48 lines
1.4 KiB
Nix
48 lines
1.4 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
#necessary prep work:
|
|
# GRANT CONNECT ON DATABASE misskey TO "misskey-backup";
|
|
# GRANT SELECT ON ALL TABLES IN SCHEMA public TO "misskey-backup";
|
|
# GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "misskey-backup";
|
|
#
|
|
# TODO: automate this cause it needs to be done whenever db schema changes
|
|
let
|
|
user = "misskey-backup";
|
|
group = user;
|
|
|
|
# shell script file to be sourced. must have values "MISSKEY_BACKUP_BUCKET" "MISSKEY_BACKUP_PREFIX" and "S3CFG"
|
|
# $S3CFG must be a path to a .s3cfg file compatible with s3cmd
|
|
backupConfigFile = "/etc/misskey-backup/conf";
|
|
backupScript = pkgs.writeShellApplication {
|
|
name = "misskey-backup";
|
|
|
|
runtimeInputs = with pkgs; [
|
|
gzip
|
|
config.services.postgresql.package
|
|
s3cmd
|
|
coreutils
|
|
];
|
|
|
|
excludeShellChecks = [ "SC1091" ];
|
|
|
|
text = ''
|
|
source "${backupConfigFile}"
|
|
pg_dump misskey | gzip | s3cmd put --config "$S3CFG" - "s3://$MISSKEY_BACKUP_BUCKET/$MISSKEY_BACKUP_PREFIX/misskey-pgdump-$(date --iso-8601).sql.gz"
|
|
'';
|
|
};
|
|
in {
|
|
users.users."${user}" = {
|
|
isSystemUser = true;
|
|
inherit group;
|
|
};
|
|
users.groups."${group}" = { };
|
|
services.postgresql.ensureUsers = [{ name = user; }];
|
|
|
|
services.cron = {
|
|
enable = true;
|
|
systemCronJobs = [
|
|
# run every monday at ass in the morning, EST"
|
|
"0 8 0 0 1 ${user} ${backupScript}"
|
|
];
|
|
};
|
|
}
|