borg: add exclude parameter and scripts

This commit is contained in:
Ingolf Wagner 2020-09-05 14:37:49 +02:00
parent 7f4b6863d1
commit e268ca6912
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
5 changed files with 47 additions and 3 deletions

View file

@ -8,6 +8,7 @@
authorizedKeys = [ authorizedKeys = [
# todo rename # todo rename
(lib.fileContents <common_secrets/backup/ssh_rsa.pub>) (lib.fileContents <common_secrets/backup/ssh_rsa.pub>)
(lib.fileContents <assets/ssh/card_rsa.pub>)
]; ];
}; };
}; };

View file

@ -7,6 +7,7 @@
authorizedKeys = [ authorizedKeys = [
# todo rename # todo rename
(lib.fileContents <common_secrets/backup/ssh_rsa.pub>) (lib.fileContents <common_secrets/backup/ssh_rsa.pub>)
(lib.fileContents <assets/ssh/card_rsa.pub>)
]; ];
}; };
}; };

View file

@ -4,6 +4,19 @@
backup.dirs = lib.mkOption { backup.dirs = lib.mkOption {
default = [ ]; default = [ ];
type = with lib.types; listOf str; type = with lib.types; listOf str;
description = ''
folders to backup
'';
};
backup.exclude = lib.mkOption {
default = [ ];
type = with lib.types; listOf str;
description = ''
exclude files and folders matching a pattern.
Theses patterns effect all folders in `backup.dirs`.
see man borg pattern for more information
'';
example = [ ".git" "/home/*/.cache" ".stfolder" ];
}; };
}; };
@ -24,7 +37,8 @@
myHostname = config.networking.hostName; myHostname = config.networking.hostName;
setup = server: { setup = server: {
paths = dirs; paths = config.backup.dirs;
exclude = config.backup.exclude;
doInit = true; doInit = true;
repo = "borg@${server}:./${myHostname}"; repo = "borg@${server}:./${myHostname}";
encryption = { encryption = {
@ -32,10 +46,14 @@
# todo rename # todo rename
passCommand = "cat ${toString <secrets/backup/repo>}"; passCommand = "cat ${toString <secrets/backup/repo>}";
}; };
environment.BORG_RSH = environment.BORG_RSH = "ssh -i ${toString <secrets/backup/ssh_rsa>}";
"ssh -i ${toString <secrets/backup/ssh_rsa>}";
compression = "auto,lzma"; compression = "auto,lzma";
startAt = "daily"; startAt = "daily";
prune.keep = {
within = "10d"; # Keep all backups in the last 10 days.
weekly = 8; # Keep 8 additional end of week archives.
monthly = -1; # Keep end of month archive for every month
};
}; };

View file

@ -0,0 +1,20 @@
{ pkgs, lib, ... }: {
environment.systemPackages = let
createScript = command: host: repository:
pkgs.writers.writeBashBin
"borg-${command}-on-${host}-for-${repository}" ''
${pkgs.borgbackup}/bin/borg \
${command} \
--rsh='ssh -i ~/.ssh/card_rsa.pub' borg@${host}.private:${repository}/. \
"$@"
'';
hosts = [ "workhorse" "pepe" ];
repositories = [ "workhorse" "pepe" "sterni" "workout" ];
commands = [ "list" ];
in lib.flatten (map (command:
map
(host: map (repository: createScript command host repository) repositories)
hosts) commands);
}

View file

@ -18,6 +18,7 @@
./nginx.nix ./nginx.nix
./packages.nix ./packages.nix
./borg-jobs.nix ./borg-jobs.nix
./borg-scripts.nix
./sshd-known-hosts-bootup.nix ./sshd-known-hosts-bootup.nix
./sshd-known-hosts-private.nix ./sshd-known-hosts-private.nix
./sshd-known-hosts-public.nix ./sshd-known-hosts-public.nix
@ -29,6 +30,9 @@
]; ];
# default backup excludes
backup.exclude = [ ".git" ".stfolder" ".stversions" ];
# provide overlays # provide overlays
# ----------------- # -----------------
nixpkgs.overlays = [ (import <pkgs>) (import <nix-writers/pkgs>) ]; nixpkgs.overlays = [ (import <pkgs>) (import <nix-writers/pkgs>) ];