maxwell/jobs.nix

165 lines
4.0 KiB
Nix
Raw Normal View History

2020-10-20 01:11:28 +02:00
{ config, pkgs, lib, ... }:
with lib;
{
2022-10-18 18:24:45 +02:00
systemd.services."notify-failed@" = {
description = "notify that %i has failed";
scriptArgs = "%i";
path = [ pkgs.maxwell-notify ];
script = ''
unit=$1
notify "$unit: failed. last log lines:"
journalctl -u "$unit" -o cat -n 15 | notify
'';
};
2022-10-12 10:52:40 +02:00
systemd.services.ydns = {
2020-10-20 01:11:28 +02:00
description = "update ydns address record";
after = [ "network-online.target" ];
startAt = "*:0/30";
serviceConfig.Type = "oneshot";
2021-09-29 17:20:23 +02:00
serviceConfig.environmentFile = config.secrets.environments.ydns;
2020-10-20 01:11:28 +02:00
path = with pkgs; [ curl cacert gawk iproute ];
environment = {
YDNS_HOST = config.var.hostname;
CURL_CA_BUNDLE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
script = ''
update() {
ret=$(curl -$1 --basic --silent \
-u "$YDNS_USER:$YDNS_PASSWD" \
"https://ydns.io/api/v1/update/?host=$YDNS_HOST&ip=$2" || exit 0)
case "$ret" in
ok)
echo "updated successfully: $YDNS_HOST ($2)"
;;
badauth)
echo "updated failed: $YDNS_HOST (authentication failed)"
;;
*)
echo "update failed: $YDNS_HOST ($ret)"
;;
esac
}
update 4 "$(curl -s -4 https://ydns.io/api/v1/ip)"
update 6 "$(ip addr show mngtmpaddr | awk '/inet6/{print $2; exit}' | cut -d/ -f1)"
'';
2022-10-12 10:52:40 +02:00
};
2020-10-20 01:11:28 +02:00
2023-07-11 12:15:05 +02:00
systemd.mounts = lib.singleton
{
description = "backup NFS volume";
after = [ "network-online.target" ];
what = "192.168.1.3:/maxwell";
where = "/mnt/backup";
type = "nfs";
options = "nolock";
};
2020-10-20 01:11:28 +02:00
2022-10-12 10:52:40 +02:00
systemd.services.backup =
let
2023-07-11 12:15:05 +02:00
saved = pkgs.writeText "backup-saved" ''
2022-10-12 10:52:40 +02:00
/etc/lvm
/var/lib
/home
'';
2020-10-20 01:11:28 +02:00
2023-07-11 12:15:05 +02:00
excluded = pkgs.writeText "backup-excluded" ''
2022-10-12 10:52:40 +02:00
/var/lib/systemd
/var/lib/udisks2
/var/lib/postgresql
/var/lib/matrix-synapse/media_store/url_cache
/var/lib/matrix-synapse/media_store/url_cache_thumbnails
'';
2020-10-20 01:11:28 +02:00
2022-10-12 10:52:40 +02:00
in {
description = "system backup";
2023-07-11 12:15:05 +02:00
after = [ "network-online.target" "mnt-backup.mount" ];
bindsTo = [ "mnt-backup.mount" ];
2022-10-18 18:24:45 +02:00
startAt = "*-*-* 03:00"; # every day at 3:00
onFailure = [ "notify-failed@backup.service" ];
2020-10-20 01:11:28 +02:00
2022-10-12 10:52:40 +02:00
serviceConfig = {
Type = "oneshot";
PrivateTmp = true;
LimitNOFILE = 65536;
};
2020-10-20 01:11:28 +02:00
2022-10-12 10:52:40 +02:00
environment.BUP_DIR = "/mnt/backup";
path = with pkgs; [ bup git nfs-utils sudo gzip postgresql ];
2020-10-20 01:11:28 +02:00
2022-10-12 10:52:40 +02:00
script = ''
# mount repository
mkdir -p "$BUP_DIR"
# init backup
! test -e $BUP_DIR/bupindex && bup init
# build indices and save
while read -r dir; do
name=$(basename "$dir")
echo indexing $name...
2023-07-11 12:15:05 +02:00
bup index "$dir" --exclude-from="${excluded}"
2022-10-12 10:52:40 +02:00
echo done
echo saving $name...
bup save -n "$name" "$dir"
echo done
2023-07-11 12:15:05 +02:00
done < "${saved}"
2022-10-12 10:52:40 +02:00
# postgresql backup
dir=/tmp/postgresql
mkdir -p "$dir"
echo dumping databases...
sudo -u postgres pg_dumpall | gzip > "$dir"/db.bak
echo done
echo saving...
bup index "$dir"
bup save -n postgresql "$dir" --strip-path=/tmp
echo done
2022-10-18 00:08:58 +02:00
2023-07-11 12:15:05 +02:00
# prune backups every week
if test $(( $(date +%s) / 86400 % 7 )) -eq 0; then
echo pruning...
bup prune-older --keep-all-for 6m --keep-monthlies-for 2y --unsafe
echo done
fi
2020-10-20 01:11:28 +02:00
'';
2022-10-12 10:52:40 +02:00
};
systemd.services.namecoin-update =
let
userFile = with config.services.namecoind;
pkgs.writeText "namecoin.conf" ''
rpcbind=${rpc.address}
rpcport=${toString rpc.port}
rpcuser=${rpc.user}
rpcpassword=${rpc.password}
'';
in {
description = "update namecoin names";
after = [ "namecoind.service" ];
startAt = "hourly";
2022-10-18 18:24:45 +02:00
onFailure = [ "notify-failed@namecoin-update.service" ];
2022-10-12 10:52:40 +02:00
path = [ pkgs.namecoind ];
serviceConfig.Type = "oneshot";
serviceConfig.ExecStart = "${pkgs.haskellPackages.namecoin-update}/bin/namecoin-update ${userFile}";
};
2020-10-20 01:11:28 +02:00
}