fw/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added backup script for key services to gdrive

Browse source
This commit is contained in:
fwastring 2026-03-29 14:30:54 +02:00
parent 8c1db38398
commit f9043fcb1a
2 changed files with 99 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

98
maskiner/node/configuration.nix
View file

@ -10,6 +10,39 @@
}: }:
let let
modulesDirectory = ../../moduler; modulesDirectory = ../../moduler;
backupScript = pkgs.writeShellScript "rclone-backups" ''
set -euo pipefail
declare -A SOURCES=(
[vaultwarden]="/var/lib/vaultwarden/"
[tailscale]="/var/lib/tailscale/"
[kitchenowl]="/var/lib/kitchenowl/"
)
REMOTE_BASE="gdrive:backups"
NOW="$(date +%Y-%m-%d_%H%M)"
for name in "''${!SOURCES[@]}"; do
SRC="''${SOURCES[$name]}"
DEST="''${REMOTE_BASE}/''${name}/''${NOW}"
rclone copy "''${SRC}" "''${DEST}" --create-empty-src-dirs \
--config /root/.config/rclone/rclone.conf
mapfile -t dirs < <(
rclone lsf "''${REMOTE_BASE}/''${name}" --dirs-only --format p \
--config /root/.config/rclone/rclone.conf | sort
)
if [ "''${#dirs[@]}" -gt 7 ]; then
remove_count=$(( ''${#dirs[@]} - 7 ))
for d in "''${dirs[@]:0:''${remove_count}}"; do
rclone purge "''${REMOTE_BASE}/''${name}/''${d%/}" \
--config /root/.config/rclone/rclone.conf
done
fi
done
'';
in in
{ {
# You can import other NixOS modules here # You can import other NixOS modules here
@ -36,6 +69,7 @@ in
(modulesDirectory + /services/immich) (modulesDirectory + /services/immich)
(modulesDirectory + /services/paperless) (modulesDirectory + /services/paperless)
(modulesDirectory + /services/filebrowser) (modulesDirectory + /services/filebrowser)
(modulesDirectory + /services/mediamtx)
]; ];
sops.defaultSopsFile = ../../secrets/sops.yaml; sops.defaultSopsFile = ../../secrets/sops.yaml;
@ -48,8 +82,63 @@ in
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git git
vim vim
rsync
rclone
fuse
]; ];
programs.fuse.userAllowOther = true;
systemd.tmpfiles.rules = [
"d /mnt/gdrive 0755 root root - -"
"d /mnt/gdrive/backups 0755 root root - -"
];
systemd.services.rclone-gdrive = {
description = "Rclone mount for Google Drive";
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = {
Type = "simple";
ExecStart = ''
${pkgs.rclone}/bin/rclone mount \
gdrive: /mnt/gdrive \
--config /root/.config/rclone/rclone.conf \
--allow-other \
--dir-cache-time 12h \
--vfs-cache-mode writes
'';
ExecStop = "${pkgs.fuse}/bin/fusermount -u /mnt/gdrive";
Restart = "on-failure";
RestartSec = "10s";
};
wantedBy = [ "multi-user.target" ];
};
systemd.services.rsync-backups = {
description = "Rclone snapshot backups to Google Drive";
serviceConfig = {
Type = "oneshot";
ExecStart = backupScript;
User = "root";
};
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
path = [
pkgs.coreutils
pkgs.findutils
pkgs.rclone
];
};
systemd.timers.rsync-backups = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*-*-* 00,06,12,18:00:00";
Persistent = true;
};
};
home-manager.users.fw = { home-manager.users.fw = {
# imports = [ # imports = [
# (modulesDirectory + /programs/beets) # (modulesDirectory + /programs/beets)
@ -101,6 +190,11 @@ in
port = 8126; port = 8126;
domain = "files.wastring.com"; domain = "files.wastring.com";
}; };
mediamtx = {
enable = true;
host = "0.0.0.0";
rtspPort = 8554;
};
glance = { glance = {
enable = false; enable = false;
host = "127.0.0.1"; host = "127.0.0.1";
@ -112,6 +206,10 @@ in
domain = "wish.wastring.com"; domain = "wish.wastring.com";
}; };
wedding = {
enable = true;
};
forgejo = { forgejo = {
enable = false; enable = false;
}; };

1
moduler/programs.nix
View file

@ -81,6 +81,7 @@
bitwarden-cli bitwarden-cli
lagrange lagrange
jujutsu jujutsu
rclone
dbeaver-bin dbeaver-bin