restic: fix backup

2020-04-29 21:32:54 +02:00 · 2020-04-29 21:32:54 +02:00 · 9a82b633f1
commit 9a82b633f1
parent 0a01174657
4 changed files with 20 additions and 30 deletions
--- a/configs/pepe/configuration.nix
+++ b/configs/pepe/configuration.nix
@ -15,7 +15,6 @@
  ];

  networking.hostName = "pepe";
-  services.printing.enable = false;

  # fonts
  # -----
@ -39,5 +38,8 @@
    balance = false;
  };

+  services.printing.enable = false;
+  services.smartd.enable = true;
+
 }

--- a/configs/workhorse/configuration.nix
+++ b/configs/workhorse/configuration.nix
@ -40,6 +40,12 @@

  networking.hostName = "workhorse";

+  # font
+  # ----
+  programs.custom.urxvt.fontSize = 17;
+  programs.custom.xterm.fontSize = 17;
+  system.custom.fonts.dpi = 140;
+
  # enable initrd ssh
  configuration.init-ssh = {
    enable = "enabled";
@ -56,34 +62,9 @@
    balance = false;
  };

-  security.wrappers = {
-    pmount.source = "${pkgs.pmount}/bin/pmount";
-    pumount.source = "${pkgs.pmount}/bin/pumount";
-  };
-
-  services.logind.lidSwitch = lib.mkForce "ignore";
-  system.custom.x11.enable = lib.mkForce false;
-  programs.custom.steam.enable = false;
-  programs.custom.video.enable = false;
-
-  # font
-  # ----
-  programs.custom.urxvt.fontSize = 17;
-  programs.custom.xterm.fontSize = 17;
-  system.custom.fonts.dpi = 140;
-
-  services.printing.enable = true;
-  nix.useSandbox = true;
-
-  virtualisation = {
-    docker.enable = true;
-    #virtualbox = {
-    #  host.enable = true;
-    #  guest.x11 = true;
-    #  guest.enable = true;
-    #};
-  };
+  virtualisation = { docker.enable = false; };

+  services.printing.enable = false;
  services.smartd.enable = true;

 }
--- a/system/all/restic.nix
+++ b/system/all/restic.nix
@ -19,7 +19,7 @@
    setup = server: {
      enable = lib.mkDefault true;
      passwordFile = toString <secrets/backup/restic-repo>;
-      repo = "sftp::backup/remote-${config.networking.hostName}";
+      repo = "sftp::remote/remote-${config.networking.hostName}";
      requires = [ ];
      extraArguments = [
        "sftp.command='ssh backup@${server} -i ${
@ -52,6 +52,13 @@
    backup.services.restic = lib.zipAttrsWith (name: vals: lib.head vals)
      (map (server: { "on-${server}" = setup server; }) servers);

+    systemd.services = let
+      timeoutConfig = server: {
+        name = "backup.on-${server}";
+        value = { serviceConfig.TimeoutSec = 30 * 60; };
+      };
+    in builtins.listToAttrs (map timeoutConfig servers);
+
    environment.etc."info/restic-${hostname}.json" = {
      enable = true;
      text = builtins.toJSON (map infoEntry servers);
--- a/system/all/sftp-user.nix
+++ b/system/all/sftp-user.nix
@ -6,7 +6,7 @@
    "backup" = {
      enable = true;
      initialize = true;
-      home = toString /backup/remote/backup;
+      home = toString /backup/remote;
      authorizedKeys.keyFiles =
        [ (toString <common_secrets/backup/sftp-user_rsa.pub>) ]
        ++ config.users.users.root.openssh.authorizedKeys.keyFiles;