torjus/nixos-servers
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Merge pull request 'backup: migrate to native services.restic.backups' (#14) from migrate-to-native-restic-backups into master
All checks were successful
Run nix flake check / flake-check (push) Successful in 4m4s
Details
Periodic flake update / flake-update (push) Successful in 1m10s
Details

Browse Source 
Reviewed-on: #14
This commit was merged in pull request #14.
This commit is contained in:
Torjus Håkestad
2026-02-03 23:47:11 +00:00
parent b5da9431aa d1861eefb5
commit 15459870cd
6 changed files with 65 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CLAUDE.md
View File

@@ -63,6 +63,14 @@ Examples:
- `template2: add proxmox image configuration` - `template2: add proxmox image configuration`
- `terraform: add VM deployment configuration` - `terraform: add VM deployment configuration`
### Clipboard
To copy text to the clipboard, pipe to `wl-copy` (Wayland):
```bash
echo "text" | wl-copy
```
### NixOS Options Lookup ### NixOS Options Lookup
An MCP server is available for searching and looking up NixOS option documentation. This is useful when configuring new services or options for hosts. An MCP server is available for searching and looking up NixOS option documentation. This is useful when configuring new services or options for hosts.
@@ -145,7 +153,6 @@ Template/test hosts:
- `nixpkgs-unstable` - Unstable channel (available via overlay as `pkgs.unstable.<package>`) - `nixpkgs-unstable` - Unstable channel (available via overlay as `pkgs.unstable.<package>`)
- `sops-nix` - Secrets management - `sops-nix` - Secrets management
- Custom packages from git.t-juice.club: - Custom packages from git.t-juice.club:
- `backup-helper` - Backup automation module
- `alerttonotify` - Alert routing - `alerttonotify` - Alert routing
- `labmon` - Lab monitoring - `labmon` - Lab monitoring

22
flake.lock generated
View File

@@ -21,27 +21,6 @@
"url": "https://git.t-juice.club/torjus/alerttonotify" "url": "https://git.t-juice.club/torjus/alerttonotify"
} }
}, },
"backup-helper": {
"inputs": {
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1738015166,
"narHash": "sha256-573tR4aXNjILKvYnjZUM5DZZME2H6YTHJkUKs3ZehFU=",
"ref": "master",
"rev": "f9540cc065692c7ca80735e7b08399459e0ea6d6",
"revCount": 35,
"type": "git",
"url": "https://git.t-juice.club/torjus/backup-helper"
},
"original": {
"ref": "master",
"type": "git",
"url": "https://git.t-juice.club/torjus/backup-helper"
}
},
"labmon": { "labmon": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -98,7 +77,6 @@
"root": { "root": {
"inputs": { "inputs": {
"alerttonotify": "alerttonotify", "alerttonotify": "alerttonotify",
"backup-helper": "backup-helper",
"labmon": "labmon", "labmon": "labmon",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",

8
flake.nix
View File

@@ -9,10 +9,6 @@
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs.follows = "nixpkgs-unstable";
}; };
backup-helper = {
url = "git+https://git.t-juice.club/torjus/backup-helper?ref=master";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
alerttonotify = { alerttonotify = {
url = "git+https://git.t-juice.club/torjus/alerttonotify?ref=master"; url = "git+https://git.t-juice.club/torjus/alerttonotify?ref=master";
inputs.nixpkgs.follows = "nixpkgs-unstable"; inputs.nixpkgs.follows = "nixpkgs-unstable";
@@ -29,7 +25,6 @@
nixpkgs, nixpkgs,
nixpkgs-unstable, nixpkgs-unstable,
sops-nix, sops-nix,
backup-helper,
alerttonotify, alerttonotify,
labmon, labmon,
... ...
@@ -136,7 +131,6 @@
) )
./hosts/nixos-test1 ./hosts/nixos-test1
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
backup-helper.nixosModules.backup-helper
]; ];
}; };
ha1 = nixpkgs.lib.nixosSystem { ha1 = nixpkgs.lib.nixosSystem {
@@ -153,7 +147,6 @@
) )
./hosts/ha1 ./hosts/ha1
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
backup-helper.nixosModules.backup-helper
]; ];
}; };
template1 = nixpkgs.lib.nixosSystem { template1 = nixpkgs.lib.nixosSystem {
@@ -234,7 +227,6 @@
) )
./hosts/monitoring01 ./hosts/monitoring01
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
backup-helper.nixosModules.backup-helper
labmon.nixosModules.labmon labmon.nixosModules.labmon
]; ];
}; };

18
hosts/ha1/configuration.nix
View File

@@ -57,14 +57,24 @@
# Backup service dirs # Backup service dirs
sops.secrets."backup_helper_secret" = { }; sops.secrets."backup_helper_secret" = { };
backup-helper = { services.restic.backups.ha1 = {
enable = true; repository = "rest:http://10.69.12.52:8000/backup-nix";
password-file = "/run/secrets/backup_helper_secret"; passwordFile = "/run/secrets/backup_helper_secret";
backup-dirs = [ paths = [
"/var/lib/hass" "/var/lib/hass"
"/var/lib/zigbee2mqtt" "/var/lib/zigbee2mqtt"
"/var/lib/mosquitto" "/var/lib/mosquitto"
]; ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 6"
"--keep-within 1d"
];
}; };
# Open ports in the firewall. # Open ports in the firewall.

36
hosts/monitoring01/configuration.nix
View File

@@ -57,15 +57,35 @@
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
sops.secrets."backup_helper_secret" = { }; sops.secrets."backup_helper_secret" = { };
backup-helper = { services.restic.backups.grafana = {
enable = true; repository = "rest:http://10.69.12.52:8000/backup-nix";
password-file = "/run/secrets/backup_helper_secret"; passwordFile = "/run/secrets/backup_helper_secret";
backup-dirs = [ paths = [ "/var/lib/grafana/plugins" ];
"/var/lib/grafana/plugins" timerConfig = {
OnCalendar = "daily";
Persistent = true;
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 6"
"--keep-within 1d"
]; ];
backup-commands = [ };
# "grafana.db:${pkgs.sqlite}/bin/sqlite /var/lib/grafana/data/grafana.db .dump"
"grafana.db:${pkgs.sqlite}/bin/sqlite3 /var/lib/grafana/data/grafana.db .dump" services.restic.backups.grafana-db = {
repository = "rest:http://10.69.12.52:8000/backup-nix";
passwordFile = "/run/secrets/backup_helper_secret";
command = [ "${pkgs.sqlite}/bin/sqlite3" "/var/lib/grafana/data/grafana.db" ".dump" ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 6"
"--keep-within 1d"
]; ];
}; };

20
hosts/nixos-test1/configuration.nix
View File

@@ -51,15 +51,25 @@
networking.firewall.enable = false; networking.firewall.enable = false;
# Secrets # Secrets
# Backup helper # Backup
sops.secrets."backup_helper_secret" = { }; sops.secrets."backup_helper_secret" = { };
backup-helper = { services.restic.backups.test = {
enable = true; repository = "rest:http://10.69.12.52:8000/backup-nix";
password-file = "/run/secrets/backup_helper_secret"; passwordFile = "/run/secrets/backup_helper_secret";
backup-dirs = [ paths = [
"/etc/machine-id" "/etc/machine-id"
"/etc/os-release" "/etc/os-release"
]; ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 6"
"--keep-within 1d"
];
}; };
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?