ma backup: init
This commit is contained in:
parent
cea8403dc5
commit
489d392430
11
makefu/2configs/backup/server.nix
Normal file
11
makefu/2configs/backup/server.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{lib, ... }:
|
||||||
|
let
|
||||||
|
hosts = lib.mapAttrsToList (f: _: lib.removeSuffix ".pub" f) (builtins.readDir ./ssh );
|
||||||
|
in {
|
||||||
|
# TODO: for all enabled machines
|
||||||
|
services.borgbackup.repos = lib.genAttrs hosts (host: {
|
||||||
|
authorizedKeys = [ (builtins.readFile (./ssh + "/${host}.pub") ) ];
|
||||||
|
path = "/var/lib/borgbackup/${host}";
|
||||||
|
user = "borg-${host}";
|
||||||
|
}) ;
|
||||||
|
}
|
1
makefu/2configs/backup/ssh/gum.pub
Normal file
1
makefu/2configs/backup/ssh/gum.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSCJe7DQkKbL58pL78ImO+nVI/aaNFP8Zyqgo8EbNhW makefu@x
|
1
makefu/2configs/backup/ssh/nextgum.pub
Normal file
1
makefu/2configs/backup/ssh/nextgum.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x
|
1
makefu/2configs/backup/ssh/omo.pub
Normal file
1
makefu/2configs/backup/ssh/omo.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAtA3XzpjByYQ9uSHQr0dkNUyi6nROjwv1S2IQtUu4pi makefu@x
|
1
makefu/2configs/backup/ssh/x.pub
Normal file
1
makefu/2configs/backup/ssh/x.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBRfhUv9twYbO7tUe2r2LOXEMNxW14GO3Q0RTkUWeMxw makefu@x
|
25
makefu/2configs/backup/state.nix
Normal file
25
makefu/2configs/backup/state.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{ config, ... }:
|
||||||
|
# back up all state
|
||||||
|
let
|
||||||
|
sec = toString <secrets>;
|
||||||
|
sshkey = sec + "/borg.priv";
|
||||||
|
phrase = sec + "/borg.pw";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.borgbackup.jobs.state = {
|
||||||
|
repo = "borg-${config.krebs.build.host.name}@backup.makefu.r:.";
|
||||||
|
paths = config.state;
|
||||||
|
encryption = {
|
||||||
|
mode = "repokey";
|
||||||
|
passCommand = "cat ${phrase}";
|
||||||
|
};
|
||||||
|
environment.BORG_RSH = "ssh -i ${sshkey}";
|
||||||
|
prune.keep =
|
||||||
|
{ daily = 7;
|
||||||
|
weekly = 4;
|
||||||
|
monthly = -1; # Keep at least one archive for each month
|
||||||
|
};
|
||||||
|
compression = "auto,lzma";
|
||||||
|
startAt = "daily";
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user