From aaf77b9ca9deabc8678e0b4319b202952c2cce74 Mon Sep 17 00:00:00 2001 From: Mikael Voss Date: Sat, 9 Nov 2024 23:06:01 +0100 Subject: [PATCH 1/2] akkoma: Create backups from database dump --- config/hosts/florp/configuration.nix | 20 +++++++++++++++++--- modules/restic/default.nix | 13 +++++++++++++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/config/hosts/florp/configuration.nix b/config/hosts/florp/configuration.nix index c258a57..133e22d 100644 --- a/config/hosts/florp/configuration.nix +++ b/config/hosts/florp/configuration.nix @@ -1,4 +1,4 @@ -{ lib, ... }: { +{ lib, config, ... }: { imports = [ ../../common ../../profiles/headless.nix @@ -13,7 +13,9 @@ }; kyouma.nginx.defaultForbidden = "florp.social"; - kyouma.restic = { + kyouma.restic = let + pgBackup = "/var/cache/postgresql.sql"; + in { enable = true; remoteUser = "zh3485s1"; timerConfig = { @@ -22,9 +24,21 @@ }; paths = [ "/var/lib/akkoma" - "/var/lib/postgresql" "/var/lib/secrets" + pgBackup ]; + + backupPrepareCommand = '' + umask 0077 + rm -f -- ${pgBackup} + ${lib.getExe' config.services.postgresql.package "pg_dumpall"} \ + -U ${config.services.postgresql.superUser} \ + -f ${pgBackup} + ''; + + backupCleanupCommand = '' + rm -f -- ${pgBackup} + ''; }; systemd.network.networks."98-eth-default" = { address = [ diff --git a/modules/restic/default.nix b/modules/restic/default.nix index 2661253..b1c8ca3 100644 --- a/modules/restic/default.nix +++ b/modules/restic/default.nix @@ -48,6 +48,19 @@ in { Persistent = true; }; }; + + # FIXME: Can these be just inherited? + backupPrepareCommand = mkOption { + description = "preparation script"; + type = with types; nullOr str; + default = null; + }; + + backupCleanupCommand = mkOption { + description = "cleanup script"; + type = with types; nullOr str; + default = null; + }; }; config = lib.mkIf cfg.enable { sops.secrets."restic/${cfg.remoteUser}/password" = { -- 2.47.0 From 5219aabfc17833a799aad73d66405adab2041052 Mon Sep 17 00:00:00 2001 From: Mikael Voss Date: Sat, 9 Nov 2024 23:08:55 +0100 Subject: [PATCH 2/2] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'florp-about': 'git+https://woof.rip/florp/about.git?ref=refs/heads/main&rev=1d3098ad7775426c092a5bd13498d98a8b02b116' (2024-11-09) → 'git+https://woof.rip/florp/about.git?ref=refs/heads/main&rev=1845276697adca236be3e7a983238d2a2d0d57b5' (2024-11-09) --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index cca7698..e18f443 100644 --- a/flake.lock +++ b/flake.lock @@ -437,11 +437,11 @@ ] }, "locked": { - "lastModified": 1731185407, - "narHash": "sha256-4LdV+ZK7slyONezfW3aZmBuTt4lnxBTmREemBW7VBtk=", + "lastModified": 1731187545, + "narHash": "sha256-n/BOlXvOcX5yn2mbjazfCcbojzczCdmcjQNaH7Dcdd4=", "ref": "refs/heads/main", - "rev": "1d3098ad7775426c092a5bd13498d98a8b02b116", - "revCount": 6, + "rev": "1845276697adca236be3e7a983238d2a2d0d57b5", + "revCount": 7, "type": "git", "url": "https://woof.rip/florp/about.git" }, -- 2.47.0