summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hosts/surtr/bifrost/default.nix1
-rw-r--r--hosts/vidhar/borg/default.nix14
2 files changed, 9 insertions, 6 deletions
diff --git a/hosts/surtr/bifrost/default.nix b/hosts/surtr/bifrost/default.nix
index ccf0c959..20cd5892 100644
--- a/hosts/surtr/bifrost/default.nix
+++ b/hosts/surtr/bifrost/default.nix
@@ -65,6 +65,7 @@ in {
65 serviceConfig = { 65 serviceConfig = {
66 Type = "oneshot"; 66 Type = "oneshot";
67 ExecStart = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3"; 67 ExecStart = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3";
68 RemainAfterExit = true;
68 ExecStop = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3 --unload"; 69 ExecStop = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3 --unload";
69 }; 70 };
70 }; 71 };
diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix
index 9a51b103..922cbf02 100644
--- a/hosts/vidhar/borg/default.nix
+++ b/hosts/vidhar/borg/default.nix
@@ -45,6 +45,8 @@ let
45 ]; 45 ];
46 }; 46 };
47 }; 47 };
48
49 baseDir = "/srv/backup/borg";
48in { 50in {
49 config = { 51 config = {
50 services.borgsnap = { 52 services.borgsnap = {
@@ -56,7 +58,7 @@ in {
56 }; 58 };
57 59
58 services.copyborg.jotnar = { 60 services.copyborg.jotnar = {
59 from = "/srv/backup/borg/jotnar"; 61 from = "${baseDir}/jotnar";
60 to = "yggdrasil.borgbase:repo"; 62 to = "yggdrasil.borgbase:repo";
61 inherit sshConfig; 63 inherit sshConfig;
62 keyfile = config.sops.secrets."yggdrasil.borgkey".path; 64 keyfile = config.sops.secrets."yggdrasil.borgkey".path;
@@ -67,14 +69,14 @@ in {
67 69
68 services.borgbackup.repos = { 70 services.borgbackup.repos = {
69 jotnar = { 71 jotnar = {
70 path = "/srv/backup/borg/jotnar"; 72 path = "${baseDir}/jotnar";
71 authorizedKeysAppendOnly = let 73 authorizedKeysAppendOnly = let
72 dir = ./jotnar; 74 dir = ./jotnar;
73 toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}"); 75 toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}");
74 in filter (v: v != null) (mapAttrsToList toAuthKey (builtins.readDir dir)); 76 in filter (v: v != null) (mapAttrsToList toAuthKey (builtins.readDir dir));
75 }; 77 };
76 "uniworx.de" = { 78 "uniworx.de" = {
77 path = "/srv/backups/borg/uniworx.de"; 79 path = "${baseDir}/uniworx.de";
78 authorizedKeys = [ 80 authorizedKeys = [
79 (builtins.readFile ./uniworx.de/root.pub) 81 (builtins.readFile ./uniworx.de/root.pub)
80 ]; 82 ];
@@ -84,7 +86,7 @@ in {
84 }; 86 };
85 }; 87 };
86 88
87 # systemd.services."check-borg@${utils.escapeSystemdPath "/srv/backup/borg/jotnar"}" = checkBorgUnit; 89 # systemd.services."check-borg@${utils.escapeSystemdPath "${baseDir}/jotnar"}" = checkBorgUnit;
88 # systemd.services."check-borg@${utils.escapeSystemdPath "yggdrasil.borgbase:repo"}" = recursiveUpdate checkBorgUnit { 90 # systemd.services."check-borg@${utils.escapeSystemdPath "yggdrasil.borgbase:repo"}" = recursiveUpdate checkBorgUnit {
89 # serviceConfig = { 91 # serviceConfig = {
90 # Environment = checkBorgUnit.serviceConfig.Environment ++ [ 92 # Environment = checkBorgUnit.serviceConfig.Environment ++ [
@@ -92,7 +94,7 @@ in {
92 # ]; 94 # ];
93 # }; 95 # };
94 # }; 96 # };
95 # systemd.timers."check-borg@${utils.escapeSystemdPath "/srv/backup/borg/jotnar"}" = { 97 # systemd.timers."check-borg@${utils.escapeSystemdPath "${baseDir}/jotnar"}" = {
96 # wantedBy = [ "timers.target" ]; 98 # wantedBy = [ "timers.target" ];
97 # timerConfig = { 99 # timerConfig = {
98 # OnCalendar = "*-*-* 00:30:00 UTC"; 100 # OnCalendar = "*-*-* 00:30:00 UTC";
@@ -106,7 +108,7 @@ in {
106 # }; 108 # };
107 109
108 boot.postBootCommands = mkBefore '' 110 boot.postBootCommands = mkBefore ''
109 ${pkgs.findutils}/bin/find /srv/backup/borg -type d -empty -delete 111 ${pkgs.findutils}/bin/find ${baseDir} -type d -empty -delete
110 ''; 112 '';
111 113
112 users.users.borg.extraGroups = ["ssh"]; 114 users.users.borg.extraGroups = ["ssh"];