From 18a40b49e3efb868f8e656133a6b36333bffbaf6 Mon Sep 17 00:00:00 2001 From: Ryan Yin Date: Thu, 8 Feb 2024 21:46:05 +0800 Subject: [PATCH] feat: restic drafts --- hosts/idols_aquamarine/default.nix | 1 + hosts/idols_kana/README.md | 10 ++-- hosts/idols_ruby/README.md | 8 +++ hosts/idols_ruby/default.nix | 4 ++ hosts/idols_ruby/restic.nix | 79 ++++++++++++++++++++++++++++++ 5 files changed, 96 insertions(+), 6 deletions(-) create mode 100644 hosts/idols_ruby/README.md create mode 100644 hosts/idols_ruby/restic.nix diff --git a/hosts/idols_aquamarine/default.nix b/hosts/idols_aquamarine/default.nix index 9c6881a4..c60eefdf 100644 --- a/hosts/idols_aquamarine/default.nix +++ b/hosts/idols_aquamarine/default.nix @@ -10,6 +10,7 @@ let in { imports = [ ./router.nix + ./dae.nix ]; # Enable binfmt emulation of aarch64-linux, this is required for cross compilation. diff --git a/hosts/idols_kana/README.md b/hosts/idols_kana/README.md index f77753bd..148072d8 100644 --- a/hosts/idols_kana/README.md +++ b/hosts/idols_kana/README.md @@ -4,11 +4,9 @@ TODO: use kana for various services. Services: -1. restic(backup file from homelab to NAS, or from NAS to Cloud) -2. synthing(sync file between android/macbook/PC and NAS) -4. dashy(homepage) +4. dashy: Homepage 3. ddns -4. aria2ng & transmission(file downloading) -5. uptime-kuma(uptime monitoring) -7. Alist(file browser for local/SMB/Cloud) +4. aria2ng & transmission: File downloading +5. uptime-kuma: uptime monitoring +7. Alist: File browser for local/SMB/Cloud 8. excalidraw/DDTV/owncast/jitsi-meet/... diff --git a/hosts/idols_ruby/README.md b/hosts/idols_ruby/README.md new file mode 100644 index 00000000..a85a4305 --- /dev/null +++ b/hosts/idols_ruby/README.md @@ -0,0 +1,8 @@ +# Idols - Ruby + +TODO: use kana for backup / sync my personal data. +For safety, those data should be encrypted before sending to the cloud or my NAS. + +1. restic: Backup file from homelab to NAS, or from NAS to Cloud +2. synthing: Sync file between android/macbook/PC and NAS + diff --git a/hosts/idols_ruby/default.nix b/hosts/idols_ruby/default.nix index 1e9ee92b..4301f3f2 100644 --- a/hosts/idols_ruby/default.nix +++ b/hosts/idols_ruby/default.nix @@ -8,6 +8,10 @@ let hostName = "ruby"; # Define your hostname. hostAddress = vars_networking.hostAddress.${hostName}; in { + imports = [ + ./restic.nix + ]; + # Enable binfmt emulation of aarch64-linux, this is required for cross compilation. boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"]; # supported file systems, so we can mount any removable disks with these filesystems diff --git a/hosts/idols_ruby/restic.nix b/hosts/idols_ruby/restic.nix new file mode 100644 index 00000000..f58ab2ec --- /dev/null +++ b/hosts/idols_ruby/restic.nix @@ -0,0 +1,79 @@ +{pkgs, ...}: { + # https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/backup/restic.nix + services.restic.backups = { + homelab-backup = { + initialize = true; # Initialize the repository if it doesn't exist. + passwordFile = "/etc/agenix/restic-password"; + repository = "rclone:smb-downloads:/Downloads/proxmox-backup/"; # backup to a rclone remote + + # rclone related + # rcloneOptions = { + # bwlimit = "100M"; # Limit the bandwidth used by rclone. + # }; + rcloneConfigFile = "/etc/agenix/rclone-conf-for-restic-backup"; + + # Which local paths to backup, in addition to ones specified via `dynamicFilesFrom`. + paths = [ + "/tmp/restic-backup-temp" + ]; + # + # A script that produces a list of files to back up. The + # results of this command are given to the '--files-from' + # option. The result is merged with paths specified via `paths`. + # dynamicFilesFrom = "find /home/matt/git -type d -name .git"; + # + # Patterns to exclude when backing up. See + # https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files + # for details on syntax. + exclude = []; + + # A script that must run before starting the backup process. + backupPrepareCommand = '' + ${pkgs.nushell}/bin/nu -c ' + let pve_nodes = [ + # proxmox cluster's nodes + "um560" + "gtr5" + "s500plus" + + # others + "kana" + ] + + pve_nodes | each {|it| + rsync -avz \ + -e "ssh -i /etc/agenix/ssh-key-for-restic-backup" \ + $"($it):/var/lib/vz" $"/tmp/restic-backup-temp/($it)" + } + ' + ''; + # A script that must run after finishing the backup process. + backupCleanupCommand = "rm -rf /tmp/restic-backup-temp"; + + # Extra extended options to be passed to the restic --option flag. + # extraOptions = []; + + # Extra arguments passed to restic backup. + # extraBackupArgs = [ + # "--exclude-file=/etc/agenix/restic-excludes" + # ]; + + # repository = "/mnt/backup-hdd"; # backup to a local directory + # When to run the backup. See {manpage}`systemd.timer(5)` for details. + timerConfig = { + OnCalendar = "01:30"; + RandomizedDelaySec = "1h"; + }; + # A list of options (--keep-* et al.) for 'restic forget --prune', + # to automatically prune old snapshots. + # The 'forget' command is run *after* the 'backup' command, so + # keep that in mind when constructing the --keep-* options. + pruneOpts = [ + "--keep-daily 3" + "--keep-weekly 3" + "--keep-monthly 3" + "--keep-yearly 3" + ]; + }; + }; +}