From fda2ea31191ed7a66592b5044e83d5d17b2cbd90 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Sun, 19 May 2024 01:17:45 +0200
Subject: [PATCH] migrate nextcloud and matrix-terranix backup to syncoid

---
 nixos/{machines/chungus => legacy}/sync-script.nix   |  0
 nixos/machines/chungus/configuration.nix             |  1 -
 nixos/machines/chungus/sync-rbackup.nix              | 12 +-----------
 nixos/machines/chungus/sync-syncoid.nix              | 10 ++++++++++
 .../orbi/hardware-configuration/disko-config.nix     | 12 ++++++++++++
 nixos/machines/orbi/media-nextcloud.nix              |  1 +
 nixos/machines/orbi/service-photoprism.nix           |  1 +
 7 files changed, 25 insertions(+), 12 deletions(-)
 rename nixos/{machines/chungus => legacy}/sync-script.nix (100%)

diff --git a/nixos/machines/chungus/sync-script.nix b/nixos/legacy/sync-script.nix
similarity index 100%
rename from nixos/machines/chungus/sync-script.nix
rename to nixos/legacy/sync-script.nix
diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix
index cd1c312..155170f 100644
--- a/nixos/machines/chungus/configuration.nix
+++ b/nixos/machines/chungus/configuration.nix
@@ -38,7 +38,6 @@
     ./telemetry/loki.nix
 
     ./sync-rbackup.nix
-    ./sync-script.nix
     ./sync-syncoid.nix
 
     ./service-atuin.nix
diff --git a/nixos/machines/chungus/sync-rbackup.nix b/nixos/machines/chungus/sync-rbackup.nix
index 238f284..4a936f6 100644
--- a/nixos/machines/chungus/sync-rbackup.nix
+++ b/nixos/machines/chungus/sync-rbackup.nix
@@ -2,13 +2,8 @@
 {
   sops.secrets.rsync_private_key = { };
 
+  # todo : replace all of them with syncoid
   rbackup.plans = {
-    # todo : syncoid
-    nextcloud = {
-      sshKeyPath = config.sops.secrets.rsync_private_key.path;
-      src = "root@orbi:/var/lib/nixos-containers/nextcloud";
-      dst = "/mirror/nextcloud";
-    };
     git = {
       sshKeyPath = config.sops.secrets.rsync_private_key.path;
       src = "root@orbi:/var/lib/forgejo/";
@@ -24,11 +19,6 @@
       src = "root@orbi:/var/lib/bitwarden_rs/";
       dst = "/mirror/vaultwarden";
     };
-    matrix-terranix = {
-      sshKeyPath = config.sops.secrets.rsync_private_key.path;
-      src = "root@orbi:/var/lib/nixos-containers/matrix-terranix";
-      dst = "/mirror/matrix-terranix";
-    };
     radarr = {
       sshKeyPath = config.sops.secrets.rsync_private_key.path;
       src = "root@orbi:/media/arr/radarr";
diff --git a/nixos/machines/chungus/sync-syncoid.nix b/nixos/machines/chungus/sync-syncoid.nix
index 0046017..1451e9e 100644
--- a/nixos/machines/chungus/sync-syncoid.nix
+++ b/nixos/machines/chungus/sync-syncoid.nix
@@ -24,6 +24,16 @@
     };
 
     # remote
+    commands.matrix-terranix = {
+      sshKey = config.sops.secrets.syncoid_private_key.path;
+      source = "root@orbi:zroot/matrix-terranix";
+      target = "zraid/mirror/matrix-terranix"; # should not be created up front!
+    };
+    commands.nextcloud = {
+      sshKey = config.sops.secrets.syncoid_private_key.path;
+      source = "root@orbi:zroot/nextcloud";
+      target = "zraid/mirror/nextcloud"; # should not be created up front!
+    };
     commands.photoprism = {
       sshKey = config.sops.secrets.syncoid_private_key.path;
       source = "root@orbi:zmedia/photoprism";
diff --git a/nixos/machines/orbi/hardware-configuration/disko-config.nix b/nixos/machines/orbi/hardware-configuration/disko-config.nix
index 803c720..ec7074a 100644
--- a/nixos/machines/orbi/hardware-configuration/disko-config.nix
+++ b/nixos/machines/orbi/hardware-configuration/disko-config.nix
@@ -112,6 +112,18 @@ in
               #"com.sun:auto-snapshot:monthly" = false;
             };
           };
+          "matrix-terranix" = {
+            type = "zfs_fs";
+            mountpoint = "/var/lib/nixos-containers/matrix-terranix";
+            options = {
+              mountpoint = "legacy";
+              compression = "lz4";
+              "com.sun:auto-snapshot:hourly" = toString true;
+              "com.sun:auto-snapshot:daily" = toString true;
+              #"com.sun:auto-snapshot:weekly" = false;
+              #"com.sun:auto-snapshot:monthly" = false;
+            };
+          };
         };
       };
 
diff --git a/nixos/machines/orbi/media-nextcloud.nix b/nixos/machines/orbi/media-nextcloud.nix
index 265f44b..4fcf7bf 100644
--- a/nixos/machines/orbi/media-nextcloud.nix
+++ b/nixos/machines/orbi/media-nextcloud.nix
@@ -92,6 +92,7 @@ in
       imports = [ ../../components/monitor/container.nix ];
       components.monitor.container.promtail.port = 3502;
       system.stateVersion = "23.11";
+      services.journald.extraConfig = "SystemMaxUse=1G";
 
       # Configuring nameservers for containers is currently broken.
       # Therefore in some cases internet connectivity can be broken inside the containers.
diff --git a/nixos/machines/orbi/service-photoprism.nix b/nixos/machines/orbi/service-photoprism.nix
index 4e3b920..a1cd78e 100644
--- a/nixos/machines/orbi/service-photoprism.nix
+++ b/nixos/machines/orbi/service-photoprism.nix
@@ -18,6 +18,7 @@ in
       imports = [ ../../components/monitor/container.nix ];
       components.monitor.container.promtail.port = 3503;
       system.stateVersion = "23.11";
+      services.journald.extraConfig = "SystemMaxUse=1G";
 
       # Photoprism
       # ----------