hd/cfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
cfg/host/roam/backup.nix
Henri Dohmen 6b46bc4bc2 git repo backup
2026-04-04 13:40:16 +02:00

71 lines
2.3 KiB
Nix
Raw Blame History

{
config,
pkgs,
secrets,
...
}:
{
age.secrets.roam-rclone-conf = {
file = secrets.roam."rclone-conf.age";
mode = "440";
owner = "root";
group = "root";
};
systemd = {
timers."backup-rclone" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "daily";
Persistent = true;
Unit = "backup-rclone.service";
};
};
services."backup-rclone" =
let
conf = config.age.secrets.roam-rclone-conf.path;
forgejo-repos = config.services.forgejo.repositoryRoot;
in
{
# Backs up git repos (bare /git/* and forgejo) to an rclone crypt remote
# as bundles to avoid crypt path-length limits. Documents are synced to
# OneDrive directly (not odc) since syncthing already encrypts them via
# receiveEncrypted.
script = ''
${pkgs.rclone}/bin/rclone --config ${conf} copy /data/sync/documents-hd onedrive:sync
tmpdir=$(mktemp -d)
trap "rm -rf $tmpdir" EXIT
for repo in /git/*/; do
[ -f "$repo/HEAD" ] || continue
${pkgs.git}/bin/git -c safe.directory="$repo" -C "$repo" show-ref --quiet || continue
name=$(basename "$repo")
${pkgs.git}/bin/git -c safe.directory="$repo" -C "$repo" bundle create "$tmpdir/$name.bundle" --all
done
${pkgs.rclone}/bin/rclone --config ${conf} sync "$tmpdir" odc:git
tmpdir_forgejo=$(mktemp -d)
trap "rm -rf $tmpdir_forgejo" EXIT
for owner in ${forgejo-repos}/*/; do
for repo in "$owner"*/; do
[ -f "$repo/HEAD" ] || continue
${pkgs.git}/bin/git -c safe.directory="$repo" -C "$repo" show-ref --quiet || continue
owner_name=$(basename "$owner")
repo_name=$(basename "$repo")
${pkgs.git}/bin/git -c safe.directory="$repo" -C "$repo" bundle create "$tmpdir_forgejo/''${owner_name}__''${repo_name}.bundle" --all
done
done
${pkgs.rclone}/bin/rclone --config ${conf} sync "$tmpdir_forgejo" odc:forgejo-git
'';
path = [
pkgs.rclone
pkgs.git
];
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
};
}
Reference in a new issue View git blame Copy permalink