feat(modules/nixos/base,hosts): add btrbk for filesystem backup

2026-01-11 20:40:24 +01:00 · 2024-03-31 15:18:14 +08:00
parent 56015780e0
commit 4da995fa88
5 changed files with 64 additions and 8 deletions
--- a/hosts/12kingdoms-rakushun/disko-fs.nix
+++ b/hosts/12kingdoms-rakushun/disko-fs.nix
@@ -40,10 +40,10 @@
            size = "100%";
            content = {
              type = "luks";
-              name = "crypted";
+              name = "encrypted";
              settings = {
                keyFile = "/dev/disk/by-label/OPI5P_DSC"; # The keyfile is stored on a USB stick
-                # The maxium size of the keyfile is 8192 bytes
+                # The maximum size of the keyfile is 8192 bytes
                keyFileSize = 512 * 64; # match the `bs * count` of the `dd` command
                keyFileOffset = 512 * 128; # match the `bs * skip` of the `dd` command
                fallbackToPassword = true;
@@ -69,8 +69,16 @@
              ];
              content = {
                type = "btrfs";
-                extraArgs = ["-f"];
+                extraArgs = ["-f"]; # Force override existing partition
                subvolumes = {
+                  # mount the top-level subvolume at /btr_pool
+                  # it will be used by btrbk to create snapshots
+                  "/" = {
+                    mountpoint = "/btr_pool";
+                    # btrfs's top-level subvolume, internally has an id 5
+                    # we can access all other subvolumes from this subvolume.
+                    mountOptions = ["subvolid=5"];
+                  };
                  "@nix" = {
                    mountpoint = "/nix";
                    mountOptions = ["compress-force=zstd:1" "noatime"];
--- a/hosts/12kingdoms-suzu/disko-fs.nix
+++ b/hosts/12kingdoms-suzu/disko-fs.nix
@@ -40,10 +40,10 @@
            size = "100%";
            content = {
              type = "luks";
-              name = "crypted";
+              name = "encrypted";
              settings = {
                keyFile = "/dev/disk/by-label/OPI5_DSC"; # The keyfile is stored on a USB stick
-                # The maxium size of the keyfile is 8192 bytes
+                # The maximum size of the keyfile is 8192 bytes
                keyFileSize = 512 * 64; # match the `bs * count` of the `dd` command
                keyFileOffset = 512 * 128; # match the `bs * skip` of the `dd` command
                fallbackToPassword = true;
@@ -69,8 +69,16 @@
              ];
              content = {
                type = "btrfs";
-                extraArgs = ["-f"];
+                extraArgs = ["-f"]; # Force override existing partition
                subvolumes = {
+                  # mount the top-level subvolume at /btr_pool
+                  # it will be used by btrbk to create snapshots
+                  "/" = {
+                    mountpoint = "/btr_pool";
+                    # btrfs's top-level subvolume, internally has an id 5
+                    # we can access all other subvolumes from this subvolume.
+                    mountOptions = ["subvolid=5"];
+                  };
                  "@nix" = {
                    mountpoint = "/nix";
                    mountOptions = ["compress-force=zstd:1" "noatime"];
--- a/hosts/idols-ai/hardware-configuration.nix
+++ b/hosts/idols-ai/hardware-configuration.nix
@@ -45,7 +45,7 @@

  boot.initrd = {
    # unlocked luks devices via a keyfile or prompt a passphrase.
-    luks.devices."crypted-nixos" = {
+    luks.devices."encrypted-nixos" = {
      # NOTE: DO NOT use device name here(like /dev/sda, /dev/nvme0n1p2, etc), use UUID instead.
      # https://github.com/ryan4yin/nix-config/issues/43
      device = "/dev/disk/by-uuid/a21ca82a-9ee6-4e5c-9d3f-a93e84e4e0f4";
@@ -63,6 +63,14 @@
    };
  };

+  fileSystems."/btr_pool" = {
+    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
+    fsType = "btrfs";
+    # btrfs's top-level subvolume, internally has an id 5
+    # we can access all other subvolumes from this subvolume.
+    options = ["subvolid=5"];
+  };
+
  # equal to `mount -t tmpfs tmpfs /`
  fileSystems."/" = {
    device = "tmpfs";
--- a/hosts/k8s/disko-config/kubevirt-disko-fs.nix
+++ b/hosts/k8s/disko-config/kubevirt-disko-fs.nix
@@ -75,8 +75,16 @@
              ];
              content = {
                type = "btrfs";
-                extraArgs = ["-f"];
+                extraArgs = ["-f"]; # Force override existing partition
                subvolumes = {
+                  # mount the top-level subvolume at /btr_pool
+                  # it will be used by btrbk to create snapshots
+                  "/" = {
+                    mountpoint = "/btr_pool";
+                    # btrfs's top-level subvolume, internally has an id 5
+                    # we can access all other subvolumes from this subvolume.
+                    mountOptions = ["subvolid=5"];
+                  };
                  "@nix" = {
                    mountpoint = "/nix";
                    mountOptions = ["compress-force=zstd:1" "noatime"];
--- a/modules/nixos/base/btrbk.nix
+++ b/modules/nixos/base/btrbk.nix
@@ -0,0 +1,24 @@
+{
+  # Tool for creating snapshots and remote backups of btrfs subvolumes
+  # https://github.com/digint/btrbk
+  services.btrbk.instances.btrbk = {
+    # How often this btrbk instance is started. See systemd.time(7) for more information about the format.
+    onCalendar = "daily";
+    settings = {
+      # keep daily snapshots for 14 days
+      snapshot_preserve = "14d";
+      # keep all snapshots for 2 days, no matter how frequently you (or your cron job) run btrbk
+      snapshot_preserve_min = "2d";
+      volume = {
+        "/btr_pool" = {
+          subvolume = {
+            "@persistent" = {
+              snapshot_create = "always";
+            };
+          };
+          target = "/snapshots";
+        };
+      };
+    };
+  };
+}