From 3f86fa7d7de99f9b58f82bf861bf90678fc077a0 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Sun, 25 May 2025 18:07:25 +0200
Subject: [PATCH] Backup media volumes
---
machines/atlas/configuration.nix | 1 -
machines/jefke/configuration.nix | 1 -
machines/lewis/configuration.nix | 44 ++++++++++++++++++++++++++++++++
nixos/backups-ng.nix | 9 +++----
4 files changed, 48 insertions(+), 7 deletions(-)
diff --git a/machines/atlas/configuration.nix b/machines/atlas/configuration.nix
index 76c32ca..3d00282 100644
--- a/machines/atlas/configuration.nix
+++ b/machines/atlas/configuration.nix
@@ -7,7 +7,6 @@
pim.backups.borgBackups = {
freshrss = {
- repo = "ssh://ty1l82m0@ty1l82m0.repo.borgbase.com/./repo";
paths = ["/mnt/longhorn/persistent/volumes/freshrss"];
deploymentName = "server";
deploymentNamespace = "freshrss";
diff --git a/machines/jefke/configuration.nix b/machines/jefke/configuration.nix
index a435c25..f30cb56 100644
--- a/machines/jefke/configuration.nix
+++ b/machines/jefke/configuration.nix
@@ -7,7 +7,6 @@
pim.backups.borgBackups = {
radicale = {
- repo = "ssh://s9cx8q8a@s9cx8q8a.repo.borgbase.com/./repo";
paths = ["/mnt/longhorn/persistent/volumes/radicale"];
deploymentName = "server";
deploymentNamespace = "radicale";
diff --git a/machines/lewis/configuration.nix b/machines/lewis/configuration.nix
index 70337f7..557550c 100644
--- a/machines/lewis/configuration.nix
+++ b/machines/lewis/configuration.nix
@@ -22,6 +22,50 @@
k3s.serverAddr = "https://jefke.dmz:6443";
data-sharing.enable = true;
backups.enable = true;
+
+ backups.borgBackups = {
+ bazarr = {
+ paths = ["/mnt/longhorn/persistent/volumes/bazarr"];
+ deploymentName = "bazarr";
+ deploymentNamespace = "media";
+ };
+
+ deluge = {
+ paths = ["/mnt/longhorn/persistent/volumes/deluge"];
+ deploymentName = "deluge";
+ deploymentNamespace = "media";
+ };
+
+ jellyfin = {
+ paths = ["/mnt/longhorn/persistent/volumes/jellyfin"];
+ deploymentName = "jellyfin";
+ deploymentNamespace = "media";
+ };
+
+ jellyseerr = {
+ paths = ["/mnt/longhorn/persistent/volumes/jellyseerr"];
+ deploymentName = "jellyseerr";
+ deploymentNamespace = "media";
+ };
+
+ prowlarr = {
+ paths = ["/mnt/longhorn/persistent/volumes/prowlarr"];
+ deploymentName = "prowlarr";
+ deploymentNamespace = "media";
+ };
+
+ radarr = {
+ paths = ["/mnt/longhorn/persistent/volumes/radarr"];
+ deploymentName = "radarr";
+ deploymentNamespace = "media";
+ };
+
+ sonarr = {
+ paths = ["/mnt/longhorn/persistent/volumes/sonarr"];
+ deploymentName = "sonarr";
+ deploymentNamespace = "media";
+ };
+ };
};
systemd = {
diff --git a/nixos/backups-ng.nix b/nixos/backups-ng.nix
index 1cb100f..b79b3fa 100644
--- a/nixos/backups-ng.nix
+++ b/nixos/backups-ng.nix
@@ -6,9 +6,6 @@
}: let
borgBackupOpts = {
options = {
- repo = lib.mkOption {
- type = lib.types.str;
- };
paths = lib.mkOption {
type = with lib.types; listOf str;
};
@@ -35,12 +32,14 @@ in {
# TODO: should have some timeout and alerting?
config = {
services.borgbackup.jobs =
- lib.mapAttrs (_name: c: {
- inherit (c) repo paths;
+ lib.mapAttrs (name: c: {
+ inherit (c) paths;
+ repo = "ssh://w553a7cb@w553a7cb.repo.borgbase.com/./repo";
startAt = "*-*-* 00:00:00";
# TODO: low benefit, but we could set borgbase's host keys here as they are published online.
environment.BORG_RSH = "ssh -i ${config.sops.secrets."borg/borgbasePrivateKey".path} -o StrictHostKeychecking=no";
postHook = "${pkgs.k3s}/bin/kubectl scale deployment -n ${c.deploymentNamespace} ${c.deploymentName} --replicas=${toString c.replicaCount}";
+ archiveBaseName = name;
prune.keep = {
within = "7d";