matt1432/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(servers): make backups from snapshots so shutting down services isnt needed
All checks were successful
Discord / discord commits (push) Successful in 1m1s
Details

Browse source
This commit is contained in:
matt1432 2024-01-07 02:05:16 -05:00
parent bd5216cc87
commit 63e0ca56cb
2 changed files with 36 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
devices/servivi/modules/arion/default.nix
View file

@ -7,12 +7,18 @@
with lib; with lib;
with builtins; let with builtins; let
user = config.vars.user; user = config.vars.user;
configPath = "/var/lib/arion";
in { in {
imports = [arion.nixosModules.arion]; imports = [arion.nixosModules.arion];
users.extraUsers.${user}.extraGroups = ["podman"]; users.extraUsers.${user}.extraGroups = ["podman"];
home-manager.users.${user}.programs.bash.shellAliases = { home-manager.users.${user}.programs.bash.shellAliases = {
podman = "sudo podman "; podman = "sudo podman";
};
services.borgbackup.configs.arion = {
paths = [configPath];
exclude = ["**/lineageos*"];
}; };
virtualisation = { virtualisation = {
@ -26,8 +32,6 @@ in {
backend = "podman-socket"; backend = "podman-socket";
projects = let projects = let
configPath = "/var/lib/arion";
composeFiles = composeFiles =
filter (n: hasSuffix "compose.nix" (toString n)) filter (n: hasSuffix "compose.nix" (toString n))
(filesystem.listFilesRecursive ./.); (filesystem.listFilesRecursive ./.);
@ -37,7 +41,10 @@ in {
value = import p (inputs value = import p (inputs
// { // {
rwPath = configPath + "/" + elemAt (match "[^-]*-(.*)" "${dirOf p}") 0; rwPath =
configPath
+ "/"
+ elemAt (match "[^-]*-(.*)" "${dirOf p}") 0;
}); });
}) })
composeFiles)); composeFiles));

37
devices/servivi/modules/borgbackup.nix
View file

@ -19,23 +19,12 @@ in {
}; };
config = { config = {
users.groups.borg = {};
users.users.borg = {
isSystemUser = true;
# https://mynixos.com/nixpkgs/option/services.borgbackup.jobs.%3Cname%3E.readWritePaths
createHome = true;
home = "/var/lib/borg";
group = "borg";
extraGroups = ["mc"];
};
programs.ssh.knownHosts = { programs.ssh.knownHosts = {
pve.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/4mrp8E4Ittwg8feRmPtDHSDR2+Pq4uZHeF5MweVcW"; pve.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/4mrp8E4Ittwg8feRmPtDHSDR2+Pq4uZHeF5MweVcW";
}; };
services.borgbackup = { services.borgbackup = {
defaults = { defaults = {
user = mkDefault "borg";
environment = mkDefault {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";}; environment = mkDefault {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";};
repo = mkDefault "ssh://matt@pve/data/backups/borg"; repo = mkDefault "ssh://matt@pve/data/backups/borg";
@ -52,7 +41,31 @@ in {
compression = mkDefault "auto,lzma"; compression = mkDefault "auto,lzma";
}; };
jobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs; jobs = let
tempJobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;
in
mapAttrs (n: v: let
attrs = filterAttrs (n: _: n != "preHook" || n != "postHook" || n != "paths") v;
pathPrefix = "/root/snaps";
snapPath = "${pathPrefix}/${n}";
in
attrs
// {
paths = map (x: snapPath + x) v.paths;
preHook = v.preHook or "" + ''
if [[ ! -d ${pathPrefix} ]]; then
mkdir -p ${pathPrefix}
fi
${pkgs.btrfs-progs}/bin/btrfs subvolume snapshot -r / ${snapPath}
'';
postHook = ''
${pkgs.btrfs-progs}/bin/btrfs subvolume delete ${snapPath}
'' + v.postHook or "";
})
tempJobs;
}; };
}; };
} }