forked from M-Labs/it-infra
70 lines
2.0 KiB
Nix
70 lines
2.0 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
with lib;
|
|
let
|
|
excludePaths = [
|
|
"/var/lib/gitea/repositories/*/*.git/archives"
|
|
"/var/lib/gitea/data/repo-archive"
|
|
"/var/lib/gitea/data/indexers"
|
|
"/var/vmail/m-labs.hk/js"
|
|
"/var/lib/afws/.cache"
|
|
"/var/lib/mattermost/data/2019*"
|
|
"/var/lib/mattermost/data/2020*"
|
|
"/var/lib/mattermost/data/2021*"
|
|
"/var/lib/mattermost/data/2022*"
|
|
];
|
|
makeBackup = pkgs.writeScript "make-backup" ''
|
|
#!${pkgs.bash}/bin/bash
|
|
|
|
set -e
|
|
umask 0077
|
|
|
|
FILENAME=backup-`date +%F`.tar.bz2.gpg
|
|
|
|
DBDUMPDIR=`mktemp -d`
|
|
pushd $DBDUMPDIR
|
|
|
|
${config.services.mysql.package}/bin/mysqldump --user=root --single-transaction flarum > flarum.sql
|
|
${pkgs.sudo}/bin/sudo -u mattermost ${config.services.postgresql.package}/bin/pg_dump mattermost > mattermost.sql
|
|
${pkgs.sudo}/bin/sudo -u rt ${config.services.postgresql.package}/bin/pg_dump rt5 > rt.sql
|
|
|
|
${pkgs.gnutar}/bin/tar cf - ${lib.concatMapStringsSep " " (p: "--exclude \"${p}\"") excludePaths} /etc/nixos /var/vmail /var/lib/hedgedoc /var/lib/gitea /var/lib/afws /var/lib/mattermost/data flarum.sql mattermost.sql rt.sql | \
|
|
${pkgs.bzip2}/bin/bzip2 | \
|
|
${pkgs.gnupg}/bin/gpg --symmetric --batch --passphrase-file /etc/nixos/secret/backup-passphrase > /home/backupdl/$FILENAME
|
|
|
|
popd
|
|
rm -rf $DBDUMPDIR
|
|
|
|
chown backupdl.users /home/backupdl/$FILENAME
|
|
|
|
echo Backup done
|
|
'';
|
|
cfg = config.services.mlabs-backup;
|
|
in
|
|
{
|
|
options.services.mlabs-backup = {
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = "Enable backups";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.services.mlabs-backup = {
|
|
description = "M-Labs backup";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
User = "root";
|
|
Group = "root";
|
|
ExecStart = "${makeBackup}";
|
|
};
|
|
};
|
|
|
|
systemd.timers.mlabs-backup = {
|
|
description = "M-Labs backup";
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig.OnCalendar = "tuesday,friday *-*-* 08:00:00";
|
|
};
|
|
};
|
|
}
|