rpqt/flocon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make genepi backups atomic

Browse Source
This commit is contained in:
Romain Paquet
2025-01-31 14:07:54 +01:00
parent b0766743b5
commit bf67b71237
1 changed files with 47 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
hosts/genepi/backup.nix
View File

@@ -7,6 +7,7 @@
let let
storagebox-user = "u422292-sub1"; storagebox-user = "u422292-sub1";
storagebox-host = "${storagebox-user}.your-storagebox.de"; storagebox-host = "${storagebox-user}.your-storagebox.de";
storagebox-nightly-backup-name = "storagebox-nightly";
in in
{ {
environment.systemPackages = [ environment.systemPackages = [
@@ -20,27 +21,52 @@ in
"${storagebox-host}".publicKey = keys.hosts.storagebox-rsa; "${storagebox-host}".publicKey = keys.hosts.storagebox-rsa;
}; };
services.restic.backups = { services.restic.backups."${storagebox-nightly-backup-name}" = {
storagebox-nightly = { initialize = true;
initialize = true; paths = [
paths = [ "/persist"
"/persist" ];
]; exclude = [
passwordFile = config.age.secrets.restic-genepi-storagebox-key.path; "/persist/@backup-snapshot"
repository = "sftp://${storagebox-user}@${storagebox-host}/"; ];
extraOptions = [ passwordFile = config.age.secrets.restic-genepi-storagebox-key.path;
"sftp.command='${pkgs.sshpass}/bin/sshpass -f ${config.age.secrets.restic-genepi-storagebox-password.path} -- ssh ${storagebox-host} -l ${storagebox-user} -s sftp'" repository = "sftp://${storagebox-user}@${storagebox-host}/";
]; extraOptions = [
timerConfig = { "sftp.command='${pkgs.sshpass}/bin/sshpass -f ${config.age.secrets.restic-genepi-storagebox-password.path} -- ssh ${storagebox-host} -l ${storagebox-user} -s sftp'"
OnCalendar = "03:00"; ];
RandomizedDelaySec = "1h"; timerConfig = {
}; OnCalendar = "03:00";
pruneOpts = [ RandomizedDelaySec = "1h";
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
"--keep-yearly 10"
];
}; };
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
"--keep-yearly 10"
];
backupPrepareCommand = ''
set -Eeuxo pipefail
# clean old snapshot
if btrfs subvolume delete /persist/@backup-snapshot; then
echo "WARNING: previous run did not cleanly finish, removing old snapshot"
fi
btrfs subvolume snapshot -r /persist /persist/@backup-snapshot
umount /persist
mount -t btrfs -o subvol=/persist/@backup-snapshot /dev/disk/by-partlabel/disk-main-root /persist
'';
backupCleanupCommand = ''
btrfs subvolume delete /persist/@backup-snapshot
'';
};
systemd.services."restic-backups-${storagebox-nightly-backup-name}" = {
path = with pkgs; [
btrfs-progs
umount
mount
];
serviceConfig.privateMounts = true;
}; };
} }