Compare commits

...

4 commits

Author SHA1 Message Date
Update Bot
b8a24dfc2f
flake.lock: Update
Flake lock file updates:

• Updated input 'attic':
    'github:zhaofengli/attic/48c8b395bfbc6b76c7eae74df6c74351255a095c' (2024-10-30)
  → 'github:zhaofengli/attic/47752427561f1c34debb16728a210d378f0ece36' (2024-11-10)
• Updated input 'disko':
    'github:nix-community/disko/380847d94ff0fedee8b50ee4baddb162c06678df' (2024-11-03)
  → 'github:nix-community/disko/486250f404f4a4f4f33f8f669d83ca5f6e6b7dfc' (2024-11-10)
• Updated input 'florp-about':
    'git+https://woof.rip/florp/about.git?ref=refs/heads/main&rev=1845276697adca236be3e7a983238d2a2d0d57b5' (2024-11-09)
  → 'git+https://woof.rip/florp/about.git?ref=refs/heads/main&rev=2f1130b23576a403b9b1d70d6431649bfa044621' (2024-11-10)
• Updated input 'home-manager':
    'github:nix-community/home-manager/8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661' (2024-11-03)
  → 'github:nix-community/home-manager/60bb110917844d354f3c18e05450606a435d2d10' (2024-11-10)
• Updated input 'nixos-hardware':
    'github:nixos/nixos-hardware/f6e0cd5c47d150c4718199084e5764f968f1b560' (2024-11-02)
  → 'github:nixos/nixos-hardware/e1cc1f6483393634aee94514186d21a4871e78d7' (2024-11-06)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/7ffd9ae656aec493492b44d0ddfb28e79a1ea25d' (2024-11-02)
  → 'github:nixos/nixpkgs/76612b17c0ce71689921ca12d9ffdc9c23ce40b2' (2024-11-09)
• Updated input 'nixvim':
    'github:nix-community/nixvim/6f210158b03b01a1fd44bf3968165e6da80635ce' (2024-11-02)
  → 'github:nix-community/nixvim/57068f532d5d42601fd74e2b531204fe1cd3a8f2' (2024-11-10)
• Updated input 'nixvim/git-hooks':
    'github:cachix/git-hooks.nix/af8a16fe5c264f5e9e18bcee2859b40a656876cf' (2024-10-30)
  → 'github:cachix/git-hooks.nix/d70155fdc00df4628446352fc58adc640cd705c2' (2024-11-05)
• Updated input 'nixvim/nix-darwin':
    'github:lnl7/nix-darwin/683d0c4cd1102dcccfa3f835565378c7f3cbe05e' (2024-11-01)
  → 'github:lnl7/nix-darwin/5c74ab862c8070cbf6400128a1b56abb213656da' (2024-11-09)
• Updated input 'nixvim/nuschtosSearch':
    'github:NuschtOS/search/9e22bd742480916ff5d0ab20ca2522eaa3fa061e' (2024-11-02)
  → 'github:NuschtOS/search/ef493352f9e1f051e01a55c062731503a6b36b4e' (2024-11-08)
• Updated input 'nixvim/nuschtosSearch/ixx':
    'github:NuschtOS/ixx/65c207c92befec93e22086da9456d3906a4e999c' (2024-10-21)
  → 'github:NuschtOS/ixx/9fd01aad037f345350eab2cd45e1946cc66da4eb' (2024-10-26)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/e9b5eef9b51cdf966c76143e13a9476725b2f760' (2024-11-03)
  → 'github:Mic92/sops-nix/f1675e3b0e1e663a4af49be67ecbc9e749f85eb7' (2024-11-10)
• Updated input 'stylix':
    'github:danth/stylix/04afcfc0684d9bbb24bb1dc77afda7c1843ec93b' (2024-10-26)
  → 'github:danth/stylix/6863412636c8f2cb3b7360f747fbd020fbfddf68' (2024-11-08)
• Updated input 'stylix/tinted-foot':
    'github:tinted-theming/tinted-foot/eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce' (2023-10-08)
  → 'github:tinted-theming/tinted-foot/fd1b924b6c45c3e4465e8a849e67ea82933fcbe4' (2024-09-21)
2024-11-11 13:06:18 +01:00
30665c65aa
update-nixfiles: fix eval check 2024-11-11 13:06:18 +01:00
6eb2393d7e
flake.lock: Update
Flake lock file updates:

• Updated input 'florp-about':
    'git+https://woof.rip/florp/about.git?ref=refs/heads/main&rev=1d3098ad7775426c092a5bd13498d98a8b02b116' (2024-11-09)
  → 'git+https://woof.rip/florp/about.git?ref=refs/heads/main&rev=1845276697adca236be3e7a983238d2a2d0d57b5' (2024-11-09)
2024-11-11 13:06:17 +01:00
4c2f141db5
akkoma: Create backups from database dump 2024-11-11 13:06:13 +01:00
4 changed files with 86 additions and 66 deletions

View file

@ -1,4 +1,4 @@
{ lib, ... }: { { lib, config, pkgs, ... }: {
imports = [ imports = [
../../common ../../common
../../profiles/headless.nix ../../profiles/headless.nix
@ -13,7 +13,9 @@
}; };
kyouma.nginx.defaultForbidden = "florp.social"; kyouma.nginx.defaultForbidden = "florp.social";
kyouma.restic = { kyouma.restic = let
pgBackup = "/var/cache/postgresql.sql";
in {
enable = true; enable = true;
remoteUser = "zh3485s1"; remoteUser = "zh3485s1";
timerConfig = { timerConfig = {
@ -22,9 +24,20 @@
}; };
paths = [ paths = [
"/var/lib/akkoma" "/var/lib/akkoma"
"/var/lib/postgresql"
"/var/lib/secrets" "/var/lib/secrets"
pgBackup
]; ];
backupPrepareCommand = ''
umask 0077
rm -f -- ${pgBackup}
${pkgs.su}/bin/su -c '${lib.getExe' config.services.postgresql.package "pg_dumpall"}' \
${config.services.postgresql.superUser} >${pgBackup}
'';
backupCleanupCommand = ''
rm -f -- ${pgBackup}
'';
}; };
systemd.network.networks."98-eth-default" = { systemd.network.networks."98-eth-default" = {
address = [ address = [

View file

@ -12,11 +12,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1730257295, "lastModified": 1731270564,
"narHash": "sha256-OQl+aAsKiyygvpzck1u0sZf/R4T9zM903CgNDFmmzA8=", "narHash": "sha256-6KMC/NH/VWP5Eb+hA56hz0urel3jP6Y6cF2PX6xaTkk=",
"owner": "zhaofengli", "owner": "zhaofengli",
"repo": "attic", "repo": "attic",
"rev": "48c8b395bfbc6b76c7eae74df6c74351255a095c", "rev": "47752427561f1c34debb16728a210d378f0ece36",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -156,11 +156,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730675461, "lastModified": 1731274291,
"narHash": "sha256-Mhqz3p/HEiI/zxBJWO57LYQf6gGlJB0tci6fiVXLjd8=", "narHash": "sha256-cZ0QMpv5p2a6WEE+o9uu0a4ma6RzQDOQTbm7PbixWz8=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "380847d94ff0fedee8b50ee4baddb162c06678df", "rev": "486250f404f4a4f4f33f8f669d83ca5f6e6b7dfc",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -437,11 +437,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1731185407, "lastModified": 1731279732,
"narHash": "sha256-4LdV+ZK7slyONezfW3aZmBuTt4lnxBTmREemBW7VBtk=", "narHash": "sha256-eZllHPzbjvTNrzImqtDrs0k1LsIIeTlp8MMN9SxMvvE=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "1d3098ad7775426c092a5bd13498d98a8b02b116", "rev": "2f1130b23576a403b9b1d70d6431649bfa044621",
"revCount": 6, "revCount": 8,
"type": "git", "type": "git",
"url": "https://woof.rip/florp/about.git" "url": "https://woof.rip/florp/about.git"
}, },
@ -503,11 +503,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730302582, "lastModified": 1730814269,
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=", "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf", "rev": "d70155fdc00df4628446352fc58adc640cd705c2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -562,11 +562,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730633670, "lastModified": 1731235328,
"narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", "narHash": "sha256-NjavpgE9/bMe/ABvZpyHIUeYF1mqR5lhaep3wB79ucs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", "rev": "60bb110917844d354f3c18e05450606a435d2d10",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -613,16 +613,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1729544999, "lastModified": 1729958008,
"narHash": "sha256-YcyJLvTmN6uLEBGCvYoMLwsinblXMkoYkNLEO4WnKus=", "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
"owner": "NuschtOS", "owner": "NuschtOS",
"repo": "ixx", "repo": "ixx",
"rev": "65c207c92befec93e22086da9456d3906a4e999c", "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NuschtOS", "owner": "NuschtOS",
"ref": "v0.0.5", "ref": "v0.0.6",
"repo": "ixx", "repo": "ixx",
"type": "github" "type": "github"
} }
@ -713,11 +713,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730448474, "lastModified": 1731153869,
"narHash": "sha256-qE/cYKBhzxHMtKtLK3hlSR3uzO1pWPGLrBuQK7r0CHc=", "narHash": "sha256-3Ftf9oqOypcEyyrWJ0baVkRpvQqroK/SVBFLvU3nPuc=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "683d0c4cd1102dcccfa3f835565378c7f3cbe05e", "rev": "5c74ab862c8070cbf6400128a1b56abb213656da",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -815,11 +815,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1730537918, "lastModified": 1730919458,
"narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=", "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "f6e0cd5c47d150c4718199084e5764f968f1b560", "rev": "e1cc1f6483393634aee94514186d21a4871e78d7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -946,11 +946,11 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1730531603, "lastModified": 1731139594,
"narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -977,11 +977,11 @@
"treefmt-nix": "treefmt-nix_2" "treefmt-nix": "treefmt-nix_2"
}, },
"locked": { "locked": {
"lastModified": 1730569492, "lastModified": 1731281996,
"narHash": "sha256-NByr7l7JetL9kIrdCOcRqBu+lAkruYXETp1DMiDHNQs=", "narHash": "sha256-xdNFY/wcs8i9qluVbTAVh5JLlhI/r4JJfXb0yfEj1Ks=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "6f210158b03b01a1fd44bf3968165e6da80635ce", "rev": "57068f532d5d42601fd74e2b531204fe1cd3a8f2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1000,11 +1000,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730515563, "lastModified": 1731060242,
"narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=", "narHash": "sha256-43yLsOm/wxBbfYSNDWVJeVv5Ij+23X3BIjFUfsdx/6M=",
"owner": "NuschtOS", "owner": "NuschtOS",
"repo": "search", "repo": "search",
"rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e", "rev": "ef493352f9e1f051e01a55c062731503a6b36b4e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1059,11 +1059,11 @@
"nixpkgs-stable": "nixpkgs-stable_2" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1730605784, "lastModified": 1731213149,
"narHash": "sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc=", "narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "e9b5eef9b51cdf966c76143e13a9476725b2f760", "rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1093,11 +1093,11 @@
"tinted-tmux": "tinted-tmux" "tinted-tmux": "tinted-tmux"
}, },
"locked": { "locked": {
"lastModified": 1729963473, "lastModified": 1731090365,
"narHash": "sha256-uGjTjvvlGQfQ0yypVP+at0NizI2nrb6kz4wGAqzRGbY=", "narHash": "sha256-ti3gXhgVpIUL/7w6zDJuH+hOnyTZqxrIX/yYqALmiEI=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "04afcfc0684d9bbb24bb1dc77afda7c1843ec93b", "rev": "6863412636c8f2cb3b7360f747fbd020fbfddf68",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1169,16 +1169,17 @@
"tinted-foot": { "tinted-foot": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1696725948, "lastModified": 1726913040,
"narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=", "narHash": "sha256-+eDZPkw7efMNUf3/Pv0EmsidqdwNJ1TaOum6k7lngDQ=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "tinted-foot", "repo": "tinted-foot",
"rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce", "rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "tinted-foot", "repo": "tinted-foot",
"rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
"type": "github" "type": "github"
} }
}, },

View file

@ -1,9 +1,11 @@
{ config, lib, pkgs, utils, ... }: let { config, lib, options, pkgs, ... }: let
cfg = config.kyouma.restic; cfg = config.kyouma.restic;
in { in {
options.kyouma.restic = let options.kyouma.restic = let
inherit (lib) mkOption types; inherit (lib) mkOption types;
in { in {
inherit (options.services.restic.backups.type.getSubOptions [])
timerConfig backupPrepareCommand backupCleanupCommand;
enable = lib.mkEnableOption "Enable restic backup"; enable = lib.mkEnableOption "Enable restic backup";
paths = mkOption { paths = mkOption {
description = "paths to backup"; description = "paths to backup";
@ -40,14 +42,6 @@ in {
type = types.nonEmptyStr; type = types.nonEmptyStr;
default = "${config.networking.hostName}-backup"; default = "${config.networking.hostName}-backup";
}; };
timerConfig = mkOption {
description = "timer config";
type = with types; nullOr (attrsOf utils.systemdUtils.unitOptions.unitOption);
default = {
OnCalendar = "daily";
Persistent = true;
};
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
sops.secrets."restic/${cfg.remoteUser}/password" = { sops.secrets."restic/${cfg.remoteUser}/password" = {
@ -58,10 +52,15 @@ in {
}; };
services.restic.backups."${config.networking.hostName}-${cfg.remote}" = { services.restic.backups."${config.networking.hostName}-${cfg.remote}" = {
inherit (cfg) paths user pruneOpts timerConfig; inherit (cfg) paths user pruneOpts timerConfig backupPrepareCommand backupCleanupCommand;
initialize = true; initialize = true;
repository = "sftp:${cfg.remoteUser}@${cfg.remote}:${cfg.repo}"; repository = "sftp:${cfg.remoteUser}@${cfg.remote}:${cfg.repo}";
passwordFile = config.sops.secrets."restic/${cfg.remoteUser}/password".path; passwordFile = config.sops.secrets."restic/${cfg.remoteUser}/password".path;
extraBackupArgs = [
"--compression=max"
"--pack-size=128"
"--read-concurrency=8"
];
extraOptions = let extraOptions = let
knownHost = pkgs.writeText "${cfg.remote}-known-host" (builtins.readFile ./${cfg.remote}/ssh_host_ed25519_key.pub); knownHost = pkgs.writeText "${cfg.remote}-known-host" (builtins.readFile ./${cfg.remote}/ssh_host_ed25519_key.pub);
sshKey = config.sops.secrets."restic/${cfg.remoteUser}/id_ed25519".path; sshKey = config.sops.secrets."restic/${cfg.remoteUser}/id_ed25519".path;

View file

@ -21,7 +21,6 @@ merge_theirs () {
} }
test_build () { test_build () {
local last_error
local build_jobs local build_jobs
build_jobs="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r ".builds | .[]")" build_jobs="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}/latest-eval" | jq -r ".builds | .[]")"
@ -42,10 +41,16 @@ test_build () {
echo "Build ${build} was successful" echo "Build ${build} was successful"
done done
last_error="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}" | jq -r ".errortime")" # Idk why this is broken someone should fix me
[[ $last_error -gt $(date +%s) ]] && # local last_error
echo "Evaluation error encountered at $(date +%Y-%m-%d-%H:%M:%S --date="@${last_error}")" && # local now
exit 1 #
# last_error="$(curl --fail -s -L -H "Accept: application/json" "${JOBSET_URL}" | jq -r ".errortime")"
# now="$(date +%s)"
#
# [[ $last_error -gt $now ]] &&
# echo "Evaluation error encountered at $(date +%Y-%m-%d-%H:%M:%S --date="@${last_error}")" &&
# exit 1
} }
wait_for_hydra () { wait_for_hydra () {
@ -54,15 +59,17 @@ wait_for_hydra () {
local counter local counter
counter=0 counter=0
git_rev="$(git -C "${1}/nixfiles" rev-parse update-inputs)" git_rev="$(git -C "${1}/nixfiles" rev-parse update-inputs)"
while true; do while [[ $counter -lt 180 ]]; do
hydra_rev="$(curl -s -L -H "Accept: application/json" "${2}/latest-eval" | jq -r .flake | sed -E "s/.+&rev=(.*)/\1/g")" counter=$((counter +1))
hydra_rev="$(curl -s -L -H "Accept: application/json" "${2}/evals" | jq -r '.evals | max_by(.id) | .flake' | sed -E "s/.+&rev=(.*)/\1/g")"
if [[ "${git_rev}" == "${hydra_rev}" ]]; then if [[ "${git_rev}" == "${hydra_rev}" ]]; then
echo "Hydra got new commit" echo "Hydra got new commit"
break break
fi fi
sleep 30 sleep 5
done done
if [[ $counter -ge 30 ]]; then
if [[ $counter -ge 180 ]]; then
echo "Hydra no workey" echo "Hydra no workey"
exit 1 exit 1
fi fi