76 lines
2.1 KiB
Nix
76 lines
2.1 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
#necessary prep work:
|
|
# GRANT CONNECT ON DATABASE misskey TO "misskey-backup";
|
|
# GRANT SELECT ON ALL TABLES IN SCHEMA public TO "misskey-backup";
|
|
# GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO "misskey-backup";
|
|
#
|
|
# TODO: automate this cause it needs to be done whenever db schema changes
|
|
let
|
|
user = "misskey-backup";
|
|
group = user;
|
|
|
|
backupConfigFile = "/etc/misskey-backup/conf";
|
|
s3Cfg = "/etc/misskey-backup/s3cfg";
|
|
in {
|
|
users.users."${user}" = {
|
|
isSystemUser = true;
|
|
inherit group;
|
|
extraGroups = [ "misskey" "redis-misskey" ];
|
|
};
|
|
users.groups."${group}" = { };
|
|
services.postgresql.ensureUsers = [{ name = user; }];
|
|
|
|
systemd.services.misskey-backup = {
|
|
description = "Misskey backup";
|
|
|
|
restartIfChanged = false;
|
|
unitConfig.X-StopOnRemoval = false;
|
|
|
|
serviceConfig.User = user;
|
|
serviceConfig.Type = "oneshot";
|
|
|
|
startAt = "weekly";
|
|
|
|
path = with pkgs; [
|
|
gzip
|
|
config.services.postgresql.package
|
|
s3cmd
|
|
coreutils
|
|
gnutar
|
|
age
|
|
];
|
|
|
|
script = ''
|
|
ageRecipient="age17ckyc69njpryytc63ynn545jswyucg28k5xg3043g3j6q38dxqwq0wzhm2"
|
|
bucket="$(grep 'bucket=' < "${backupConfigFile}" | sed 's/bucket \?= \?//g')"
|
|
prefix="$(grep 'prefix=' < "${backupConfigFile}" | sed 's/prefix \?= \?//g')"
|
|
|
|
s3Dir="s3://$bucket/$prefix""misskey-$(date +'%d-%m-%YT%H.%M.%S')"
|
|
echo "Uploading backups to '$s3Dir'"
|
|
|
|
function upload () {
|
|
name="$1"
|
|
|
|
age -r "$ageRecipient" | s3cmd put --config "${s3Cfg}" - "$s3Dir/$name.age"
|
|
}
|
|
|
|
echo "Uploading config"
|
|
tar -cz -C /srv/misskey/.config . | upload "config.tar.gz"
|
|
|
|
echo "Dumping postgres database..."
|
|
pg_dump misskey | gzip | upload "pg_dump.sql.gz"
|
|
|
|
echo "Uploading redis database..."
|
|
tar -cz -C /var/lib/redis-misskey . | upload "redis.tar.gz"
|
|
|
|
echo "Backup complete to '$s3Dir'"
|
|
'';
|
|
|
|
after = [ "network-online.target" ];
|
|
wants = [ "network-online.target" ];
|
|
requires = [ "postgresql.service" ];
|
|
};
|
|
|
|
systemd.timers.misskey-backup = { timerConfig.Persistent = true; };
|
|
}
|