mc-fucker/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: mc-fucker:3610f51a9dde46774b7e8e4cf5412ed07bc2e784
Branches Tags
mc-fucker:master
..
compare: mc-fucker:d170d22b5b54f05e5ff8bb938a5d62fd5367d8ab
Branches Tags
mc-fucker:master

No commits in common. "3610f51a9dde46774b7e8e4cf5412ed07bc2e784" and "d170d22b5b54f05e5ff8bb938a5d62fd5367d8ab" have entirely different histories.
3610f51a9d ... d170d22b5b

2 changed files with 0 additions and 57 deletions
Show stats Expand all files Collapse all files

54
modules/borg_hetzner_nixos.nix
View file

@ -1,54 +0,0 @@
{ config, pkgs, ... }:
let
name = "hetzner_nixos";
hostname = config.networking.hostName;
remotehost = "u555679-sub2@u555679-sub2.your-storagebox.de";
backuppath = "/backup/snapshot";
borgHook = toString /etc/nixos/scripts/borgHook.sh;
in
{
sops.secrets."borg/hetzner/mcserver/${hostname}" = {};
services.borgbackup.jobs."${name}" = {
paths = [
"${backuppath}/etc"
"${backuppath}/home"
"${backuppath}/root"
"${backuppath}/var"
];
exclude = [
"${backuppath}*/.cache"
"${backuppath}/home/*/build"
"${backuppath}/var/log"
"${backuppath}/var/lib/nextcloud/data/appdata_ocnc33s4dl6i/preview"
"${backuppath}/var/lib/postgresql/*/"
"${backuppath}/var/lib/mysql/*"
"${backuppath}/var/lib/containers"
"${backuppath}/var/lib/rancher/k3s/agent/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots"
];
#repo = "borg@nasty:.";
repo = "ssh://${remotehost}:23/./${hostname}";
compression = "zstd,10";
encryption.mode = "repokey";
encryption.passCommand = "cat /run/secrets/borg/hetzner/mcserver/${hostname}";
environment.BORG_RSH = "ssh -i /root/.ssh/id_hetzner_nixos";
extraCreateArgs = "--verbose --stats";
extraArgs = [ "--remote-path=borg-1.4" ];
startAt = "00:10";
preHook = "${borgHook} pre ${backuppath}"; #create snapshot for consistent filesystem
postCreate = "${borgHook} post ${backuppath}"; #delete snapshot again
};
systemd.services."borgbackup-job-${name}" = {
environment = {
BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes";
};
path = [ pkgs.btrfs-progs pkgs.mount pkgs.umount pkgs.lvm2 pkgs.bash ];
serviceConfig = {
ReadWritePaths = [ "/backup" "/var/lock/lvm" "/etc/lvm" ];
};
};
}
# vim: set et ts=2 sw=2 ai:

3
modules/iso.nix
View file

@ -8,8 +8,6 @@
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
]; ];
isoImage.squashfsCompression = "zstd";
users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyGaBZIZYjiBhOFD2drvG316B9NUVSbMpTIhOCQur8P arch" ]; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyGaBZIZYjiBhOFD2drvG316B9NUVSbMpTIhOCQur8P arch" ];
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
@ -25,7 +23,6 @@
programs = { programs = {
zsh = import ./zsh.nix; zsh = import ./zsh.nix;
vim.defaultEditor = true; vim.defaultEditor = true;
vim.enable = true;
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [