blob: 0d8af598368f8078da6dbc9972d4e6d8533019a8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
# To initialize repo
# borg init --encryption=keyfile /staging/backup
# Key file also stored in pass
{ config, lib, pkgs, ... }:
let
repo = "/staging/backup";
probe = rec {
path = "/storage/archive/backup-probe.txt";
repo = "storage";
repo_path = lib.removePrefix "/" path;
};
in
{
systemd.services.borg-backup = {
description = "Run backups.";
path = with pkgs; [ borgbackup rsync openssh ];
startAt = "03:30";
environment = {
BORG_KEY_FILE = "/opt/secret/borg-backup-keys/staging_backup";
BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes";
};
script = ''
echo "Database backup"
ssh orbekk@raigh.orbekk.com sqlite3 /home/orbekk/linoquotes.sqlite \".backup /home/orbekk/linoquotes-backup.sqlite\"
rsync -Hax orbekk@raigh.orbekk.com:linoquotes-backup.sqlite /storage/archive/linoquotes/
echo "Writing probe file at ${probe.path}"
# No need for atomic move, because the script terminates if this fails.
date +%s > "${probe.path}"
echo "Creating backup"
borg create -v --stats \
--compression lzma,6 \
${repo}::'storage-{now:%Y-%m-%dT%H:%M:%S}' \
/storage
borg create -v --stats \
--compression lzma,6 \
${repo}::'{hostname}-{now:%Y-%m-%dT%H:%M:%S}' \
/opt /home /var \
--exclude /var/lib/lxd
echo "Pruning old versions"
borg prune -v --list ${repo} --prefix 'storage-' \
--keep-daily=7 --keep-weekly=4 --keep-monthly=6
borg prune -v --list ${repo} --prefix '{hostname}-' \
--keep-daily=7 --keep-weekly=4 --keep-monthly=6
echo "Synchronizing backup"
rsync --delete -Hax ${repo} root@orbekk.osl.trygveandre.net:/storage
echo "Success."
'';
};
systemd.services.backup-prober = {
description = "Find latest backup probe timestamp.";
path = with pkgs; [ borgbackup rsync openssh sshfs moreutils ];
startAt = "06:30";
serviceConfig = {
PrivateTmp = true;
};
environment = {
BORG_KEY_FILE = "/opt/secret/borg-backup-keys/staging_backup";
BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes";
};
script = ''
mkdir -p "/tmp/mnt"
sshfs root@orbekk.osl.trygveandre.net:/storage "/tmp/mnt"
REPOSITORY="/tmp/mnt/backup"
last_repo="$(borg list $REPOSITORY -P ${probe.repo} --last 1 --short)"
target="${config.orbekk.monitoring-server.textFileDir}/backup_probe.prom"
timestamp=$(borg extract --stdout $REPOSITORY::"$last_repo" "${probe.repo_path}")
echo "backup_probe_timestamp_seconds $timestamp" > "$target.next"
mv "$target.next" "$target"
echo Done
'';
};
}
|