sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/modules/nixos/github-org-backup.nix
zowoq 92c55595d0 format tree
2024-07-24 10:27:26 +00:00

58 lines
1.6 KiB
Nix
Raw Blame History

{ config, pkgs, ... }:
{
# upstream docs show how to restore these backups
# https://github.com/gabrie30/ghorg/blob/92965c8b25ca423223888e1138d175bfc2f4b39b/README.md#creating-backups
systemd.services.github-org-backup = {
environment.HOME = "/var/lib/github-org-backup";
path = [
pkgs.git
pkgs.ghorg
];
# exclude nix, nixpkgs
script = ''
ghorg clone nix-community \
--backup \
--clone-wiki \
--concurrency 2 \
--exclude-match-regex '^(nix|nixpkgs)$' \
--no-token \
--path /var/lib/github-org-backup \
--prune \
--prune-no-confirm
'';
startAt = "daily";
serviceConfig.Type = "oneshot";
};
sops.secrets.hetzner-borgbackup-ssh = { };
systemd.services.borgbackup-job-github-org = {
after = [ "github-org-backup.service" ];
serviceConfig.ReadWritePaths = [ "/var/log/telegraf" ];
};
services.borgbackup.jobs.github-org = {
paths = [ "/var/lib/github-org-backup" ];
repo = "u348918@u348918.your-storagebox.de:/./github-org";
encryption.mode = "none";
compression = "auto,zstd";
startAt = "daily";
environment.BORG_RSH = "ssh -oPort=23 -i ${config.sops.secrets.hetzner-borgbackup-ssh.path}";
preHook = ''
set -x
'';
postHook = ''
cat > /var/log/telegraf/borgbackup-job-github-org.service <<EOF
task,frequency=daily last_run=$(date +%s)i,state="$([[ $exitStatus == 0 ]] && echo ok || echo fail)"
EOF
'';
prune.keep = {
within = "1d"; # Keep all archives from the last day
daily = 7;
weekly = 4;
monthly = 0;
};
};
}
Reference in a new issue View git blame Copy permalink