teutat3s/os
2
0
Fork 0
forked from pub-solar/os
Code Pull requests Activity

fae: prepare backups of invoiceplane + paperless

Browse source
This commit is contained in:
teutat3s 2024-11-07 09:07:19 +01:00
parent 31ffd89799
commit f795bac18d
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1
5 changed files with 61 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
hosts/fae/invoiceplane.nix
View file

@ -58,21 +58,23 @@ in
systemd.tmpfiles.rules = [ "d '${backupDir}' 0700 root root - -" ]; systemd.tmpfiles.rules = [ "d '${backupDir}' 0700 root root - -" ];
#services.restic.backups = { services.restic.backups = {
# invoiceplane = { invoiceplane = {
# paths = [ paths = [
# backupDir backupDir
# "/var/lib/invoiceplane/billing.faenix.eu" "/var/lib/invoiceplane/billing.faenix.eu"
# ]; ];
# initialize = true; timerConfig = {
# passwordFile = config.age.secrets."restic-password".path; OnCalendar = "*-*-* 00:00:00 Etc/UTC";
# # See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/ };
# repository = "rclone:cloud.pub.solar:/backups/InvoicePlane"; initialize = true;
# backupPrepareCommand = '' passwordFile = config.age.secrets."restic-password.age".path;
# PW=$(cat ${config.age.secrets."invoiceplane-db-password".path}) # See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
# ${pkgs.mariadb-client}/bin/mariadb-dump --all-databases --password=$PW --user=invoiceplane > "${backupDir}/mariadb-dump.sql" repository = "rclone:cloud.pub.solar:/Backups/InvoicePlane";
# ''; backupPrepareCommand = ''
# rcloneConfigFile = config.age.secrets."rclone-fae.conf".path; ${pkgs.mariadb-client}/bin/mariadb-dump --all-databases --user=invoiceplane > "${backupDir}/invoiceplane-mariadb-dump.sql"
# }; '';
#}; rcloneConfigFile = config.age.secrets."fae-rclone.conf.age".path;
};
};
} }

43
hosts/fae/paperless.nix
View file

@ -79,26 +79,29 @@ in
"d '${backupDir}' 0700 ${psCfg.user.name} users - -" "d '${backupDir}' 0700 ${psCfg.user.name} users - -"
]; ];
#age.secrets."rclone-fae.conf" = { age.secrets."fae-rclone.conf.age" = {
# file = "${flake.self}/secrets/rclone-fae.conf.age"; file = "${flake.self}/secrets/fae-rclone.conf.age";
# path = "/root/.config/rclone/rclone.conf"; path = "/root/.config/rclone/rclone.conf";
# mode = "400"; mode = "400";
#}; };
#age.secrets."restic-password" = { age.secrets."restic-password.age" = {
# file = "${flake.self}/secrets/restic-password.age"; file = "${flake.self}/secrets/restic-password.age";
# mode = "400"; mode = "400";
#}; };
#services.restic.backups = { services.restic.backups = {
# paperless = { paperless = {
# paths = [ backupDir ]; paths = [ backupDir ];
# initialize = true; timerConfig = {
# passwordFile = config.age.secrets."restic-password".path; OnCalendar = "*-*-* 01:00:00 Etc/UTC";
# # See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/ };
# repository = "rclone:cloud.pub.solar:/backups/Paperless"; initialize = true;
# backupPrepareCommand = "${dataDir}/paperless-manage document_exporter ${backupDir} -c -p"; passwordFile = config.age.secrets."restic-password.age".path;
# rcloneConfigFile = config.age.secrets."rclone-fae.conf".path; # See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
# }; repository = "rclone:cloud.pub.solar:/Backups/Paperless";
#}; backupPrepareCommand = "${dataDir}/paperless-manage document_exporter ${backupDir} -c -p";
rcloneConfigFile = config.age.secrets."fae-rclone.conf.age".path;
};
};
} }

BIN
secrets/fae-rclone.conf.age Normal file
View file

Binary file not shown.

9
secrets/restic-password.age Normal file
View file

@ -0,0 +1,9 @@
age-encryption.org/v1
-> ssh-ed25519 P2sgew RtTlKjDJLmZla6psMGCLCyGdC528wgKpAGRyjOSr0Xw
z6mXQcJ3EJsm6xdye2RW1UywRzGsw+F7YuBJCu7u97U
-> ssh-ed25519 BVsyTA MX32S4W/JPaZ0fHhvbrv9kfKFzsn0q1sSXCE0dP6GSc
xY3y6IfT10qov1RG/jTqHsvGaVx7TWqhIuPwvCVjD/o
-> piv-p256 xGzyzw A8UHNgwcama6GAq90f76XC1dXEnn4zFCnJnxZFZvLkTR
eJUaZhD9I+IuRwe72xICMrL9KRY5DXoZJdq4RSAC8vw
--- 13DAMF41oXunKtZwXnkW5b/8LOblg+6mq53H/rtm6d8
ƒ^+™B£w‰ÐTßZÁ;ß0ÓVÕwf~:½âà^ ÿ~ ë¯ùO[‰â<_FÑ…øê-{àÝ‚Ù²{|<5A>]ò™©ø…R—ÉÆB-sJ{Š9ÞâçÚ-^É&

10
secrets/secrets.nix
View file

@ -31,4 +31,14 @@ in
users.teutat3s users.teutat3s
users.teutat3s-5-nfc users.teutat3s-5-nfc
]; ];
"fae-rclone.conf.age".publicKeys = [
machines.fae
users.teutat3s
users.teutat3s-5-nfc
];
"restic-password.age".publicKeys = [
machines.fae
users.teutat3s
users.teutat3s-5-nfc
];
} }