🏡 my personal home lab
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

backup improvements again

+53 -63
+17 -1
modules/audiobookshelf.nix
··· 1 - { ... }: 1 + { pkgs, ... }: 2 2 { 3 3 services.audiobookshelf = { 4 4 enable = true; 5 5 openFirewall = true; 6 6 host = "0.0.0.0"; 7 7 port = 8000; 8 + }; 9 + 10 + systemd.services.audiobookshelf-backup = { 11 + description = "Backup Audiobookshelf SQLite database"; 12 + serviceConfig = { 13 + Type = "oneshot"; 14 + ExecStart = "${pkgs.sqlite}/bin/sqlite3 /var/lib/audiobookshelf/config/absdatabase.sqlite \".backup '/var/lib/audiobookshelf/config/absdatabase.sqlite.backup'\""; 15 + }; 16 + }; 17 + systemd.timers.audiobookshelf-backup = { 18 + description = "Daily Audiobookshelf database backup"; 19 + wantedBy = [ "timers.target" ]; 20 + timerConfig = { 21 + OnCalendar = "*-*-* 02:00:00"; 22 + Persistent = true; 23 + }; 8 24 }; 9 25 }
+1 -31
modules/immich.nix
··· 1 - { pkgs, config, ... }: 1 + { config, ... }: 2 2 { 3 3 services.immich = { 4 4 enable = true; ··· 29 29 services.postgresqlBackup = { 30 30 enable = true; 31 31 databases = [ "immich" ]; 32 - location = "/mnt/nas/backup/postgresql"; 33 32 startAt = "*-*-* 02:00:00"; 34 33 }; 35 34 36 - # Rotate immich db backups: keep 14 daily, 1 per month after that 37 - systemd.services.immich-db-backup-rotate = { 38 - description = "Rotate Immich DB backups"; 39 - after = [ 40 - "postgresqlBackup-immich.service" 41 - "mnt-nas.mount" 42 - ]; 43 - requires = [ "mnt-nas.mount" ]; 44 - wantedBy = [ "postgresqlBackup-immich.service" ]; 45 - serviceConfig = { 46 - Type = "oneshot"; 47 - ExecStart = pkgs.writeShellScript "immich-db-backup-rotate" '' 48 - dir=/mnt/nas/backup/postgresql 49 - # keep first of each month 50 - for f in "$dir"/immich.sql.gz.*; do 51 - [ -f "$f" ] || continue 52 - age=$(( ($(date +%s) - $(date -r "$f" +%s)) / 86400 )) 53 - day=$(date -r "$f" +%d) 54 - if [ "$age" -gt 14 ] && [ "$day" != "01" ]; then 55 - rm -f "$f" 56 - elif [ "$age" -gt 90 ]; then 57 - rm -f "$f" 58 - fi 59 - done 60 - ''; 61 - }; 62 - }; 63 - 64 35 systemd.tmpfiles.rules = [ 65 36 "d /mnt/nas/data/immich 0750 root root -" 66 - "d /mnt/nas/backup/postgresql 0750 root root -" 67 37 ]; 68 38 69 39 sops.templates."immich.env".content = ''
-29
modules/kitchenowl.nix
··· 1 1 { 2 2 config, 3 3 lib, 4 - pkgs, 5 4 ... 6 5 }: 7 6 { ··· 45 44 services.postgresqlBackup = { 46 45 enable = true; 47 46 databases = [ "kitchenowl" ]; 48 - location = "/mnt/nas/backup/postgresql"; 49 47 startAt = "*-*-* 02:00:00"; 50 48 }; 51 49 52 - systemd.services.kitchenowl-db-backup-rotate = { 53 - description = "Rotate KitchenOwl DB backups"; 54 - after = [ 55 - "postgresqlBackup-kitchenowl.service" 56 - "mnt-nas.mount" 57 - ]; 58 - requires = [ "mnt-nas.mount" ]; 59 - wantedBy = [ "postgresqlBackup-kitchenowl.service" ]; 60 - serviceConfig = { 61 - Type = "oneshot"; 62 - ExecStart = pkgs.writeShellScript "kitchenowl-db-backup-rotate" '' 63 - dir=/mnt/nas/backup/postgresql 64 - for f in "$dir"/kitchenowl.sql.gz.*; do 65 - [ -f "$f" ] || continue 66 - age=$(( ($(date +%s) - $(date -r "$f" +%s)) / 86400 )) 67 - day=$(date -r "$f" +%d) 68 - if [ "$age" -gt 14 ] && [ "$day" != "01" ]; then 69 - rm -f "$f" 70 - elif [ "$age" -gt 90 ]; then 71 - rm -f "$f" 72 - fi 73 - done 74 - ''; 75 - }; 76 - }; 77 - 78 50 sops.templates."kitchenowl.env".content = '' 79 51 JWT_SECRET_KEY=${config.sops.placeholder.kitchenowl-jwt-secret} 80 52 DB_DRIVER=postgresql ··· 95 67 96 68 systemd.tmpfiles.rules = [ 97 69 "d /var/lib/kitchenowl 0750 root root -" 98 - "d /mnt/nas/backup/postgresql 0750 root root -" 99 70 ]; 100 71 101 72 networking.firewall.allowedTCPPorts = [ 9080 ];
+17 -1
modules/pocket-id.nix
··· 1 - { config, ... }: 1 + { config, pkgs, ... }: 2 2 { 3 3 services.pocket-id = { 4 4 enable = true; ··· 9 9 }; 10 10 credentials = { 11 11 ENCRYPTION_KEY = config.sops.secrets.pocket-id-encryption-key.path; 12 + }; 13 + }; 14 + 15 + systemd.services.pocket-id-backup = { 16 + description = "Backup Pocket ID SQLite database"; 17 + serviceConfig = { 18 + Type = "oneshot"; 19 + ExecStart = "${pkgs.sqlite}/bin/sqlite3 /var/lib/pocket-id/data/pocket-id.db \".backup '/var/lib/pocket-id/data/pocket-id.db.backup'\""; 20 + }; 21 + }; 22 + systemd.timers.pocket-id-backup = { 23 + description = "Daily Pocket ID database backup"; 24 + wantedBy = [ "timers.target" ]; 25 + timerConfig = { 26 + OnCalendar = "*-*-* 02:00:00"; 27 + Persistent = true; 12 28 }; 13 29 }; 14 30
+1
modules/restic.nix
··· 21 21 paths = [ 22 22 "/home" 23 23 "/var/lib" 24 + "/var/backup" 24 25 ]; 25 26 26 27 exclude = [
+17 -1
modules/rustical.nix
··· 1 - { config, ... }: 1 + { config, pkgs, ... }: 2 2 { 3 3 virtualisation.oci-containers = { 4 4 backend = "podman"; ··· 30 30 sops.secrets.rustical-oidc-client-secret = { }; 31 31 32 32 systemd.tmpfiles.rules = [ "d /var/lib/rustical 0750 root root -" ]; 33 + 34 + systemd.services.rustical-backup = { 35 + description = "Backup Rustical SQLite database"; 36 + serviceConfig = { 37 + Type = "oneshot"; 38 + ExecStart = "${pkgs.sqlite}/bin/sqlite3 /var/lib/rustical/db.sqlite \".backup '/var/lib/rustical/db.sqlite.backup'\""; 39 + }; 40 + }; 41 + systemd.timers.rustical-backup = { 42 + description = "Daily Rustical database backup"; 43 + wantedBy = [ "timers.target" ]; 44 + timerConfig = { 45 + OnCalendar = "*-*-* 02:00:00"; 46 + Persistent = true; 47 + }; 48 + }; 33 49 34 50 networking.firewall.allowedTCPPorts = [ 4000 ]; 35 51 }