notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

hosts: init restic
Some checks failed
flake check / check (push) Successful in 10m2s
fmt check / check (push) Has been cancelled

Browse source
This commit is contained in:
notohh 2023-12-31 12:51:49 -05:00
parent 444b259880
commit 0845808f39
Signed by: notohh
GPG key ID: BD47506D475EE86D
16 changed files with 195 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
hosts/arashi/hardware.nix
View file

@ -17,6 +17,11 @@
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/arashi";
fsType = "nfs";
};
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140";} {device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140";}
]; ];

1
hosts/arashi/services/default.nix
View file

@ -1,5 +1,6 @@
_: { _: {
imports = [ imports = [
./restic.nix
./postgresql.nix ./postgresql.nix
./redis.nix ./redis.nix
]; ];

7
hosts/arashi/services/postgresql.nix
View file

@ -49,4 +49,11 @@
"vaultwarden" "vaultwarden"
]; ];
}; };
services.postgresqlBackup = {
enable = true;
databases = ["forgejo" "hedgedoc" "grafana" "authelia" "vaultwarden"];
compression = "zstd";
compressionLevel = 4;
startAt = "daily";
};
} }

33
hosts/arashi/services/restic.nix Normal file
View file

@ -0,0 +1,33 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-arashi = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
arashi = {
user = "root";
paths = [
"/var/backup/"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-arashi.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}

5
hosts/kariru/hardware.nix
View file

@ -27,6 +27,11 @@
fsType = "nfs"; fsType = "nfs";
}; };
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/kariru";
fsType = "nfs";
};
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56";} {device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56";}
]; ];

1
hosts/kariru/services/default.nix
View file

@ -1,5 +1,6 @@
{...}: { {...}: {
imports = [ imports = [
./restic.nix
./traefik.nix ./traefik.nix
./torrent.nix ./torrent.nix
]; ];

36
hosts/kariru/services/restic.nix Normal file
View file

@ -0,0 +1,36 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-kariru = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
kariru = {
user = "root";
paths = [
"/var/lib/radarr"
"/var/lib/sonarr"
"/var/lib/whisparr"
"/var/lib/private/prowlarr"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-kariru.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}

7
hosts/sakura/hardware.nix
View file

@ -16,14 +16,21 @@
device = "/dev/disk/by-uuid/db3e4722-35a6-44fb-8e4d-a75166b845cb"; device = "/dev/disk/by-uuid/db3e4722-35a6-44fb-8e4d-a75166b845cb";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/home/notoh/justlog/logs" = { fileSystems."/home/notoh/justlog/logs" = {
device = "192.168.1.199:/mnt/Sutoreji/twitchlogs"; device = "192.168.1.199:/mnt/Sutoreji/twitchlogs";
fsType = "nfs"; fsType = "nfs";
}; };
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/sakura";
fsType = "nfs";
};
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc";} {device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc";}
]; ];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

1
hosts/sakura/services/default.nix
View file

@ -1,5 +1,6 @@
{...}: { {...}: {
imports = [ imports = [
./restic.nix
./authelia.nix ./authelia.nix
./forgejo.nix ./forgejo.nix
./rustypaste.nix ./rustypaste.nix

39
hosts/sakura/services/restic.nix Normal file
View file

@ -0,0 +1,39 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-sakura = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
sakura = {
user = "root";
paths = [
"/home/notoh/justlog"
"/var/lib/rustypaste"
"/var/lib/forgejo"
];
exclude = [
"/home/notoh/justlog/logs"
"/var/lib/rustypaste/uploads"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-sakura.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}

2
hosts/sora/services/default.nix
View file

@ -1,10 +1,10 @@
{...}: { {...}: {
imports = [ imports = [
./restic.nix
./traefik.nix ./traefik.nix
./uptimekuma.nix ./uptimekuma.nix
./ntfy-sh.nix ./ntfy-sh.nix
./tailscale.nix ./tailscale.nix
./restic.nix
./factorio.nix ./factorio.nix
# ./minecraft.nix # ./minecraft.nix
# ./foundryvtt.nix # ./foundryvtt.nix

16
hosts/sora/services/restic.nix
View file

@ -4,8 +4,12 @@
... ...
}: { }: {
sops.secrets = { sops.secrets = {
restic-repo-pwd-sora = {}; restic-sora = {
sora-b2 = {}; sopsFile = ../../../secrets/restic/secrets.yaml;
};
sora-b2 = {
sopsFile = ../../../secrets/b2/secrets.yaml;
};
}; };
environment.systemPackages = [pkgs.restic]; environment.systemPackages = [pkgs.restic];
services.restic = { services.restic = {
@ -13,17 +17,17 @@
sora = { sora = {
user = "root"; user = "root";
paths = [ paths = [
"/var/lib/uptime-kuma" "/var/lib/private/uptime-kuma"
"/var/lib/ntfy-sh" "/var/lib/private/ntfy-sh"
]; ];
pruneOpts = [ pruneOpts = [
"--keep-daily=8" "--keep-daily=7"
"--keep-weekly=6" "--keep-weekly=6"
"--keep-monthly=5" "--keep-monthly=5"
]; ];
repository = "b2:sora-b2"; repository = "b2:sora-b2";
initialize = true; initialize = true;
passwordFile = config.sops.secrets.restic-repo-pwd-sora.path; passwordFile = config.sops.secrets.restic-sora.path;
environmentFile = config.sops.secrets.sora-b2.path; environmentFile = config.sops.secrets.sora-b2.path;
timerConfig = { timerConfig = {
OnCalendar = "daily"; OnCalendar = "daily";

6
hosts/tsuki/services/restic.nix
View file

@ -3,7 +3,7 @@
config, config,
... ...
}: { }: {
sops.secrets.restic-repo-pwd = {}; sops.secrets.restic-tsuki = {sopsFile = ../../../secrets/restic/secrets.yaml;};
environment.systemPackages = [pkgs.restic]; environment.systemPackages = [pkgs.restic];
services.restic = { services.restic = {
backups = { backups = {
@ -34,13 +34,13 @@
"/home/*/.local/share/.var" "/home/*/.local/share/.var"
]; ];
pruneOpts = [ pruneOpts = [
"--keep-daily=8" "--keep-daily=7"
"--keep-weekly=6" "--keep-weekly=6"
"--keep-monthly=5" "--keep-monthly=5"
]; ];
initialize = true; initialize = true;
repository = "/nas/home"; repository = "/nas/home";
passwordFile = config.sops.secrets.restic-repo-pwd.path; passwordFile = config.sops.secrets.restic-tsuki.path;
timerConfig = { timerConfig = {
OnCalendar = "daily"; OnCalendar = "daily";
RandomizedDelaySec = "10m"; RandomizedDelaySec = "10m";

6
hosts/yuki/hardware.nix
View file

@ -27,9 +27,15 @@
fsType = "nfs"; fsType = "nfs";
}; };
fileSystems."/nas/restic" = {
device = "192.168.1.199:/mnt/Sutoreji/nix-restic-data/yuki";
fsType = "nfs";
};
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59";} {device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59";}
]; ];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

1
hosts/yuki/services/default.nix
View file

@ -1,5 +1,6 @@
{...}: { {...}: {
imports = [ imports = [
./restic.nix
./traefik.nix ./traefik.nix
./stash.nix ./stash.nix
./jellyfin.nix ./jellyfin.nix

39
hosts/yuki/services/restic.nix Normal file
View file

@ -0,0 +1,39 @@
{
pkgs,
config,
...
}: {
sops.secrets.restic-yuki = {
sopsFile = ../../../secrets/restic/secrets.yaml;
};
environment.systemPackages = [pkgs.restic];
services.restic = {
backups = {
yuki = {
user = "root";
paths = [
"/home/notoh/docker"
"/var/lib/jellyfin"
"/var/lib/private/jellyseerr"
"/var/lib/private/homepage-dashboard"
];
exclude = [
"/home/notoh/docker/stash/data"
];
pruneOpts = [
"--keep-daily=7"
"--keep-weekly=6"
"--keep-monthly=5"
];
initialize = true;
repository = "/nas/restic";
passwordFile = config.sops.secrets.restic-yuki.path;
timerConfig = {
OnCalendar = "daily";
RandomizedDelaySec = "20m";
Persistent = true;
};
};
};
};
}