hosts: init restic
Some checks failed
flake check / check (push) Successful in 10m2s
fmt check / check (push) Has been cancelled

This commit is contained in:
notohh 2023-12-31 12:51:49 -05:00
parent 444b259880
commit 0845808f39
Signed by: notohh
GPG key ID: BD47506D475EE86D
16 changed files with 195 additions and 10 deletions

View file

@ -17,6 +17,11 @@
fsType = "ext4";
};
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/arashi";
fsType = "nfs";
};
swapDevices = [
{device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140";}
];

View file

@ -1,5 +1,6 @@
_: {
imports = [
./restic.nix
./postgresql.nix
./redis.nix
];

View file

@ -49,4 +49,11 @@
"vaultwarden"
];
};
services.postgresqlBackup = {
enable = true;
databases = ["forgejo" "hedgedoc" "grafana" "authelia" "vaultwarden"];
compression = "zstd";
compressionLevel = 4;
startAt = "daily";
};
}

View file

@ -0,0 +1,33 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-arashi = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
arashi = {
user = "root";
paths = [
"/var/backup/"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-arashi.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}

View file

@ -27,6 +27,11 @@
fsType = "nfs";
};
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/kariru";
fsType = "nfs";
};
swapDevices = [
{device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56";}
];

View file

@ -1,5 +1,6 @@
{...}: {
imports = [
./restic.nix
./traefik.nix
./torrent.nix
];

View file

@ -0,0 +1,36 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-kariru = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
kariru = {
user = "root";
paths = [
"/var/lib/radarr"
"/var/lib/sonarr"
"/var/lib/whisparr"
"/var/lib/private/prowlarr"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-kariru.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}

View file

@ -16,14 +16,21 @@
device = "/dev/disk/by-uuid/db3e4722-35a6-44fb-8e4d-a75166b845cb";
fsType = "ext4";
};
fileSystems."/home/notoh/justlog/logs" = {
device = "192.168.1.199:/mnt/Sutoreji/twitchlogs";
fsType = "nfs";
};
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/sakura";
fsType = "nfs";
};
swapDevices = [
{device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc";}
];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

View file

@ -1,5 +1,6 @@
{...}: {
imports = [
./restic.nix
./authelia.nix
./forgejo.nix
./rustypaste.nix

View file

@ -0,0 +1,39 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-sakura = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
sakura = {
user = "root";
paths = [
"/home/notoh/justlog"
"/var/lib/rustypaste"
"/var/lib/forgejo"
];
exclude = [
"/home/notoh/justlog/logs"
"/var/lib/rustypaste/uploads"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-sakura.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}

View file

@ -1,10 +1,10 @@
{...}: {
imports = [
./restic.nix
./traefik.nix
./uptimekuma.nix
./ntfy-sh.nix
./tailscale.nix
./restic.nix
./factorio.nix
# ./minecraft.nix
# ./foundryvtt.nix

View file

@ -4,8 +4,12 @@
...
}: {
sops.secrets = {
restic-repo-pwd-sora = {};
sora-b2 = {};
restic-sora = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
sora-b2 = {
sopsFile = ../../../secrets/b2/secrets.yaml;
};
};
environment.systemPackages = [pkgs.restic];
services.restic = {
@ -13,17 +17,17 @@
sora = {
user = "root";
paths = [
"/var/lib/uptime-kuma"
"/var/lib/ntfy-sh"
"/var/lib/private/uptime-kuma"
"/var/lib/private/ntfy-sh"
];
pruneOpts = [
"--keep-daily=8"
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
repository = "b2:sora-b2";
initialize = true;
passwordFile = config.sops.secrets.restic-repo-pwd-sora.path;
passwordFile = config.sops.secrets.restic-sora.path;
environmentFile = config.sops.secrets.sora-b2.path;
timerConfig = {
OnCalendar = "daily";

View file

@ -3,7 +3,7 @@
config,
...
}: {
sops.secrets.restic-repo-pwd = {};
sops.secrets.restic-tsuki = {sopsFile = ../../../secrets/restic/secrets.yaml;};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
@ -34,13 +34,13 @@
"/home/*/.local/share/.var"
];
pruneOpts = [
"--keep-daily=8"
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/home";
passwordFile = config.sops.secrets.restic-repo-pwd.path;
passwordFile = config.sops.secrets.restic-tsuki.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "10m";

View file

@ -27,9 +27,15 @@
fsType = "nfs";
};
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/yuki";
fsType = "nfs";
};
swapDevices = [
{device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59";}
];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

View file

@ -1,5 +1,6 @@
{...}: {
imports = [
./restic.nix
./traefik.nix
./stash.nix
./jellyfin.nix

View file

@ -0,0 +1,39 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-yuki = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
yuki = {
user = "root";
paths = [
"/home/notoh/docker"
"/var/lib/jellyfin"
"/var/lib/private/jellyseerr"
"/var/lib/private/homepage-dashboard"
];
exclude = [
"/home/notoh/docker/stash/data"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-yuki.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}