From 50a2412af6d2f99395c690b4b71fdc58d2d0b43e Mon Sep 17 00:00:00 2001 From: Alexander Szczepanski Date: Mon, 15 Jul 2024 15:24:25 +0200 Subject: [PATCH] vps-arm-2024-07-15-15-24-25 --- README.md | 13 ++++++++++++- machine/vps-arm.nix | 27 +++++++++++++++++++++++++-- services/uptime-kuma.nix | 2 +- 3 files changed, 38 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 62b13fd..7d30a77 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,16 @@ # Most stuff +## Channels sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz home-manager sudo nix-channel --update -sudo nix-channel --add https://nixos.org/channels/nixos-unstable-small nixos-unstable \ No newline at end of file +sudo nix-channel --add https://nixos.org/channels/nixos-unstable-small nixos-unstable + + +## Borg Backup +it's important to add the ssh host key to known hosts + +``` +[u278697.your-storagebox.de]:23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs +[u278697.your-storagebox.de]:23 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5EB5p/5Hp3hGW1oHok+PIOH9Pbn7cnUiGmUEBrCVjnAw+HrKyN8bYVV0dIGllswYXwkG/+bgiBlE6IVIBAq+JwVWu1Sss3KarHY3OvFJUXZoZyRRg/Gc/+LRCE7lyKpwWQ70dbelGRyyJFH36eNv6ySXoUYtGkwlU5IVaHPApOxe4LHPZa/qhSRbPo2hwoh0orCtgejRebNtW5nlx00DNFgsvn8Svz2cIYLxsPVzKgUxs8Zxsxgn+Q/UvR7uq4AbAhyBMLxv7DjJ1pc7PJocuTno2Rw9uMZi1gkjbnmiOh6TTXIEWbnroyIhwc8555uto9melEUmWNQ+C+PwAK+MPw== +[u278697.your-storagebox.de]:23 ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGK0po6usux4Qv2d8zKZN1dDvbWjxKkGsx7XwFdSUCnF19Q8psHEUWR7C/LtSQ5crU/g+tQVRBtSgoUcE8T+FWp5wBxKvWG2X9gD+s9/4zRmDeSJR77W6gSA/+hpOZoSE+4KgNdnbYSNtbZH/dN74EG7GLb/gcIpbUUzPNXpfKl7mQitw== +``` \ No newline at end of file diff --git a/machine/vps-arm.nix b/machine/vps-arm.nix index 34361e8..34b8097 100755 --- a/machine/vps-arm.nix +++ b/machine/vps-arm.nix @@ -1,5 +1,6 @@ { config, lib, pkgs, ... }: let + secrets = import ../configs/secrets.nix; be = import ../configs/borg-exclude.nix; unstable = import { config.allowUnfree = true; }; in @@ -77,8 +78,6 @@ in acceptTerms = true; }; - # environment.etc."nextcloud-admin-pass".text = "PWD"; - services = { nginx = { enable = true; @@ -140,6 +139,30 @@ in }; }; }; + + borgbackup.jobs.home = rec { + compression = "auto,zstd"; + encryption = { + mode = "repokey-blake2"; + passphrase = secrets.borg-key; + }; + extraCreateArgs = + "--stats --verbose --checkpoint-interval 600 --exclude-caches"; + environment.BORG_RSH = "ssh -i /home/alex/.ssh/id_borg_rsa"; + paths = [ "/home/alex" "/var/lib" ]; + repo = secrets.borg-repo; + startAt = "daily"; + prune.keep = { + daily = 4; + weekly = 2; + monthly = 2; + }; + extraPruneArgs = "--save-space --stats"; + exclude = [ + "/home/alex/mounted" + "/home/alex/.cache" + ]; + }; }; system.stateVersion = "24.05"; diff --git a/services/uptime-kuma.nix b/services/uptime-kuma.nix index 4c9de97..6678cb7 100644 --- a/services/uptime-kuma.nix +++ b/services/uptime-kuma.nix @@ -11,7 +11,7 @@ nginx = { virtualHosts = { - "uptime-kuma.v220240679185274666.nicesrv.de" = { + "uptime.szczepan.ski" = { forceSSL = true; enableACME = true; locations = { "/" = { proxyPass = "http://127.0.0.1:4000/"; }; };