70 lines
1.9 KiB
Nix
70 lines
1.9 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
#necessary prep work:
|
|
# GRANT CONNECT ON DATABASE misskey TO "misskey-backup";
|
|
# GRANT SELECT ON ALL TABLES IN SCHEMA public TO "misskey-backup";
|
|
# GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "misskey-backup";
|
|
#
|
|
# TODO: automate this cause it needs to be done whenever db schema changes
|
|
let
|
|
user = "misskey-backup";
|
|
group = user;
|
|
|
|
backupConfigFile = "/etc/misskey-backup/conf";
|
|
s3Cfg = "/etc/misskey-backup/s3cfg";
|
|
backupScript = pkgs.writeShellApplication {
|
|
name = "misskey-backup";
|
|
|
|
runtimeInputs = with pkgs; [
|
|
gzip
|
|
config.services.postgresql.package
|
|
s3cmd
|
|
coreutils
|
|
age
|
|
];
|
|
|
|
text = ''
|
|
configFile="$1"
|
|
s3cfg="$2"
|
|
|
|
ageRecipient="age17ckyc69njpryytc63ynn545jswyucg28k5xg3043g3j6q38dxqwq0wzhm2"
|
|
bucket="$(grep 'bucket=' < "$configFile" | sed 's/bucket \?= \?')"
|
|
prefix="$(grep 'prefix=' < "$configFile" | sed 's/prefix \?= \?')"
|
|
|
|
s3Dir="s3://$bucket/$prefix""misskey-$(date --iso-8601)"
|
|
echo "Uploading backups to '$s3Dir'"
|
|
|
|
function upload () {
|
|
name="$1"
|
|
|
|
age -r "$ageRecipient" | s3cmd put --config "$s3cfg" - "$s3Dir/$name.age"
|
|
}
|
|
|
|
echo "Uploading config"
|
|
tar -cz -C /srv/misskey/.config . | upload "config.tar.gz"
|
|
|
|
echo "Dumping postgres database..."
|
|
pg_dump misskey | gzip | upload "pg_dump.sql.gz"
|
|
|
|
echo "Uploading redis database..."
|
|
tar -cz -C /var/lib/redis-misskey . | upload "redis.tar.gz"
|
|
|
|
echo "Backup complete to '$s3Dir'"
|
|
'';
|
|
};
|
|
in {
|
|
users.users."${user}" = {
|
|
isSystemUser = true;
|
|
inherit group;
|
|
};
|
|
users.groups."${group}" = { };
|
|
services.postgresql.ensureUsers = [{ name = user; }];
|
|
|
|
services.cron = {
|
|
enable = true;
|
|
systemCronJobs = [
|
|
# run every monday at ass in the morning, EST"
|
|
"0 8 0 0 1 ${user} ${backupScript} ${backupConfigFile} ${s3Cfg}"
|
|
];
|
|
};
|
|
}
|