218 lines
7.2 KiB
Nix
218 lines
7.2 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: let
|
|
vars = import ../../vars.nix;
|
|
arionPath = "/home/${vars.user}/.setup/hosts/franz/arion";
|
|
cfg = config.virtualisation.arion;
|
|
in {
|
|
# systemd.timers."restic-cron" = {
|
|
# wantedBy = ["timers.target"];
|
|
# timerConfig = {
|
|
# OnBootSec = "1m";
|
|
# OnUnitActiveSec = "1m";
|
|
# Unit = "restic-cron.service";
|
|
# };
|
|
# };
|
|
#
|
|
# systemd.services."restic-cron" = {
|
|
# path = [
|
|
# cfg.docker.client.package
|
|
# cfg.package
|
|
# pkgs.nix
|
|
# pkgs.restic
|
|
# pkgs.autorestic
|
|
# ];
|
|
# script = ''
|
|
# source /etc/profile
|
|
# autorestic -c /home/ghoscht/.autorestic.yml --verbose cron >> /tmp/autorestic.log 2>&1
|
|
# '';
|
|
# serviceConfig = {
|
|
# Type = "oneshot";
|
|
# User = "root";
|
|
# };
|
|
# };
|
|
|
|
services.cron = {
|
|
enable = true;
|
|
systemCronJobs = [
|
|
"*/5 * * * * root . /etc/profile; autorestic -c /home/ghoscht/.autorestic.yml --ci cron"
|
|
];
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [autorestic restic];
|
|
|
|
sops.secrets."autorestic/zfs_key" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."autorestic/ssd_key" = {
|
|
owner = vars.user;
|
|
};
|
|
sops.secrets."autorestic/eustachius_key" = {
|
|
owner = vars.user;
|
|
};
|
|
|
|
sops.templates.".autorestic.yml" = {
|
|
path = "/home/${vars.user}/.autorestic.yml";
|
|
owner = vars.user;
|
|
mode = "0775";
|
|
content = ''
|
|
version: 2
|
|
global:
|
|
forget:
|
|
keep-weekly: 7
|
|
keep-monthly: 12
|
|
locations:
|
|
dashboard:
|
|
from: /storage/dataset/docker/dashboard
|
|
to:
|
|
- zfs
|
|
# - eustachius
|
|
cron: '0 4 * * 0' # Every Sunday at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/dashboard/arion-compose.nix -p ${arionPath}/dashboard/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/dashboard/arion-compose.nix -p ${arionPath}/dashboard/arion-pkgs.nix start
|
|
dns:
|
|
from: /storage/dataset/docker/dns
|
|
to:
|
|
- zfs
|
|
- ssd
|
|
# - eustachius
|
|
cron: '0 4 * * 0' # Every Sunday at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/dns/arion-compose.nix -p ${arionPath}/dns/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/dns/arion-compose.nix -p ${arionPath}/dns/arion-pkgs.nix start
|
|
feed:
|
|
from: /storage/dataset/docker/feed
|
|
to:
|
|
- zfs
|
|
# - eustachius
|
|
cron: '0 4 * * 0' # Every Sunday at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/feed/arion-compose.nix -p ${arionPath}/feed/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/feed/arion-compose.nix -p ${arionPath}/feed/arion-pkgs.nix start
|
|
git:
|
|
from: /storage/dataset/docker/git
|
|
to:
|
|
- zfs
|
|
- ssd
|
|
# - eustachius
|
|
cron: '0 4 * * *' # Every Day at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/git/arion-compose.nix -p ${arionPath}/git/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/git/arion-compose.nix -p ${arionPath}/git/arion-pkgs.nix start
|
|
media:
|
|
from: /storage/dataset/docker/media
|
|
to:
|
|
- zfs
|
|
- ssd
|
|
# - eustachius
|
|
cron: '0 4 * * *' # Every Day at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix start
|
|
nextcloud:
|
|
from: /storage/dataset/docker/nextcloud
|
|
to:
|
|
- zfs
|
|
- ssd
|
|
# - eustachius
|
|
cron: '0 4 * * *' # Every Day at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/nextcloud/arion-compose.nix -p ${arionPath}/nextcloud/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/nextcloud/arion-compose.nix -p ${arionPath}/nextcloud/arion-pkgs.nix start
|
|
smarthome:
|
|
from: /storage/dataset/docker/smarthome
|
|
to:
|
|
- zfs
|
|
# - eustachius
|
|
cron: '0 4 * * 0' # Every Sunday at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/smarthome/arion-compose.nix -p ${arionPath}/smarthome/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/smarthome/arion-compose.nix -p ${arionPath}/smarthome/arion-pkgs.nix start
|
|
passwords:
|
|
from: /storage/dataset/docker/passwords
|
|
to:
|
|
- zfs
|
|
- ssd
|
|
# - eustachius
|
|
cron: '0 4 * * *' # Every Day at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/passwords/arion-compose.nix -p ${arionPath}/passwords/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/passwords/arion-compose.nix -p ${arionPath}/passwords/arion-pkgs.nix start
|
|
matrix:
|
|
from: /storage/dataset/docker/matrix
|
|
to:
|
|
- zfs
|
|
# - eustachius
|
|
cron: '0 4 * * 0' # Every Sunday at 4:00
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/matrix/arion-compose.nix -p ${arionPath}/matrix/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/matrix/arion-compose.nix -p ${arionPath}/matrix/arion-pkgs.nix start
|
|
# music:
|
|
# from: /storage/dataset/data/media/music
|
|
# to:
|
|
# - eustachius
|
|
# cron: '0 4 * * 0' # Every Sunday at 4:00
|
|
# hooks:
|
|
# before:
|
|
# - arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix stop
|
|
# after:
|
|
# - arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix start
|
|
headscale:
|
|
from: /storage/dataset/docker/headscale
|
|
to:
|
|
- zfs
|
|
cron: '55 3 * * *' # Every Day at 3:55
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/headscale/arion-compose.nix -p ${arionPath}/headscale/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/headscale/arion-compose.nix -p ${arionPath}/headscale/arion-pkgs.nix start
|
|
auth:
|
|
from: /storage/dataset/docker/auth
|
|
to:
|
|
- zfs
|
|
- ssd
|
|
# - eustachius
|
|
cron: '55 3 * * *' # Every Day at 3:55
|
|
hooks:
|
|
before:
|
|
- arion -f ${arionPath}/auth/arion-compose.nix -p ${arionPath}/auth/arion-pkgs.nix stop
|
|
after:
|
|
- arion -f ${arionPath}/auth/arion-compose.nix -p ${arionPath}/auth/arion-pkgs.nix start
|
|
backends:
|
|
zfs:
|
|
type: local
|
|
path: /storage/dataset/backups
|
|
key: '${config.sops.placeholder."autorestic/zfs_key"}'
|
|
ssd:
|
|
type: local
|
|
path: /home/ghoscht/Backups
|
|
key: '${config.sops.placeholder."autorestic/ssd_key"}'
|
|
# eustachius:
|
|
# type: rest
|
|
# path: http://100.64.0.3:8000/Backups
|
|
# key: '${config.sops.placeholder."autorestic/eustachius_key"}'
|
|
'';
|
|
};
|
|
}
|