summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/backup.nix6
-rw-r--r--krebs/3modules/tv/default.nix26
-rw-r--r--tv/1systems/bu/config.nix40
-rw-r--r--tv/1systems/bu/disks.nix19
-rw-r--r--tv/2configs/backup.nix24
5 files changed, 113 insertions, 2 deletions
diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix
index c5cb1cae6..4a88582a2 100644
--- a/krebs/3modules/backup.nix
+++ b/krebs/3modules/backup.nix
@@ -157,7 +157,8 @@ let
# of the deepest directory:
# shellcheck disable=SC2174
${local.rsync} >&2 \
- -aAXF --delete \
+ -aAX --delete \
+ --filter='dir-merge /.backup-filter' \
--rsh=${shell.escape ssh} \
--rsync-path=${shell.escape remote.rsync} \
--link-dest=${shell.escape plan.dst.path}/current \
@@ -191,7 +192,8 @@ let
echo >&2 "create snapshot: $ns/$name"
mkdir -m 0700 -p "$dst_path/$ns"
rsync >&2 \
- -aAXF --delete \
+ -aAX --delete \
+ --filter='dir-merge /.backup-filter' \
--link-dest="$dst_path/current" \
"$dst_path/current/" \
"$dst_path/$ns/.partial.$name"
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 8d48c2a47..4e40561c2 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -82,6 +82,32 @@ in {
ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519";
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au";
};
+ bu = {
+ ci = true;
+ cores = 4;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.13.36";
+ aliases = [
+ "bu.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAxjAvT1sfHPWExhWRoXG+NJbYUmf5q4yfpfBRvb232LC9sLn4Z2wb
+ hxKreR5/j9a/2hRIlCz4IwKftl5vroG9Vy4e7zZIz6QvN4TqED8dUjJ1ubhtj47l
+ jjHW4cHLUWsaqqu6TAuPH26qPSxm9VrD6rZIX9RmQ1bWIaonVB3Q+XnDfPlISw6M
+ gbQXz4tOsOnC+y/6C3VPUo0nqC+PuA/kyRq/ivVutKd0dTSY8LmCDNla6AEVD5dG
+ sIqPWX5h8fjqU7G3oOMvMsBrCkvRRB0F0dQzGo8EXwCDJxa+xOuk5n1GYJ2lqeM/
+ st7KIxmLvO5AE7cUxdLlDj4EzVLSDoAqOwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "/MXEuv96HlrpHBto8KP2S6Ztiahhi3H7AevmbYS+xqE";
+ };
+ };
+ secure = true;
+ ssh.privkey.path = config.krebs.secret.file "ssh.id_rsa";
+ ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1Y13PvTn+9VjQbgy2ZmpAEFXyYaroYP/5nK9o7B8cidf01Sh39184mG8KN8VuEzCj7b37KnLH8qUDcsukvkxOVSoVHmXH+/Pgbmsxp4c9sxLQLHBfCazhT0S3Zs+BkR6LNQ8GOCS1qsgy05L6fMXoQgds3Zx/X4ZYjLnYVnJo8k+6aP4pU/rB6GFzGG9UrLDvSvk/PoswpEr7S6uFa4bF8JWD5VPkQTPTNwm1LWH4va+ABcw9KOgL2tsAk/jJlkLD4qgXowqgbwcpfe+QCukJb7uIQjRtOgxSAhHqT1nxjS6gROhGt0ojuwALaZaFPr9YtGlqxPhUzAXWKvvbVcr6kkR17HrtXZeLdFqwrUPlkIDFV6yLbYzQGKPFwxtpoJaH/irv6cgeXnHaa9XQJk+XJ5pE0X9uNljGr3B8LMKymdlvvBiWOOLpYsHg5aVOR+K7HvydLSuaah8hpCLjjVyIYIl/pIDL4F/FUSxcFBB4fgdXB77LXm5UizmI7+dqZaOQSm8qXbLZ8P+13ele2JyV1pmvJbLFlhCksDMOXx9jvSJQ6DOjPd+2vtABWh9XGo2Fiy+ekB9LTzlW+xON4FRZDoTPrPmhg40v+s7lySHx3miwCIJfNfLJpf0dxm3pQYWZPIra1RA9hbgstXBJ3+2VA5JEuVRt0SEygN5Kgk1Y5w== root@bu";
+ };
hu = {
nets = {
retiolum = {
diff --git a/tv/1systems/bu/config.nix b/tv/1systems/bu/config.nix
new file mode 100644
index 000000000..69c5848f5
--- /dev/null
+++ b/tv/1systems/bu/config.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, ... }: let
+ lib = import ../../../lib;
+in {
+
+ imports = [
+ ./disks.nix
+ <stockholm/tv>
+ <stockholm/tv/2configs/hw/x220.nix>
+ <stockholm/tv/2configs/exim-retiolum.nix>
+ <stockholm/tv/2configs/gitconfig.nix>
+ <stockholm/tv/2configs/pulse.nix>
+ <stockholm/tv/2configs/retiolum.nix>
+ ];
+
+ environment.homeBinInPath = true;
+
+ krebs.build.host = config.krebs.hosts.bu;
+
+ networking.hostId = lib.mkDefault "00000000";
+
+ networking.wireless.enable = true;
+ networking.useDHCP = false;
+ networking.interfaces.enp0s25.useDHCP = true;
+ networking.interfaces.wlp3s0.useDHCP = true;
+ networking.interfaces.wwp0s29u1u4i6.useDHCP = true;
+ networking.wireless.interfaces = [
+ "wlp3s0"
+ ];
+
+ programs.gnupg.agent.enable = true;
+ programs.gnupg.agent.pinentryFlavor = "gtk2";
+
+ services.earlyoom.enable = true;
+ services.earlyoom.freeMemThreshold = 5;
+ systemd.services.earlyoom.environment.EARLYOOM_ARGS = toString [
+ "--prefer '(^|/)chromium$'"
+ ];
+
+ system.stateVersion = "21.11";
+}
diff --git a/tv/1systems/bu/disks.nix b/tv/1systems/bu/disks.nix
new file mode 100644
index 000000000..deabefa7b
--- /dev/null
+++ b/tv/1systems/bu/disks.nix
@@ -0,0 +1,19 @@
+{
+ boot.initrd.luks.devices.buda2.device = "/dev/sda2";
+ fileSystems."/" = {
+ device = "buda2/root";
+ fsType = "zfs";
+ };
+ fileSystems."/bku" = {
+ device = "buda2/bku";
+ fsType = "zfs";
+ };
+ fileSystems."/home" = {
+ device = "buda2/home";
+ fsType = "zfs";
+ };
+ fileSystems."/boot" = {
+ device = "/dev/sda1";
+ fsType = "vfat";
+ };
+}
diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix
index b8dec8da4..a5e0cf4c7 100644
--- a/tv/2configs/backup.nix
+++ b/tv/2configs/backup.nix
@@ -10,6 +10,24 @@ with import <stockholm/lib>;
yearly = { format = "%Y"; };
};
}) {
+ bu-home-wu = {
+ method = "push";
+ src = { host = config.krebs.hosts.bu; path = "/home"; };
+ dst = { host = config.krebs.hosts.wu; path = "/bku/bu-home"; };
+ startAt = "05:15";
+ };
+ bu-home-xu = {
+ method = "push";
+ src = { host = config.krebs.hosts.bu; path = "/home"; };
+ dst = { host = config.krebs.hosts.xu; path = "/bku/bu-home"; };
+ startAt = "05:20";
+ };
+ bu-home-zu = {
+ method = "push";
+ src = { host = config.krebs.hosts.bu; path = "/home"; };
+ dst = { host = config.krebs.hosts.zu; path = "/bku/bu-home"; };
+ startAt = "05:25";
+ };
nomic-home-xu = {
method = "push";
src = { host = config.krebs.hosts.nomic; path = "/home"; };
@@ -40,6 +58,12 @@ with import <stockholm/lib>;
dst = { host = config.krebs.hosts.zu; path = "/bku/wu-home"; };
startAt = "05:20";
};
+ xu-home-bu = {
+ method = "push";
+ src = { host = config.krebs.hosts.xu; path = "/home"; };
+ dst = { host = config.krebs.hosts.bu; path = "/bku/xu-home"; };
+ startAt = "04:50";
+ };
xu-home-nomic = {
method = "push";
src = { host = config.krebs.hosts.xu; path = "/home"; };