diff options
-rw-r--r-- | krebs/3modules/backup.nix | 6 | ||||
-rw-r--r-- | krebs/3modules/tv/default.nix | 26 | ||||
-rw-r--r-- | tv/1systems/bu/config.nix | 40 | ||||
-rw-r--r-- | tv/1systems/bu/disks.nix | 19 | ||||
-rw-r--r-- | tv/2configs/backup.nix | 24 |
5 files changed, 113 insertions, 2 deletions
diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index c5cb1cae6..4a88582a2 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -157,7 +157,8 @@ let # of the deepest directory: # shellcheck disable=SC2174 ${local.rsync} >&2 \ - -aAXF --delete \ + -aAX --delete \ + --filter='dir-merge /.backup-filter' \ --rsh=${shell.escape ssh} \ --rsync-path=${shell.escape remote.rsync} \ --link-dest=${shell.escape plan.dst.path}/current \ @@ -191,7 +192,8 @@ let echo >&2 "create snapshot: $ns/$name" mkdir -m 0700 -p "$dst_path/$ns" rsync >&2 \ - -aAXF --delete \ + -aAX --delete \ + --filter='dir-merge /.backup-filter' \ --link-dest="$dst_path/current" \ "$dst_path/current/" \ "$dst_path/$ns/.partial.$name" diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 8d48c2a47..4e40561c2 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -82,6 +82,32 @@ in { ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; + bu = { + ci = true; + cores = 4; + nets = { + retiolum = { + ip4.addr = "10.243.13.36"; + aliases = [ + "bu.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAxjAvT1sfHPWExhWRoXG+NJbYUmf5q4yfpfBRvb232LC9sLn4Z2wb + hxKreR5/j9a/2hRIlCz4IwKftl5vroG9Vy4e7zZIz6QvN4TqED8dUjJ1ubhtj47l + jjHW4cHLUWsaqqu6TAuPH26qPSxm9VrD6rZIX9RmQ1bWIaonVB3Q+XnDfPlISw6M + gbQXz4tOsOnC+y/6C3VPUo0nqC+PuA/kyRq/ivVutKd0dTSY8LmCDNla6AEVD5dG + sIqPWX5h8fjqU7G3oOMvMsBrCkvRRB0F0dQzGo8EXwCDJxa+xOuk5n1GYJ2lqeM/ + st7KIxmLvO5AE7cUxdLlDj4EzVLSDoAqOwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "/MXEuv96HlrpHBto8KP2S6Ztiahhi3H7AevmbYS+xqE"; + }; + }; + secure = true; + ssh.privkey.path = config.krebs.secret.file "ssh.id_rsa"; + ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1Y13PvTn+9VjQbgy2ZmpAEFXyYaroYP/5nK9o7B8cidf01Sh39184mG8KN8VuEzCj7b37KnLH8qUDcsukvkxOVSoVHmXH+/Pgbmsxp4c9sxLQLHBfCazhT0S3Zs+BkR6LNQ8GOCS1qsgy05L6fMXoQgds3Zx/X4ZYjLnYVnJo8k+6aP4pU/rB6GFzGG9UrLDvSvk/PoswpEr7S6uFa4bF8JWD5VPkQTPTNwm1LWH4va+ABcw9KOgL2tsAk/jJlkLD4qgXowqgbwcpfe+QCukJb7uIQjRtOgxSAhHqT1nxjS6gROhGt0ojuwALaZaFPr9YtGlqxPhUzAXWKvvbVcr6kkR17HrtXZeLdFqwrUPlkIDFV6yLbYzQGKPFwxtpoJaH/irv6cgeXnHaa9XQJk+XJ5pE0X9uNljGr3B8LMKymdlvvBiWOOLpYsHg5aVOR+K7HvydLSuaah8hpCLjjVyIYIl/pIDL4F/FUSxcFBB4fgdXB77LXm5UizmI7+dqZaOQSm8qXbLZ8P+13ele2JyV1pmvJbLFlhCksDMOXx9jvSJQ6DOjPd+2vtABWh9XGo2Fiy+ekB9LTzlW+xON4FRZDoTPrPmhg40v+s7lySHx3miwCIJfNfLJpf0dxm3pQYWZPIra1RA9hbgstXBJ3+2VA5JEuVRt0SEygN5Kgk1Y5w== root@bu"; + }; hu = { nets = { retiolum = { diff --git a/tv/1systems/bu/config.nix b/tv/1systems/bu/config.nix new file mode 100644 index 000000000..69c5848f5 --- /dev/null +++ b/tv/1systems/bu/config.nix @@ -0,0 +1,40 @@ +{ config, pkgs, ... }: let + lib = import ../../../lib; +in { + + imports = [ + ./disks.nix + <stockholm/tv> + <stockholm/tv/2configs/hw/x220.nix> + <stockholm/tv/2configs/exim-retiolum.nix> + <stockholm/tv/2configs/gitconfig.nix> + <stockholm/tv/2configs/pulse.nix> + <stockholm/tv/2configs/retiolum.nix> + ]; + + environment.homeBinInPath = true; + + krebs.build.host = config.krebs.hosts.bu; + + networking.hostId = lib.mkDefault "00000000"; + + networking.wireless.enable = true; + networking.useDHCP = false; + networking.interfaces.enp0s25.useDHCP = true; + networking.interfaces.wlp3s0.useDHCP = true; + networking.interfaces.wwp0s29u1u4i6.useDHCP = true; + networking.wireless.interfaces = [ + "wlp3s0" + ]; + + programs.gnupg.agent.enable = true; + programs.gnupg.agent.pinentryFlavor = "gtk2"; + + services.earlyoom.enable = true; + services.earlyoom.freeMemThreshold = 5; + systemd.services.earlyoom.environment.EARLYOOM_ARGS = toString [ + "--prefer '(^|/)chromium$'" + ]; + + system.stateVersion = "21.11"; +} diff --git a/tv/1systems/bu/disks.nix b/tv/1systems/bu/disks.nix new file mode 100644 index 000000000..deabefa7b --- /dev/null +++ b/tv/1systems/bu/disks.nix @@ -0,0 +1,19 @@ +{ + boot.initrd.luks.devices.buda2.device = "/dev/sda2"; + fileSystems."/" = { + device = "buda2/root"; + fsType = "zfs"; + }; + fileSystems."/bku" = { + device = "buda2/bku"; + fsType = "zfs"; + }; + fileSystems."/home" = { + device = "buda2/home"; + fsType = "zfs"; + }; + fileSystems."/boot" = { + device = "/dev/sda1"; + fsType = "vfat"; + }; +} diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix index b8dec8da4..a5e0cf4c7 100644 --- a/tv/2configs/backup.nix +++ b/tv/2configs/backup.nix @@ -10,6 +10,24 @@ with import <stockholm/lib>; yearly = { format = "%Y"; }; }; }) { + bu-home-wu = { + method = "push"; + src = { host = config.krebs.hosts.bu; path = "/home"; }; + dst = { host = config.krebs.hosts.wu; path = "/bku/bu-home"; }; + startAt = "05:15"; + }; + bu-home-xu = { + method = "push"; + src = { host = config.krebs.hosts.bu; path = "/home"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/bu-home"; }; + startAt = "05:20"; + }; + bu-home-zu = { + method = "push"; + src = { host = config.krebs.hosts.bu; path = "/home"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/bu-home"; }; + startAt = "05:25"; + }; nomic-home-xu = { method = "push"; src = { host = config.krebs.hosts.nomic; path = "/home"; }; @@ -40,6 +58,12 @@ with import <stockholm/lib>; dst = { host = config.krebs.hosts.zu; path = "/bku/wu-home"; }; startAt = "05:20"; }; + xu-home-bu = { + method = "push"; + src = { host = config.krebs.hosts.xu; path = "/home"; }; + dst = { host = config.krebs.hosts.bu; path = "/bku/xu-home"; }; + startAt = "04:50"; + }; xu-home-nomic = { method = "push"; src = { host = config.krebs.hosts.xu; path = "/home"; }; |