will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1
dots/modules/nixos/features/borgbackup-srv.nix
wi11-holdsworth 12892f3ffb change srv backup local repo to new drive
2025-09-08 17:54:00 +10:00

105 lines
2.3 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}:
let
feature = "borgbackup-srv";
secret = "borgbackup";
notify =
{
tag,
msg,
location,
}:
''
${pkgs.curl}/bin/curl -H "X-Tags: ${tag},BorgBackup,Server,${location}" -d "${msg}" ${config.services.ntfy-sh.settings.base-url}/backups
'';
notifySuccess =
location:
notify {
tag = "tada";
msg = "Backup succeeded";
inherit location;
};
notifyFailure =
location:
notify {
tag = "rotating_light";
msg = "Backup failed, check logs";
inherit location;
};
in
{
config = lib.mkIf config.${feature}.enable {
services.borgbackup.jobs =
let
srv = location: {
paths = [
"/srv"
"/home/srv/.config/syncthing"
"/home/srv/Sync"
];
compression = "auto,zstd";
startAt = "*-*-* 04:00:00 Australia/Melbourne";
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
};
postHook = ''
if [ $exitStatus -eq 0 ]; then
${notifySuccess location}
else
${notifyFailure location}
fi
'';
};
in
{
onsite = srv "onsite" // {
repo = "/backup/repo";
encryption.mode = "repokey-blake2";
encryption.passCommand = "cat ${config.age.secrets.borgbackup-server-onsite.path}";
};
offsite = srv "offsite" // {
repo = "vuc5c3xq@vuc5c3xq.repo.borgbase.com:repo";
encryption.mode = "repokey-blake2";
encryption.passCommand = "cat ${config.age.secrets.borgbackup-server-offsite.path}";
environment.BORG_RSH = "ssh -i /home/srv/.ssh/id_ed25519";
};
};
# onsite drive
services.udisks2.enable = true;
fileSystems."/backup" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
};
# secrets
age.secrets = {
"${secret}-server-onsite" = {
file = ../../../secrets/${secret}-server-onsite.age;
};
"${secret}-server-offsite" = {
file = ../../../secrets/${secret}-server-offsite.age;
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}
Reference in a new issue View git blame Copy permalink