SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2024-11-26 12:51:30 +00:00
Code Issues Projects Releases Wiki Activity

Switched backup provider from AWS to Backblaze B2

Browse source
This commit is contained in:
Illia Chub 2021-12-14 07:37:02 +02:00
parent 4ab97f0318
commit 24f2e83cf1
No known key found for this signature in database
GPG key ID: 5D3581534C02467A
2 changed files with 21 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
backup/restic.nix
View file

@ -6,39 +6,27 @@ in
systemd = { systemd = {
services = { services = {
"restic-scheduled-backup" = {}; "restic-scheduled-backup" = {
description = "Userdata restic backup trigger";
serviceConfig = {
Type = "simple";
User = "restic";
ExecStart = "${pkgs.restic}/bin/restic -r rclone:backblaze:${cfg.backblaze.bucket}:/sfbackup --verbose --json backup /var";
};
};
}; };
timers = { timers = {
"restic-scheduled-backup-timer" = {}; "restic-scheduled-backup" = {
}; wantedBy = [ "timers.target" ];
}; partOf = [ "restic-scheduled-backup.service" ];
services.restic.backups = { timerConfig = {
options = { OnCalendar = "daily";
passwordFile = "/etc/restic/resticPasswd"; };
repository = "s3:s3.anazonaws.com/${cfg.backblaze.bucket}";
initialize = true;
paths = [
"/var/dkim"
"/var/vmail"
];
timerConfig = {
OnCalendar = [ "daily" ];
}; };
user = "restic";
pruneOpts = [
"--keep-daily 5"
];
}; };
}; };
users.users.restic = { users.users.restic = {
isNormalUser = false; isNormalUser = false;
isSystemUser = true; isSystemUser = true;
}; };
environment.etc."restic/resticPasswd".text = ''
${cfg.resticPassword}
'';
environment.etc."restic/s3Passwd".text = ''
AWS_ACCESS_KEY_ID=${cfg.backblaze.accountId}
AWS_SECRET_ACCESS_KEY=${cfg.backblaze.accountKey}
'';
} }

7
files.nix
View file

@ -14,6 +14,12 @@ in
CLOUDFLARE_DNS_API_TOKEN=${cfg.cloudflare.apiKey} CLOUDFLARE_DNS_API_TOKEN=${cfg.cloudflare.apiKey}
CLOUDFLARE_ZONE_API_TOKEN=${cfg.cloudflare.apiKey} CLOUDFLARE_ZONE_API_TOKEN=${cfg.cloudflare.apiKey}
''; '';
rcloneConfiguration = builtins.replaceStrings [ "\n" "\"" "\\" ] [ "\\n" "\\\"" "\\\\" ] ''
[backblaze]
type = b2
account = ${cfg.backblaze.accountId}
key = ${cfg.backblaze.accountKey}
'';
in in
[ [
"d /var/restic 0660 restic - - -" "d /var/restic 0660 restic - - -"
@ -28,5 +34,6 @@ in
"f /var/nextcloud-db-pass 0440 nextcloud nextcloud - ${nextcloudDBPass}" "f /var/nextcloud-db-pass 0440 nextcloud nextcloud - ${nextcloudDBPass}"
"f /var/nextcloud-admin-pass 0440 nextcloud nextcloud - ${nextcloudAdminPass}" "f /var/nextcloud-admin-pass 0440 nextcloud nextcloud - ${nextcloudAdminPass}"
"f /var/cloudflareCredentials.ini 0440 nginx acmerecievers - ${cloudflareCredentials}" "f /var/cloudflareCredentials.ini 0440 nginx acmerecievers - ${cloudflareCredentials}"
"f /root/.config/rclone/rclone.conf 0666 selfprivacy-api selfprivacy-api - ${rcloneConfiguration}"
]; ];
} }