Switched backup provider from AWS to Backblaze B2

This commit is contained in:
Illia Chub 2021-12-14 07:37:02 +02:00
parent 4ab97f0318
commit 24f2e83cf1
No known key found for this signature in database
GPG key ID: 5D3581534C02467A
2 changed files with 21 additions and 26 deletions

View file

@ -6,39 +6,27 @@ in
systemd = {
services = {
"restic-scheduled-backup" = {};
"restic-scheduled-backup" = {
description = "Userdata restic backup trigger";
serviceConfig = {
Type = "simple";
User = "restic";
ExecStart = "${pkgs.restic}/bin/restic -r rclone:backblaze:${cfg.backblaze.bucket}:/sfbackup --verbose --json backup /var";
};
};
};
timers = {
"restic-scheduled-backup-timer" = {};
};
};
services.restic.backups = {
options = {
passwordFile = "/etc/restic/resticPasswd";
repository = "s3:s3.anazonaws.com/${cfg.backblaze.bucket}";
initialize = true;
paths = [
"/var/dkim"
"/var/vmail"
];
"restic-scheduled-backup" = {
wantedBy = [ "timers.target" ];
partOf = [ "restic-scheduled-backup.service" ];
timerConfig = {
OnCalendar = [ "daily" ];
OnCalendar = "daily";
};
};
user = "restic";
pruneOpts = [
"--keep-daily 5"
];
};
};
users.users.restic = {
isNormalUser = false;
isSystemUser = true;
};
environment.etc."restic/resticPasswd".text = ''
${cfg.resticPassword}
'';
environment.etc."restic/s3Passwd".text = ''
AWS_ACCESS_KEY_ID=${cfg.backblaze.accountId}
AWS_SECRET_ACCESS_KEY=${cfg.backblaze.accountKey}
'';
}

View file

@ -14,6 +14,12 @@ in
CLOUDFLARE_DNS_API_TOKEN=${cfg.cloudflare.apiKey}
CLOUDFLARE_ZONE_API_TOKEN=${cfg.cloudflare.apiKey}
'';
rcloneConfiguration = builtins.replaceStrings [ "\n" "\"" "\\" ] [ "\\n" "\\\"" "\\\\" ] ''
[backblaze]
type = b2
account = ${cfg.backblaze.accountId}
key = ${cfg.backblaze.accountKey}
'';
in
[
"d /var/restic 0660 restic - - -"
@ -28,5 +34,6 @@ in
"f /var/nextcloud-db-pass 0440 nextcloud nextcloud - ${nextcloudDBPass}"
"f /var/nextcloud-admin-pass 0440 nextcloud nextcloud - ${nextcloudAdminPass}"
"f /var/cloudflareCredentials.ini 0440 nginx acmerecievers - ${cloudflareCredentials}"
"f /root/.config/rclone/rclone.conf 0666 selfprivacy-api selfprivacy-api - ${rcloneConfiguration}"
];
}