feat: add backup for server

2025-09-28 12:37:26 +08:00 · 2025-09-28 12:37:26 +08:00 · f7409e0537
commit f7409e0537
parent 20ee47caa2
14 changed files with 256 additions and 165 deletions
--- a/system/dev/dn-server/backup.nix
+++ b/system/dev/dn-server/backup.nix
@ -0,0 +1,92 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+let
+  inherit (lib) mkIf;
+  backupAt = "*-*-* 03:00:00";
+  backupPath = "/mnt/backup_dn";
+  backupScript = pkgs.writeShellScript "backup-nextcloud.sh" ''
+    nextcloudPath="${config.services.nextcloud.datadir}"
+
+    if [ ! -d "$nextcloudPath" ]; then
+      echo "nextcloud path not found: $nextcloudPath"
+      exit 1
+    fi
+
+    backupPath="${backupPath}"
+    nextcloudBakPath="$backupPath"
+
+    if [ ! -d "$backupPath" ]; then
+      echo "Backup device is not mounted: $backupPath"
+      exit 1
+    fi
+
+    echo "Start syncing..."
+    ${pkgs.rsync}/bin/rsync -rh --delete "$nextcloudPath" "$nextcloudBakPath"
+    echo "Data dir backup completed."
+  '';
+in
+{
+  fileSystems."/mnt/backup_dn" = {
+    device = "/dev/disk/by-uuid/FBD9-F625";
+    fsType = "exfat";
+    options = [
+      "x-systemd.automount"
+      "noauto"
+      "x-systemd.idle-timeout=600"
+      "nofail"
+      "user"
+      "x-gvfs-show"
+      "gid=1000"
+      "uid=1000"
+      "dmask=000"
+      "fmask=000"
+    ];
+  };
+
+  # ==== Advance Backup ==== #
+  # services.pgbackrest = {
+  #   enable = true;
+  #   repos.localhost.path = "${backupPath}/postgresql";
+  # };
+
+  services.postgresqlBackup = {
+    enable = true;
+    startAt = backupAt;
+    pgdumpOptions = "--no-owner";
+    databases = [
+      "nextcloud"
+      "vaultwarden"
+      "paperless"
+    ];
+    location = "${backupPath}/postgresql";
+  };
+
+  systemd = mkIf config.services.nextcloud.enable {
+    timers = {
+      "nextcloud-backup" = {
+        enable = true;
+        description = "Nextcloud backup";
+        timerConfig = {
+          OnCalendar = backupAt;
+          Persistent = true;
+          OnUnitActiveSec = "1d";
+          AccuracySec = "1h";
+          Unit = "nextcloud-backup.service";
+        };
+        wantedBy = [ "timers.target" ];
+      };
+    };
+
+    services."nextcloud-backup" = {
+      enable = true;
+      serviceConfig = {
+        User = "nextcloud";
+        ExecStart = "${backupScript}";
+      };
+    };
+  };
+}
--- a/system/dev/dn-server/boot.nix
+++ b/system/dev/dn-server/boot.nix
@ -1,23 +1,6 @@
 { pkgs, ... }:

 {
-  fileSystems."/mnt/backup_dn" = {
-    device = "/dev/disk/by-uuid/FBD9-F625";
-    fsType = "exfat";
-    options = [
-      "x-systemd.automount"
-      "noauto"
-      "x-systemd.idle-timeout=600"
-      "nofail"
-      "user"
-      "x-gvfs-show"
-      "gid=1000"
-      "uid=1000"
-      "dmask=000"
-      "fmask=000"
-    ];
-  };
-
  boot.kernelPackages = pkgs.linuxPackages;

  boot.loader.systemd-boot.enable = true;
--- a/system/dev/dn-server/default.nix
+++ b/system/dev/dn-server/default.nix
@ -18,6 +18,7 @@ in
      intel-bus-id = "PCI:0:2:0";
      nvidia-bus-id = "PCI:1:0:0";
    })
+    ./backup.nix
    ./security.nix
    ./sops-conf.nix
    ./boot.nix
@ -56,8 +57,6 @@ in
    })
    (import ../../modules/nextcloud.nix {
      hostname = "nextcloud.net.dn";
-      dataBackupPath = "/mnt/backup_dn";
-      dbBackupPath = "/mnt/backup_dn";
      adminpassFile = config.sops.secrets."nextcloud/adminPassword".path;
      trusted = [ "nextcloud.daccc.info" ];
    })
--- a/system/dev/dn-server/services.nix
+++ b/system/dev/dn-server/services.nix
@ -386,7 +386,7 @@ in

  virtualisation = {
    oci-containers = {
-      backend = "docker";
+      backend = "podman";
      containers = {
        uptime-kuma = {
          extraOptions = [ "--network=host" ];