felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-02-04 09:10:01 +01:00
Code Issues Projects Releases Wiki Activity

bicep/{postgres,mysql}: custom backup units

Browse Source
This commit is contained in:
h7x4
2026-01-29 13:29:44 +09:00
parent d6eca5c4e3
commit 8774c81d23
2 changed files with 104 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
hosts/bicep/services/mysql/backup.nix
View File

@@ -1,16 +1,17 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.services.mysql; cfg = config.services.mysql;
backupDir = "/var/lib/mysql-backups";
in in
{ {
services.mysqlBackup = lib.mkIf cfg.enable { # services.mysqlBackup = lib.mkIf cfg.enable {
enable = true; # enable = true;
location = "/var/lib/mysql-backups"; # location = "/var/lib/mysql-backups";
}; # };
services.rsync-pull-targets = lib.mkIf cfg.enable { services.rsync-pull-targets = lib.mkIf cfg.enable {
enable = true; enable = true;
locations.${config.services.mysqlBackup.location} = { locations.${backupDir} = {
user = "root"; user = "root";
rrsyncArgs.ro = true; rrsyncArgs.ro = true;
authorizedKeysAttrs = [ authorizedKeysAttrs = [
@@ -23,4 +24,50 @@ in
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJgj55/7Cnj4cYMJ5sIkl+OwcGeBe039kXJTOf2wvo9j mysql rsync backup"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJgj55/7Cnj4cYMJ5sIkl+OwcGeBe039kXJTOf2wvo9j mysql rsync backup";
}; };
}; };
# NOTE: instead of having the upstream nixpkgs postgres backup unit trigger
# another unit, it was easier to just make one ourselves.
systemd.services."backup-mysql" = lib.mkIf cfg.enable {
description = "Backup MySQL data";
requires = [ "mysql.service" ];
path = with pkgs; [
cfg.package
coreutils
gzip
];
script = let
rotations = 1;
in ''
set -eo pipefail
mysqldump --all-databases | gzip -c -9 --rsyncable > "${backupDir}/mysql-dump.sql.gz"
'';
# NOTE: keep multiple backups and symlink latest one once we have more disk again
# mysqldump --all-databases | gzip -c -9 --rsyncable > "${backupDir}/$(date --iso-8601)-dump.sql.gz"
# while [ $(ls -1 "${backupDir}" | wc -l) -gt ${toString rotations} ]; do
# rm $(find "${backupDir}" -type f -printf '%T+ %p\n' | sort | head -n 1 | cut -d' ' -f2)
# done
serviceConfig = {
Type = "oneshot";
User = "mysql";
Group = "mysql";
UMask = "0077";
Nice = 19;
IOSchedulingClass = "best-effort";
IOSchedulingPriority = 7;
StateDirectory = [ (builtins.baseNameOf backupDir) ];
# TODO: hardening
};
startAt = "*-*-* 02:15:00";
};
} }

58
hosts/bicep/services/postgresql/backup.nix
View File

@@ -1,17 +1,18 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.services.postgresql; cfg = config.services.postgresql;
backupDir = "/var/lib/postgresql-backups";
in in
{ {
services.postgresqlBackup = lib.mkIf cfg.enable { # services.postgresqlBackup = lib.mkIf cfg.enable {
enable = true; # enable = true;
location = "/var/lib/postgres-backups"; # location = "/var/lib/postgresql-backups";
backupAll = true; # backupAll = true;
}; # };
services.rsync-pull-targets = lib.mkIf cfg.enable { services.rsync-pull-targets = lib.mkIf cfg.enable {
enable = true; enable = true;
locations.${config.services.postgresqlBackup.location} = { locations.${backupDir} = {
user = "root"; user = "root";
rrsyncArgs.ro = true; rrsyncArgs.ro = true;
authorizedKeysAttrs = [ authorizedKeysAttrs = [
@@ -24,4 +25,47 @@ in
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGvO7QX7QmwSiGLXEsaxPIOpAqnJP3M+qqQRe5dzf8gJ postgresql rsync backup"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGvO7QX7QmwSiGLXEsaxPIOpAqnJP3M+qqQRe5dzf8gJ postgresql rsync backup";
}; };
}; };
# NOTE: instead of having the upstream nixpkgs postgres backup unit trigger
# another unit, it was easier to just make one ourselves
systemd.services."backup-postgresql" = {
description = "Backup PostgreSQL data";
requires = [ "postgresql.service" ];
path = with pkgs; [
coreutils
gzip
cfg.package
];
script = let
rotations = 1;
in ''
set -eo pipefail
pg_dumpall -U postgres | gzip -c -9 --rsyncable > "${backupDir}/postgresql-dump.sql.gz"
'';
# pg_dumpall -U postgres | gzip -c -9 --rsyncable > "${backupDir}/$(date --iso-8601)-dump.sql.gz"
# while [ $(ls -1 "${backupDir}" | wc -l) -gt ${toString rotations} ]; do
# rm $(find "${backupDir}" -type f -printf '%T+ %p\n' | sort | head -n 1 | cut -d' ' -f2)
# done
serviceConfig = {
Type = "oneshot";
User = "postgres";
Group = "postgres";
UMask = "0077";
Nice = 19;
IOSchedulingClass = "best-effort";
IOSchedulingPriority = 7;
StateDirectory = [ (builtins.baseNameOf backupDir) ];
# TODO: hardening
};
startAt = "*-*-* 01:15:00";
};
} }