67 lines
2.3 KiB
Nix
67 lines
2.3 KiB
Nix
{config, pkgs, lib, ... }:
|
|
|
|
# NOTE: For this to work you should use MariaDB as your Forgejo-Database running on the same host. If this is not the case, update this script accordingly.
|
|
let
|
|
makeBackupForRepo = repo: lib.getExe (pkgs.writeShellScriptBin "forgejo-borgbackup" ''
|
|
#!/bin/sh
|
|
set -e
|
|
#stop forgejo
|
|
systemctl stop forgejo.service
|
|
# Dump Forgejo DB
|
|
MYSQL_DATABASE="forgejodb"
|
|
${pkgs.mariadb}/bin/mysqldump -u root ''${MYSQL_DATABASE} > /borgbackupcache/forgejobackup.sql
|
|
# BorgBackup
|
|
export BORG_PASSCOMMAND="cat /etc/nixos/borgpassword"
|
|
export BORG_REPO=${repo}
|
|
export BACKUP_NAME="forgejo-$(date +%Y-%m-%d-%H-%M)"
|
|
|
|
# Add everything to be backed up
|
|
${pkgs.borgbackup}/bin/borg create --verbose --filter AME --list --stats --show-rc --compression lz4 --exclude-caches \
|
|
$BORG_REPO::$BACKUP_NAME \
|
|
/var/lib/forgejo/repositories/ \
|
|
/var/lib/forgejo/data/ \
|
|
/borgbackupcache/forgejobackup.sql \
|
|
/etc/nixos/
|
|
# Delete DB dump
|
|
rm /borgbackupcache/forgejobackup.sql
|
|
# Start Forgejo again
|
|
systemctl start forgejo.service
|
|
# Prune old backups
|
|
${pkgs.borgbackup}/bin/borg prune --list $BORG_REPO --prefix 'forgejo-' --show-rc --keep-daily=7 --keep-weekly=4 --keep-monthly=6
|
|
'');
|
|
repos = repolistfile: lib.pipe repolistfile [
|
|
builtins.readFile
|
|
(lib.splitString "\n")
|
|
(lib.filter (s: s != ""))
|
|
];
|
|
backups = repolistfile: builtins.map makeBackupForRepo (repos repolistfile);
|
|
in
|
|
{
|
|
environment.systemPackages = [ pkgs.borgbackup ];
|
|
# Create folders
|
|
systemd.tmpfiles.rules = [
|
|
"d /borgbackupcache 700 root root"
|
|
];
|
|
# Backup timer
|
|
systemd.services.borg-backup = {
|
|
description = "Borg Backup for Forgejo and the Forgejo MySQL Database";
|
|
serviceConfig = {
|
|
ExecStart = lib.getExe (pkgs.writeShellScriptBin "doBackups" (lib.concatStringsSep ";" (backups config._module.args.borgrepolistfile)));
|
|
User = "root";
|
|
};
|
|
requires= ["mysql.service"];
|
|
after = ["forgejo.service" "mysql.service" "network-online.target"];
|
|
wants = ["network-online.target"];
|
|
wantedBy = [ "multi-user.target" ];
|
|
};
|
|
|
|
systemd.timers.borg-backup = {
|
|
description = "Daily Borg Backup Timer";
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnActiveSec = "30s";
|
|
OnCalendar = "daily";
|
|
Persistent = true;
|
|
};
|
|
};
|
|
}
|