From 63e0ca56cb865c5b4e2992da93664c31f902f027 Mon Sep 17 00:00:00 2001
From: matt1432 <matt@nelim.org>
Date: Sun, 7 Jan 2024 02:05:16 -0500
Subject: [PATCH] feat(servers): make backups from snapshots so shutting down
services isnt needed
---
devices/servivi/modules/arion/default.nix | 15 ++++++---
devices/servivi/modules/borgbackup.nix | 37 +++++++++++++++--------
2 files changed, 36 insertions(+), 16 deletions(-)
diff --git a/devices/servivi/modules/arion/default.nix b/devices/servivi/modules/arion/default.nix
index c118e7b8..04dce274 100644
--- a/devices/servivi/modules/arion/default.nix
+++ b/devices/servivi/modules/arion/default.nix
@@ -7,12 +7,18 @@
with lib;
with builtins; let
user = config.vars.user;
+ configPath = "/var/lib/arion";
in {
imports = [arion.nixosModules.arion];
users.extraUsers.${user}.extraGroups = ["podman"];
home-manager.users.${user}.programs.bash.shellAliases = {
- podman = "sudo podman ";
+ podman = "sudo podman";
+ };
+
+ services.borgbackup.configs.arion = {
+ paths = [configPath];
+ exclude = ["**/lineageos*"];
};
virtualisation = {
@@ -26,8 +32,6 @@ in {
backend = "podman-socket";
projects = let
- configPath = "/var/lib/arion";
-
composeFiles =
filter (n: hasSuffix "compose.nix" (toString n))
(filesystem.listFilesRecursive ./.);
@@ -37,7 +41,10 @@ in {
value = import p (inputs
// {
- rwPath = configPath + "/" + elemAt (match "[^-]*-(.*)" "${dirOf p}") 0;
+ rwPath =
+ configPath
+ + "/"
+ + elemAt (match "[^-]*-(.*)" "${dirOf p}") 0;
});
})
composeFiles));
diff --git a/devices/servivi/modules/borgbackup.nix b/devices/servivi/modules/borgbackup.nix
index 7dd58ad8..5a07f263 100644
--- a/devices/servivi/modules/borgbackup.nix
+++ b/devices/servivi/modules/borgbackup.nix
@@ -19,23 +19,12 @@ in {
};
config = {
- users.groups.borg = {};
- users.users.borg = {
- isSystemUser = true;
- # https://mynixos.com/nixpkgs/option/services.borgbackup.jobs.%3Cname%3E.readWritePaths
- createHome = true;
- home = "/var/lib/borg";
- group = "borg";
- extraGroups = ["mc"];
- };
-
programs.ssh.knownHosts = {
pve.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/4mrp8E4Ittwg8feRmPtDHSDR2+Pq4uZHeF5MweVcW";
};
services.borgbackup = {
defaults = {
- user = mkDefault "borg";
environment = mkDefault {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";};
repo = mkDefault "ssh://matt@pve/data/backups/borg";
@@ -52,7 +41,31 @@ in {
compression = mkDefault "auto,lzma";
};
- jobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;
+ jobs = let
+ tempJobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;
+ in
+ mapAttrs (n: v: let
+ attrs = filterAttrs (n: _: n != "preHook" || n != "postHook" || n != "paths") v;
+ pathPrefix = "/root/snaps";
+ snapPath = "${pathPrefix}/${n}";
+ in
+ attrs
+ // {
+ paths = map (x: snapPath + x) v.paths;
+
+ preHook = v.preHook or "" + ''
+ if [[ ! -d ${pathPrefix} ]]; then
+ mkdir -p ${pathPrefix}
+ fi
+
+ ${pkgs.btrfs-progs}/bin/btrfs subvolume snapshot -r / ${snapPath}
+ '';
+
+ postHook = ''
+ ${pkgs.btrfs-progs}/bin/btrfs subvolume delete ${snapPath}
+ '' + v.postHook or "";
+ })
+ tempJobs;
};
};
}