]> Git — Sourcephile - julm/julm-nix.git/blob - hosts/aubergine/backup.nix
sourcephile / git / julm / julm-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
perf/cpu(E5500): disable `auto-optimise-store`
[julm/julm-nix.git] / hosts / aubergine / backup.nix
1 {
2 pkgs,
3 lib,
4 config,
5 hostName,
6 ...
7 }:
8 {
9 users.users.backup = {
10 isSystemUser = true;
11 shell = config.users.users.root.shell;
12 group = config.users.groups.disk.name;
13 openssh.authorizedKeys.keys = [
14 (lib.readFile ../pumpkin/syncoid/ssh.key.pub)
15 (lib.readFile ../nan2gua1/syncoid/ssh.key.pub)
16 ];
17 };
18 # Trigger import when disks are plugged
19 services.udev.extraRules = ''
20 SUBSYSTEM=="block", KERNEL=="sd*", ENV{ID_SERIAL}=="Samsung_SSD_860_EVO_1TB_S3Z9NR0N508159W", \
21 ACTION=="add", ENV{SYSTEMD_WANTS}+="zfs-import@off2.service"
22 SUBSYSTEM=="block", KERNEL=="sd*", ENV{ID_SERIAL}=="Samsung_SSD_860_EVO_1TB_S3Z9NR0N508159W", \
23 ACTION=="remove", RUN+="${pkgs.systemd}/bin/systemctl stop --no-block zfs-import@off2.service"
24 '';
25 # Setup permissions on disk off2
26 systemd.services."zfs-import@".serviceConfig.ExecStartPost =
27 pkgs.writeShellScript "zfs-allow" ''
28 set -eux
29 pool="$1"
30 case "$pool" in
31 (off2) zfs allow -u ${config.users.users.backup.name} change-key,compression,create,destroy,mount,mountpoint,receive,rollback "$pool"/julm/backup;;
32 esac
33 ''
34 + " %I";
35 systemd.tmpfiles.rules = [
36 "z /dev/zfs 0660 - ${config.users.groups."disk".name} -"
37 ];
38 systemd.services.sanoid.serviceConfig.SupplementaryGroups = [
39 config.users.groups."disk".name
40 ];
41 services.sanoid = {
42 enable = true;
43 extraArgs = [ "--verbose" ];
44 datasets = {
45 "${hostName}/home" = {
46 autosnap = true;
47 autoprune = true;
48 hourly = 12;
49 daily = 3;
50 monthly = 0;
51 yearly = 0;
52 recursive = true;
53 };
54 "${hostName}/var" = {
55 autosnap = true;
56 autoprune = true;
57 hourly = 12;
58 daily = 1;
59 monthly = 0;
60 yearly = 0;
61 recursive = true;
62 };
63 "off2/julm/perso" = {
64 autosnap = true;
65 autoprune = true;
66 frequently = 0;
67 hourly = 1;
68 daily = 7;
69 monthly = 0;
70 yearly = 0;
71 recursive = true;
72 };
73 "off2/julm/public" = {
74 autosnap = true;
75 autoprune = true;
76 frequently = 0;
77 hourly = 1;
78 daily = 7;
79 monthly = 0;
80 yearly = 0;
81 recursive = true;
82 };
83 "off2/julm/virt" = {
84 autosnap = true;
85 autoprune = true;
86 frequently = 0;
87 hourly = 1;
88 daily = 2;
89 monthly = 2;
90 yearly = 0;
91 recursive = true;
92 };
93 "off2/julm/backup/das1/julm/perso" = {
94 autosnap = false;
95 autoprune = true;
96 frequently = 1;
97 hourly = 12;
98 daily = 7;
99 monthly = 3;
100 yearly = 0;
101 recursive = true;
102 };
103 "off2/julm/backup/das1/julm/public" = {
104 autosnap = false;
105 autoprune = true;
106 frequently = 1;
107 hourly = 0;
108 daily = 1;
109 monthly = 3;
110 yearly = 0;
111 recursive = true;
112 };
113 "off2/julm/backup/losurdo" = {
114 autosnap = false;
115 autoprune = true;
116 frequently = 1;
117 hourly = 1;
118 daily = 7;
119 monthly = 1;
120 yearly = 0;
121 recursive = true;
122 };
123 "off2/julm/backup/mermet" = {
124 autosnap = false;
125 autoprune = true;
126 frequently = 1;
127 hourly = 1;
128 daily = 7;
129 monthly = 1;
130 yearly = 0;
131 recursive = true;
132 };
133 "off4/julm/backup/pumpkin" = {
134 autosnap = false;
135 autoprune = true;
136 hourly = 12;
137 daily = 7;
138 monthly = 3;
139 yearly = 0;
140 recursive = true;
141 };
142 };
143 };
144 }
julm's NixOS and home-manager configs