felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-02-04 09:10:01 +01:00
Code Issues Projects Releases Wiki Activity

bicep/{postgres,mysql}: add rsync pull targets for backups

Browse Source
This commit is contained in:
h7x4
2026-01-27 20:39:12 +09:00
parent d43de08a3b
commit 2ed1c83858
2 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
hosts/bicep/services/mysql.nix
View File

@@ -44,6 +44,22 @@ in
location = "/var/lib/mysql/backups"; location = "/var/lib/mysql/backups";
}; };
services.rsync-pull-targets = lib.mkIf cfg.enable {
enable = true;
locations.${config.services.mysqlBackup.location} = {
user = "root";
rrsyncArgs.ro = true;
authorizedKeysAttrs = [
"restrict"
"no-agent-forwarding"
"no-port-forwarding"
"no-pty"
"no-X11-forwarding"
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJgj55/7Cnj4cYMJ5sIkl+OwcGeBe039kXJTOf2wvo9j mysql rsync backup";
};
};
networking.firewall.allowedTCPPorts = lib.mkIf cfg.enable [ 3306 ]; networking.firewall.allowedTCPPorts = lib.mkIf cfg.enable [ 3306 ];
systemd.tmpfiles.settings."10-mysql".${dataDir}.d = lib.mkIf cfg.enable { systemd.tmpfiles.settings."10-mysql".${dataDir}.d = lib.mkIf cfg.enable {

18
hosts/bicep/services/postgres.nix
View File

@@ -121,7 +121,23 @@
services.postgresqlBackup = { services.postgresqlBackup = {
enable = true; enable = true;
location = "/var/lib/postgres/backups"; location = "/var/lib/postgres-backups";
backupAll = true; backupAll = true;
}; };
services.rsync-pull-targets = {
enable = true;
locations.${config.services.postgresqlBackup.location} = {
user = "root";
rrsyncArgs.ro = true;
authorizedKeysAttrs = [
"restrict"
"no-agent-forwarding"
"no-port-forwarding"
"no-pty"
"no-X11-forwarding"
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGvO7QX7QmwSiGLXEsaxPIOpAqnJP3M+qqQRe5dzf8gJ postgresql rsync backup";
};
};
} }