diff options
Diffstat (limited to 'makefu/2configs/bgt')
-rw-r--r-- | makefu/2configs/bgt/backup.nix | 20 | ||||
-rw-r--r-- | makefu/2configs/bgt/download.binaergewitter.de.nix | 30 |
2 files changed, 48 insertions, 2 deletions
diff --git a/makefu/2configs/bgt/backup.nix b/makefu/2configs/bgt/backup.nix new file mode 100644 index 000000000..3b9baadef --- /dev/null +++ b/makefu/2configs/bgt/backup.nix @@ -0,0 +1,20 @@ +{ + # Manual steps: + # 1. ssh-copy-id root ssh-key to the remotes you want to back up + # 2. run `rsnapshot hourly` manually as root to check if everything works + services.rsnapshot = { + enable = true; + cronIntervals = { + daily = "50 21 * * *"; + hourly = "0 */4 * * *"; + }; + extraConfig = '' +retain hourly 5 +retain daily 365 +snapshot_root /var/backup +backup root@binaergewitter.jit.computer:/opt/isso jit +backup root@binaergewitter.jit.computer:/etc/systemd/system/isso.service jit +backup root@binaergewitter.jit.computer:/etc/nginx/conf.d/isso.conf jit + ''; + }; +} diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix index 6d64848f5..f223081e9 100644 --- a/makefu/2configs/bgt/download.binaergewitter.de.nix +++ b/makefu/2configs/bgt/download.binaergewitter.de.nix @@ -3,6 +3,8 @@ with import <stockholm/lib>; let ident = (builtins.readFile ./auphonic.pub); + bgtaccess = "/var/spool/nginx/logs/binaergewitter.access.log"; + bgterror = "/var/spool/nginx/logs/binaergewitter.error.log"; in { services.openssh = { allowSFTP = true; @@ -21,6 +23,19 @@ in { useDefaultShell = true; openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ]; }; + services.logrotate = { + enable = true; + config = '' + ${bgtaccess} ${bgterror} { + rotate 5 + weekly + create 600 nginx nginx + postrotate + ${pkgs.systemd}/bin/systemctl reload nginx + endscript + } + ''; + }; services.nginx = { enable = lib.mkDefault true; recommendedGzipSettings = true; @@ -29,10 +44,21 @@ in { serverAliases = [ "dl2.binaergewitter.de" ]; root = "/var/www/binaergewitter"; extraConfig = '' - access_log /var/spool/nginx/logs/binaergewitter.access.log combined; - error_log /var/spool/nginx/logs/binaergewitter.error.log error; + access_log ${bgtaccess} combined; + error_log ${bgterror} error; autoindex on; ''; }; }; + environment.etc."netdata/python.d/web_log.conf".text = '' + nginx_log3: + name: 'nginx' + path: '/var/spool/nginx/logs/access.log' + nginx_log4: + name: 'bgt' + path: '${bgtaccess}' + ''; + + users.users.netdata.extraGroups = [ "nginx" ]; + } |