1
0

Compare commits

...

2 Commits

Author SHA1 Message Date
fd1d9a2252 Fix external backup again 2022-06-12 21:51:19 +02:00
5b6cadecbe Update website clerie.de 2022-06-12 21:49:36 +02:00
4 changed files with 35 additions and 31 deletions

View File

@ -89,6 +89,23 @@
compression = "auto,lzma"; compression = "auto,lzma";
startAt = "*-*-* 06:23:00"; startAt = "*-*-* 06:23:00";
}; };
backup-replication-external-drive = {
paths = [
"/mnt/clerie-backup"
];
doInit = true;
repo = "borg@palladium.net.clerie.de:." ;
encryption = {
mode = "none";
};
environment = {
BORG_RSH = "ssh -i /var/src/secrets/ssh/borg-backup-replication-external-drive";
BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK = "yes";
BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes";
};
compression = "auto,lzma";
startAt = "*-*-* 08:37:00";
};
}; };
users.users.backup-replication = { users.users.backup-replication = {
@ -96,7 +113,7 @@
group = "backup-replication"; group = "backup-replication";
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8kCLiDfVFKgoNvEoMb34jp2n1lQG+k7wigzc4qGmrROlWkJ46/Ym4UrSeQJAd6hwHTcKTZkeOrqDAjZZ+jlidpncJHT5VMW5Ah965pxbBq6Qh1Yz5tKj7nLAQ/+bwEH4qqBFNd796876n3pY/FqhwAHWONqWhLKzMXpFursMSITUPmRXcaPwJrgS9DIYspZ9bBhhRSdQ5N1SiGtaszOQwdevLnNYqdtFOBG4rt9SO6IBIHtaiTIHrrMGS2Lt3NMwkq+O+N+TGaKLjbwqtfUPfPOCmY0XH12OawjxHP9hZ+WH3dPtcu5p+VORciSybPvyh9qzXUrDeO4HDuii2GEFU8JFELYXdT/qBwdIMp82tkgww0zKbTJuc0y/9eR7LCXop4OALhR8+8xWDI9c1ccxu3T7S7zUI1OmTlR9i8rx85D4sz2dtp1jirDoW2KVuIdwe6G3NLfTL95FZRmveEQM3MO8MPpfzZ4EvaMbiQQd/c4VAmGovtSLQhySTpT6qSv0= root@backup-4" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8kCLiDfVFKgoNvEoMb34jp2n1lQG+k7wigzc4qGmrROlWkJ46/Ym4UrSeQJAd6hwHTcKTZkeOrqDAjZZ+jlidpncJHT5VMW5Ah965pxbBq6Qh1Yz5tKj7nLAQ/+bwEH4qqBFNd796876n3pY/FqhwAHWONqWhLKzMXpFursMSITUPmRXcaPwJrgS9DIYspZ9bBhhRSdQ5N1SiGtaszOQwdevLnNYqdtFOBG4rt9SO6IBIHtaiTIHrrMGS2Lt3NMwkq+O+N+TGaKLjbwqtfUPfPOCmY0XH12OawjxHP9hZ+WH3dPtcu5p+VORciSybPvyh9qzXUrDeO4HDuii2GEFU8JFELYXdT/qBwdIMp82tkgww0zKbTJuc0y/9eR7LCXop4OALhR8+8xWDI9c1ccxu3T7S7zUI1OmTlR9i8rx85D4sz2dtp1jirDoW2KVuIdwe6G3NLfTL95FZRmveEQM3MO8MPpfzZ4EvaMbiQQd/c4VAmGovtSLQhySTpT6qSv0= root@backup-4"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRANmJ2LYUr0Mavz/JJ7j+7p1zkqvizf6ZLt5XOJ2fj0enDuK7Dc5fxiESLGYTsLRVWuY4hNXVIL7aeJUj1LPf6LEX87APP4hb95t+TFxcES87tFfnFO48eiBbSd25Av2jmHGb6/wY2viYBxfk/vrLjPR6RgICqFsWFcz20bsWmc48FdzXYJCGJfKjHiW+Ut95VL+M/AlGBQHo33FNDyPXV4zh+MeWVkOFicwfh0k+4NH7Psj5n93m9szAlz306t5YZ32HnhSlvObkMk1Ugy6AzPKXrgKBu11pmatf7sFRx1ikYGUiKiezGjatt/8lYZfE8rQKQjwH+6LPt3ZPv06ncfKpH2vbZfonM0KhSsm1OIhJTse+X7ZMxizO6QqYM+BRJJGMbhH1g+6kFRsdlwakHNPE9YvG4NxZ1NxWTUr6F0gPhUEy61LkTnznt3ct1hgQR02KDQ+9i8PvaYeIIzZzRKufv4tV7OZkDLbN97tvAMkgpLjF+8fCg3qjn2Lckzc= root@palladium" #"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRANmJ2LYUr0Mavz/JJ7j+7p1zkqvizf6ZLt5XOJ2fj0enDuK7Dc5fxiESLGYTsLRVWuY4hNXVIL7aeJUj1LPf6LEX87APP4hb95t+TFxcES87tFfnFO48eiBbSd25Av2jmHGb6/wY2viYBxfk/vrLjPR6RgICqFsWFcz20bsWmc48FdzXYJCGJfKjHiW+Ut95VL+M/AlGBQHo33FNDyPXV4zh+MeWVkOFicwfh0k+4NH7Psj5n93m9szAlz306t5YZ32HnhSlvObkMk1Ugy6AzPKXrgKBu11pmatf7sFRx1ikYGUiKiezGjatt/8lYZfE8rQKQjwH+6LPt3ZPv06ncfKpH2vbZfonM0KhSsm1OIhJTse+X7ZMxizO6QqYM+BRJJGMbhH1g+6kFRsdlwakHNPE9YvG4NxZ1NxWTUr6F0gPhUEy61LkTnznt3ct1hgQR02KDQ+9i8PvaYeIIzZzRKufv4tV7OZkDLbN97tvAMkgpLjF+8fCg3qjn2Lckzc= root@palladium"
]; ];
}; };

View File

@ -6,39 +6,18 @@ let
DEVICE=/dev/disk/by-path/pci-0000:00:12.0-ata-2-part1 DEVICE=/dev/disk/by-path/pci-0000:00:12.0-ata-2-part1
cryptsetup luksOpen ''${DEVICE} external-drive ${pkgs.cryptsetup}/bin/cryptsetup luksOpen ''${DEVICE} external-drive
mkdir -p /mnt/external-drive mkdir -p /mnt/external-drive
mount /dev/mapper/external-drive /mnt/external-drive mount /dev/mapper/external-drive /mnt/external-drive
''; '';
cb-sync = pkgs.writeScriptBin "cb-sync" ''
#!${pkgs.bash}/bin/bash
set -e
# Check, if the something is mounted in our sycdir
if grep -qs '/mnt/external-drive' /proc/mounts
then
echo "fine"
else
echo "Please plug in a backup drive and mount it using cb-mount"
exit 1
fi
SNAPSHOT_NAME=$(${pkgs.borgbackup}/bin/borg list --last 1 --short /mnt/palladium/clerie-backup)
${pkgs.borgbackup}/bin/borg mount /mnt/palladium/clerie-backup::$SNAPSHOT_NAME /mnt/clerie-backup-mount
${pkgs.bindfs}/bin/bindfs /mnt/clerie-backup-mount/mnt/clerie-backup /mnt/clerie-backup
${pkgs.borgbackup}/bin/borg create /mnt/external-drive/clerie-backup::$SNAPSHOT_NAME /mnt/clerie-backup
umount /mnt/clerie-backup
${pkgs.borgbackup}/bin/borg unmoumt /mnt/clerie-backup-mount
'';
cb-unmount = pkgs.writeScriptBin "cb-unmount" '' cb-unmount = pkgs.writeScriptBin "cb-unmount" ''
#!${pkgs.bash}/bin/bash #!${pkgs.bash}/bin/bash
umount /mnt/external-drive umount /mnt/external-drive
cryptsetup luksClose external-drive ${pkgs.cryptsetup}/bin/cryptsetup luksClose external-drive
''; '';
in { in {
environment.systemPackages = with pkgs; [ pkgs.cryptsetup cb-mount cb-sync cb-unmount ]; environment.systemPackages = [ cb-mount cb-unmount ];
} }

View File

@ -27,11 +27,19 @@
KERNEL=="sd?[0-9]", ENV{ID_MODEL}=="ST1000DM003-1SB102", ACTION=="add", RUN+="${pkgs.hdparm}/sbin/hdparm -S 24 /dev/%k" KERNEL=="sd?[0-9]", ENV{ID_MODEL}=="ST1000DM003-1SB102", ACTION=="add", RUN+="${pkgs.hdparm}/sbin/hdparm -S 24 /dev/%k"
''; '';
services.borgbackup.repos.clerie-backup = { services.borgbackup.repos = {
path = "/mnt/palladium/clerie-backup"; clerie-backup = {
authorizedKeysAppendOnly = [ path = "/mnt/palladium/clerie-backup";
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyk716RnbenPMkhLolyIkU8ywUSg8x7hjsXFFQoJx4I root@clerie-backup" authorizedKeysAppendOnly = [
]; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyk716RnbenPMkhLolyIkU8ywUSg8x7hjsXFFQoJx4I root@clerie-backup"
];
};
external-drive = {
path = "/mnt/external-drive/clerie-backup";
authorizedKeysAppendOnly = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuh74Esdp8JPgIZzM372DaCwtAl2QNtRratnIFG0NRB root@clerie-backup"
];
};
}; };
clerie.monitoring = { clerie.monitoring = {

View File

@ -16,7 +16,7 @@
root = fetchGit { root = fetchGit {
url = "https://git.clerie.de/clerie/clerie.de.git"; url = "https://git.clerie.de/clerie/clerie.de.git";
ref = "main"; ref = "main";
rev = "23e7b06dc15a8dcc320b2db9508e2192d33236cb"; rev = "67738c06cff85e2cefbea87d45c277bd01a3778a";
}; };
locations."~ ^/.well-known/openpgpkey/hu/[a-z0-9]+/?$" = { locations."~ ^/.well-known/openpgpkey/hu/[a-z0-9]+/?$" = {
extraConfig = '' extraConfig = ''