Switched backup provider from AWS to Backblaze B2

2024-11-26 04:51:26 +00:00 · 2021-12-14 07:37:02 +02:00 · 2021-12-14 07:37:02 +02:00 · 24f2e83cf1
parent 4ab97f0318
commit 24f2e83cf1
2 changed files with 21 additions and 26 deletions
--- a/backup/restic.nix
+++ b/backup/restic.nix
@ -6,39 +6,27 @@ in

  systemd = {
    services = {
-      "restic-scheduled-backup" = {};
+      "restic-scheduled-backup" = {
+        description = "Userdata restic backup trigger";
+        serviceConfig = {
+          Type = "simple";
+          User = "restic";
+          ExecStart = "${pkgs.restic}/bin/restic -r rclone:backblaze:${cfg.backblaze.bucket}:/sfbackup --verbose --json backup /var";
+        };
+      };
    };
    timers = {
-      "restic-scheduled-backup-timer" = {};
-    };
-  };
-  services.restic.backups = {
-    options = {
-      passwordFile = "/etc/restic/resticPasswd";
-      repository = "s3:s3.anazonaws.com/${cfg.backblaze.bucket}";
-      initialize = true;
-      paths = [
-        "/var/dkim"
-        "/var/vmail"
-      ];
-      timerConfig = {
-        OnCalendar = [ "daily" ];
+      "restic-scheduled-backup" = {
+        wantedBy = [ "timers.target" ];
+        partOf = [ "restic-scheduled-backup.service" ];
+        timerConfig = {
+          OnCalendar = "daily";
+        };
      };
-      user = "restic";
-      pruneOpts = [
-        "--keep-daily 5"
-      ];
    };
  };
  users.users.restic = {
    isNormalUser = false;
    isSystemUser = true;
  };
-  environment.etc."restic/resticPasswd".text = ''
-    ${cfg.resticPassword}
-  '';
-  environment.etc."restic/s3Passwd".text = ''
-    AWS_ACCESS_KEY_ID=${cfg.backblaze.accountId}
-    AWS_SECRET_ACCESS_KEY=${cfg.backblaze.accountKey}
-  '';
 }
--- a/files.nix
+++ b/files.nix
@ -14,6 +14,12 @@ in
        CLOUDFLARE_DNS_API_TOKEN=${cfg.cloudflare.apiKey}
        CLOUDFLARE_ZONE_API_TOKEN=${cfg.cloudflare.apiKey}
      '';
+      rcloneConfiguration = builtins.replaceStrings [ "\n" "\"" "\\" ] [ "\\n" "\\\"" "\\\\" ] ''
+        [backblaze]
+        type = b2
+        account = ${cfg.backblaze.accountId}
+        key = ${cfg.backblaze.accountKey}
+      '';
    in
    [
      "d /var/restic 0660 restic - - -"
@ -28,5 +34,6 @@ in
      "f /var/nextcloud-db-pass 0440 nextcloud nextcloud - ${nextcloudDBPass}"
      "f /var/nextcloud-admin-pass 0440 nextcloud nextcloud - ${nextcloudAdminPass}"
      "f /var/cloudflareCredentials.ini 0440 nginx acmerecievers - ${cloudflareCredentials}"
+      "f /root/.config/rclone/rclone.conf 0666 selfprivacy-api selfprivacy-api - ${rcloneConfiguration}"
    ];
 }