From 0712e0666f8e1749ffe7e73c5fbc4289d8d9b0ef Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Wed, 12 Oct 2022 10:52:40 +0200 Subject: [PATCH] jobs: rework the backup script --- jobs.nix | 167 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 88 insertions(+), 79 deletions(-) diff --git a/jobs.nix b/jobs.nix index a05c91a..d82d35b 100644 --- a/jobs.nix +++ b/jobs.nix @@ -4,7 +4,7 @@ with lib; { -systemd.services.ydns = { + systemd.services.ydns = { description = "update ydns address record"; after = [ "network-online.target" ]; startAt = "*:0/30"; @@ -42,88 +42,97 @@ systemd.services.ydns = { update 4 "$(curl -s -4 https://ydns.io/api/v1/ip)" update 6 "$(ip addr show mngtmpaddr | awk '/inet6/{print $2; exit}' | cut -d/ -f1)" ''; -}; + }; -systemd.services.backup = { - description = "run system backup"; - after = [ "network-online.target" ]; - startAt = "weekly"; - - serviceConfig.Type = "oneshot"; - - path = with pkgs; [ bup git nfs-utils ]; - - environment.BUP_DIR = "/mnt/backup"; - - script = '' - ${pkgs.fish}/bin/fish << 'EOF' - - set locations \ - /etc/lvm \ - /etc/nixos \ - /var/lib \ + systemd.services.backup = + let + saved = '' + /etc/lvm + /var/lib /home - - set excluded \ - /var/lib/alsa \ - /var/lib/systemd \ - /var/lib/udisks2 \ - /var/lib/udev \ - /var/lib/postgresql - - # mount NFS share - mkdir -p $BUP_DIR - mount.nfs -o nolock 192.168.1.3:/maxwell $BUP_DIR - - # check if properly mounted - if not mountpoint -q $BUP_DIR - echo mount failed! 1>&2 - exit 1 - end - - # init backup - if not test -e $BUP_DIR/bupindex - bup init - end - - # build indices and copy - for i in $locations - eval bup index $i --exclude=(string join " --exclude=" $excluded) - bup save -n (basename $i) $i - end - - # postgresql backup - set dir /var/lib/postgresql-backup - mkdir -p $dir - sudo -u postgres pg_dumpall | gzip > $dir/db.bak - bup index $dir - bup save -n postgresql $dir - rm -rf $dir - - umount /mnt/backup - EOF - ''; -}; - - -systemd.services.namecoin-update = -let - userFile = with config.services.namecoind; - pkgs.writeText "namecoin.conf" '' - rpcbind=${rpc.address} - rpcport=${toString rpc.port} - rpcuser=${rpc.user} - rpcpassword=${rpc.password} ''; -in { - description = "update namecoin names"; - after = [ "namecoind.service" ]; - startAt = "hourly"; - path = [ pkgs.namecoind ]; - serviceConfig.Type = "oneshot"; - serviceConfig.ExecStart = "${pkgs.haskellPackages.namecoin-update}/bin/namecoin-update ${userFile}"; -}; + excluded = '' + /var/lib/systemd + /var/lib/udisks2 + /var/lib/postgresql + /var/lib/matrix-synapse/media_store/url_cache + /var/lib/matrix-synapse/media_store/url_cache_thumbnails + ''; + + in { + description = "system backup"; + after = [ "network-online.target" ]; + startAt = "weekly"; + + serviceConfig = { + Type = "oneshot"; + PrivateTmp = true; + LimitNOFILE = 65536; + }; + + environment.BUP_DIR = "/mnt/backup"; + path = with pkgs; [ bup git nfs-utils sudo gzip postgresql ]; + + script = '' + set -e + + # mount repository + mkdir -p "$BUP_DIR" + mount.nfs -o nolock 192.168.1.3:/maxwell "$BUP_DIR" + + # init backup + ! test -e $BUP_DIR/bupindex && bup init + + # build indices and save + saved=${pkgs.writeText "backup-saved" saved} + excluded=${pkgs.writeText "backup-excluded" excluded} + while read -r dir; do + name=$(basename "$dir") + + echo indexing $name... + bup index "$dir" --exclude-from="$excluded" + echo done + + echo saving $name... + bup save -n "$name" "$dir" + echo done + done < "$saved" + + # postgresql backup + dir=/tmp/postgresql + mkdir -p "$dir" + + echo dumping databases... + sudo -u postgres pg_dumpall | gzip > "$dir"/db.bak + echo done + + echo saving... + bup index "$dir" + bup save -n postgresql "$dir" --strip-path=/tmp + echo done + ''; + }; + + + systemd.services.namecoin-update = + let + userFile = with config.services.namecoind; + pkgs.writeText "namecoin.conf" '' + rpcbind=${rpc.address} + rpcport=${toString rpc.port} + rpcuser=${rpc.user} + rpcpassword=${rpc.password} + ''; + in { + description = "update namecoin names"; + after = [ "namecoind.service" ]; + startAt = "hourly"; + + path = [ pkgs.namecoind ]; + serviceConfig.Type = "oneshot"; + serviceConfig.ExecStart = "${pkgs.haskellPackages.namecoin-update}/bin/namecoin-update ${userFile}"; + }; }