-backup.nix
Normal file
|
|
@ -0,0 +1,61 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
let cfg = config.my.services.borg-backup;
|
||||||
|
in {
|
||||||
|
options.my.services.borg-backup = {
|
||||||
|
enable = mkEnableOption "Enable Borg backups for this host";
|
||||||
|
|
||||||
|
repo = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = null;
|
||||||
|
example = "deadbeef@deadbeef.repo.borgbase.com:repo";
|
||||||
|
description = "Borgbase repo info. Required.";
|
||||||
|
};
|
||||||
|
|
||||||
|
paths = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [];
|
||||||
|
example = [
|
||||||
|
"/var/lib"
|
||||||
|
"/home"
|
||||||
|
];
|
||||||
|
description = "Paths to backup";
|
||||||
|
};
|
||||||
|
|
||||||
|
exclude = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [];
|
||||||
|
example = [
|
||||||
|
# very large paths
|
||||||
|
"/var/lib/docker"
|
||||||
|
"/var/lib/systemd"
|
||||||
|
"/var/lib/libvirt"
|
||||||
|
|
||||||
|
# temporary files created by cargo and `go build`
|
||||||
|
"**/target"
|
||||||
|
"/home/*/go/bin"
|
||||||
|
"/home/*/go/pkg"
|
||||||
|
];
|
||||||
|
description = "Paths to exclude from backup";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
services.borgbackup.jobs."borgbase" = {
|
||||||
|
paths = cfg.paths;
|
||||||
|
exclude = [
|
||||||
|
# nothing for now
|
||||||
|
];
|
||||||
|
repo = "${cfg.repo}";
|
||||||
|
encryption = {
|
||||||
|
mode = "repokey-blake2";
|
||||||
|
passCommand = "cat /root/borgbackup/passphrase";
|
||||||
|
};
|
||||||
|
environment.BORG_RSH = "ssh -i /root/borgbackup/ssh_key";
|
||||||
|
compression = "auto,lzma";
|
||||||
|
startAt = "daily";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
./borg-backup.nix
|
||||||
./matrix.nix
|
./matrix.nix
|
||||||
./monitoring.nix
|
./monitoring.nix
|
||||||
];
|
];
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue