backup calibre data

This commit is contained in:
Noah Masur 2022-10-16 03:47:21 +00:00
parent 6e26b64f43
commit e1e27ca065
5 changed files with 44 additions and 11 deletions

View File

@ -32,7 +32,7 @@ nixpkgs.lib.nixosSystem {
backupS3 = { backupS3 = {
endpoint = "s3.us-west-002.backblazeb2.com"; endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup"; bucket = "noahmasur-backup";
accessKeyId = "0026b0e73b2e2c80000000004"; accessKeyId = "0026b0e73b2e2c80000000005";
}; };
# Grant access to Jellyfin directories from Nextcloud # Grant access to Jellyfin directories from Nextcloud

View File

@ -23,9 +23,13 @@
config = { config = {
users.groups.backup = { };
secrets.backup = { secrets.backup = {
source = ../../private/backup.age; source = ../../private/backup.age;
dest = "${config.secretsDirectory}/backup"; dest = "${config.secretsDirectory}/backup";
group = "backup";
permissions = "0440";
}; };
# # Backup library to object storage # # Backup library to object storage

View File

@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
imports = [ ./caddy.nix ]; imports = [ ./caddy.nix ./backups.nix ];
options = { options = {
bookServer = lib.mkOption { bookServer = lib.mkOption {
@ -39,6 +39,35 @@
}]; }];
}]; }];
# Run a backup on a schedule
systemd.timers.calibre-backup = {
timerConfig = {
OnCalendar = "*-*-* 00:00:00"; # Once per day
Unit = "calibre-backup.service";
};
wantedBy = [ "timers.target" ];
};
# Backup Calibre data to object storage
systemd.services.calibre-backup =
let libraryPath = "/var/lib/calibre-web"; # Default location
in {
description = "Backup Calibre data";
environment.AWS_ACCESS_KEY_ID = config.backupS3.accessKeyId;
serviceConfig = {
Type = "oneshot";
User = "calibre-web";
Group = "backup";
EnvironmentFile = config.secrets.backup.dest;
};
script = ''
${pkgs.awscli2}/bin/aws s3 sync \
${libraryPath}/ \
s3://${config.backupS3.bucket}/calibre/ \
--endpoint-url=https://${config.backupS3.endpoint}
'';
};
}; };
} }

View File

@ -60,7 +60,7 @@
lib.mkForce "0770"; lib.mkForce "0770";
# Allow litestream and nextcloud to share a sqlite database # Allow litestream and nextcloud to share a sqlite database
users.users.litestream.extraGroups = [ "nextcloud" ]; users.users.litestream.extraGroups = [ "nextcloud" "backup" ];
users.users.nextcloud.extraGroups = [ "litestream" ]; users.users.nextcloud.extraGroups = [ "litestream" ];
# Backup sqlite database with litestream # Backup sqlite database with litestream

View File

@ -1,10 +1,10 @@
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBuMUg4 YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBmVEo2
TG5Oa1U5WERGOWJibkRZRVJwZGdEZmRsSVBraHdVYTJwbGpNL1VnCjRYaW1nTUR0 bExsZERhYi9vVXMxVThRK2w3dFR4UlZVcGlsWUFPM3pReTQwaW5ZCjQ5Z3g3amZC
cjR2NHJ1V1lhRHp4a2VOekVTZVl5Rk5CcG1heHhsR2M5SHMKLT4gc3NoLWVkMjU1 bWUwWkdKTStVbFpwMmdwK3pQQU5CeE5tMVNHbXI1UkdCTFUKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIHhEN3o1NzNTTVIvZG1VcERJQitkRk4vTmtFQk9SVUVJQUVOdVY2 MTkgWXlTVU1RIE9sTG1lOHIyVGdLNWtJRTZtdGNWWEFsTTJ5bE1HS1V2MEdKeGNN
YWoxM1UKVVVMWTYzKzE4ZjVDWitGNkUvR2U1Z1VJdVdqOWhWZVAxNWFOaFZvZGpS WFMyV28KVlRHdDg5SGFadVlJempKWkp6eEp6TkhINnl0R0xDL0J0WXByclpFWE5I
OAotLS0gWlU2TEY0TFZiM3VCM0hWcDAvQlQzTjE3MkZSOGNXaUhDdVQzL2pVRzlT VQotLS0gVVhaUDZLTy8xS3hKOVliSlpuTEY2Q2xOQUEvblBtUG9Vb0I5ZE1oOUZ1
VQoP0xMzUx0ozRvXFrNfFNyqwzUoHl7GM1P6VFjjDjuMkuWtQ/+V6DV/rGlXDKJ9 VQr18Jwx6XDa7bwq0QWT6NdIFzqNUHWhDyUvS9twncFsr0yEAUDQd2XLtE+Vc8T9
jidhm8Y0hbjL6cbQrolUSgHSzG5CPD/4pb3zmxTZ9ol7cQuR4PbnPQ== Z7y/C8Ct5+duqd6YaeqROJz5zVj0NnI0lshirBl89PQWF9ihp4V4Hw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----