prune_cfg

keep multiple dates of sql dumps
working restic jobb
2024-06-24 13:09:53 +02:00 · 2024-06-24 13:08:54 +02:00 · 2024-06-24 08:12:35 +02:00 · 2024-06-23 15:55:00 +02:00 · 2024-06-23 15:39:08 +02:00 · 2024-06-23 12:29:53 +02:00
5 changed files with 144 additions and 62 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -105,14 +105,17 @@

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.sondell = {
+    home = "/home/sondell";
    isNormalUser = true;
    description = "sondell";
-    extraGroups = ["networkmanager" "wheel"];
+    extraGroups = ["networkmanager" "wheel" "backup"];
    packages = with pkgs; [
      firefox
      #  thunderbird
    ];
  };
+  users.groups."backup".gid = 1337;
+

  users.users.root = {
    isNormalUser = false;
@ -127,6 +130,7 @@
  environment.systemPackages = with pkgs; [
    #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
    #  wget
+    restic
    htop
    cloudflared
    filebrowser
@ -143,18 +147,20 @@
  programs = {
    ssh.startAgent = true;
    fish = {
-      enable = true;
+      enable = false;
      shellInit = "starship init fish | source";
    };
-    starship.enable = true;
-    starship.settings = {
+  starship = {
+      enable = false;
+      settings = {
        shell = {
          disabled = false;
-        fish_indicator = "";
+          # fish_indicator = "";
          bash_indicator = "BASH";
        };
      };
  };
+  };

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
--- a/flake.lock
+++ b/flake.lock
@ -71,6 +71,26 @@
        "url": "https://git.sondell.org/glennwso/home.git"
      }
    },
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1716847642,
+        "narHash": "sha256-rjEswRV0o23eBBils8lJXyIGha+l/VjV73IPg+ztxgk=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "10c7c219b7dae5795fb67f465a0d86cbe29f25fa",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
    "nixos-mailserver": {
      "inputs": {
        "blobs": "blobs",
@ -78,14 +98,14 @@
        "nixpkgs": [
          "nixpkgs"
        ],
-        "utils": "utils"
+        "nixpkgs-24_05": "nixpkgs-24_05"
      },
      "locked": {
-        "lastModified": 1710449465,
-        "narHash": "sha256-2orO8nfplp6uQJBFqKkj1iyNMC6TysmwbWwbb4osTag=",
+        "lastModified": 1718697807,
+        "narHash": "sha256-Enla61WFisytTYbWygPynEbu8vozjeGc6Obkj2GRj7o=",
        "owner": "simple-nixos-mailserver",
        "repo": "nixos-mailserver",
-        "rev": "79c8cfcd5873a85559da6201b116fb38b490d030",
+        "rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b",
        "type": "gitlab"
      },
      "original": {
@ -96,11 +116,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1711703276,
-        "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
+        "lastModified": 1716509168,
+        "narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
+        "rev": "bfb7a882678e518398ce9a31a881538679f6f092",
        "type": "github"
      },
      "original": {
@ -110,9 +130,25 @@
        "type": "github"
      }
    },
+    "nixpkgs-24_05": {
+      "locked": {
+        "lastModified": 1717144377,
+        "narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "805a384895c696f802a9bf5bf4720f37385df547",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-24.05",
+        "type": "indirect"
+      }
+    },
    "root": {
      "inputs": {
        "home": "home",
+        "home-manager": "home-manager",
        "nixos-mailserver": "nixos-mailserver",
        "nixpkgs": "nixpkgs"
      }
@ -131,39 +167,6 @@
        "repo": "default",
        "type": "github"
      }
-    },
-    "systems_2": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
-    },
-    "utils": {
-      "inputs": {
-        "systems": "systems_2"
-      },
-      "locked": {
-        "lastModified": 1709126324,
-        "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "d465f4819400de7c8d874d50b982301f28a84605",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -1,17 +1,37 @@
 {
-  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
-  inputs.home.url = "git+https://git.sondell.org/glennwso/home.git";
-  inputs.home.inputs.nixpkgs.follows = "nixpkgs";
-  inputs.nixos-mailserver = {
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+    home = {
+      url = "git+https://git.sondell.org/glennwso/home.git";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    home-manager = {
+      url = "github:nix-community/home-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    nixos-mailserver = {
      url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+};

-  outputs = { self, nixpkgs, home, nixos-mailserver}@attrs:
+  outputs = { self, nixpkgs, home, nixos-mailserver, home-manager}@attrs:
  let 
    system = "x86_64-linux";
    homepage = home.packages.${system}.default;
    mailserver = nixos-mailserver.nixosModules.default;
+
+    homeSettings = {
+      home-manager = {
+        useGlobalPkgs = true;
+        useUserPackages = true;
+        users.sondell = import ./home/sondell.nix;
+      };
+    };
+    homeModules = [
+      home-manager.nixosModules.home-manager
+      homeSettings
+    ];
  in
   {
    # replace 'joes-desktop' with your hostname here.
@ -33,7 +53,7 @@
        ./vaultwarden.nix
        (import ./mail.nix {inherit mailserver;})
        (import ./homepage.nix {inherit homepage;})
-      ];
+      ] ++ homeModules;

    };
  };
--- a/home/sondell.nix
+++ b/home/sondell.nix
@ -0,0 +1,30 @@
+{
+  # pkgs,
+  # config,
+  # lib,
+  ...
+}:
+{	
+  # Home Manager needs a bit of information about you and the
+  # paths it should manage.
+  home.username = "sondell";
+  home.homeDirectory = "/home/sondell";
+  programs.ssh.addKeysToAgent = "yes";
+  programs.ssh.enable = true;
+  programs.ssh.matchBlocks."*".identityFile = [
+    "/home/sondell/.ssh/tulpan"
+  ];
+
+  # This value determines the Home Manager release that your
+  # configuration is compatible with. This helps avoid breakage
+  # when a new Home Manager release introduces backwards
+  # incompatible changes.
+  #
+  # You can update Home Manager without changing this value. See
+  # the Home Manager release notes for a list of state version
+  # changes in each release.
+  home.stateVersion = "24.05";
+
+  # Let Home Manager install and manage itself.
+  programs.home-manager.enable = true;
+}
--- a/nextcloud.nix
+++ b/nextcloud.nix
@ -8,20 +8,21 @@ in
  environment.systemPackages = [
    nextcloud
  ];
-  systemd.timers."nextcloud-backup" = {
+  systemd.timers."nextcloud-db-backup" = {
    wantedBy = [ "timers.target" ];
      timerConfig = {
        # OnBootSec = "5m";
        # OnUnitActiveSec = "5m";
        OnCalendar="*-*-* 2:00:00";
-        Unit = "nextcloud-backup.service";
+        Unit = "nextcloud-db-backup.service";
      };
  };

-  systemd.services."nextcloud-backup" = {
+  systemd.services."nextcloud-db-backup" = {
    script = with pkgs; ''
      set -eu
-      ${postgresql}/bin/pg_dump "nextcloud" | ${openssh}/bin/ssh -i /etc/nixos/.secrets/tulpan Glenn@nas "cat - > back/nextcloud/dump.sql" 
+      date=$(date --iso-8601)
+      ${postgresql}/bin/pg_dump "nextcloud" | ${openssh}/bin/ssh -i /etc/nixos/.secrets/tulpan Glenn@nas "cat - > back/nextcloud/sqldump/$date.sql" 
    '';
    serviceConfig = {
      Type = "oneshot";
@ -29,7 +30,27 @@ in
    };
  };

+  
  services = {
+    restic.backups = {
+      "nextcloud" = {
+        passwordFile = "/etc/nixos/.secrets/restic_pw";
+        repository = "sftp:Glenn@nas:/home/back/nextcloud/restic-repo";
+        paths = [
+          "/pool/var/lib/nextcloud"
+        ];
+        user = "sondell";
+        timerConfig.OnCalendar = "02:05";
+        pruneOpts = [
+          "--keep-daily 10"
+          "--keep-weekly 5"
+          "--keep-monthly 12"
+          "--keep-yearly 75"
+        ];
+      };
+    };
+
+  
    nginx.virtualHosts = {
      ${domain} = {
        forceSSL = true;
@ -48,6 +69,8 @@ in
      # Let NixOS install and configure the database automatically.
      database.createLocally = true;
      # Increase the maximum file upload size.
+      datadir="/pool/var/lib/nextcloud";
+      
      maxUploadSize = "16G";
      https = true;
      autoUpdateApps.enable = true;
Author	SHA1	Message	Date
admin	61784db467	prune_cfg	2024-06-24 13:09:53 +02:00
admin	4de4db324e	keep multiple dates of sql dumps	2024-06-24 13:08:54 +02:00
glenn	e7c4000fbf	working restic jobb	2024-06-24 08:12:35 +02:00
admin	66af534edc	filebrowser	2024-06-23 15:55:00 +02:00
glenn	1cc85f8237	flake lock update	2024-06-23 15:39:08 +02:00
glenn	52365bc4f2	init sondell home	2024-06-23 12:29:53 +02:00
admin	71b0b70bee	moved data	2024-06-23 08:05:34 +02:00
glenn	55d9a9e9f9	better backup name	2024-05-05 22:03:04 +02:00