parent
942a5ffb04
commit
cd30750fdc
GPG key ID:
8D3C82F9F309F8EC
|
|
@ -13,6 +13,7 @@
|
||||||
./services/grafana.nix
|
./services/grafana.nix
|
||||||
./services/hedgedoc.nix
|
./services/hedgedoc.nix
|
||||||
./services/matrix
|
./services/matrix
|
||||||
|
./services/media-backup.nix
|
||||||
./services/media.nix
|
./services/media.nix
|
||||||
./services/prometheus.nix
|
./services/prometheus.nix
|
||||||
./services/scan.nix
|
./services/scan.nix
|
||||||
|
|
|
||||||
62
machines/fuuko/services/media-backup.nix
Normal file
62
machines/fuuko/services/media-backup.nix
Normal file
|
|
@ -0,0 +1,62 @@
|
||||||
|
# This creates a backup of my media files when a specific hard drive is
|
||||||
|
# hotplugged. The hard drive has a btrfs filesystem inside of a luks container.
|
||||||
|
# The filesystem can be created with commands similar to this:
|
||||||
|
# cryptsetup luksFormat --label="fuuko-media-backup-luks" --key-file=/path/to/key /dev/sdb
|
||||||
|
# mkfs.btrfs -L "fuuko-media-backup" /dev/mapper/media-backup
|
||||||
|
{ lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
baseDir = "/data/media";
|
||||||
|
mountPoint = "/mnt/media-backup";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Systemd mount units do not support cryptsetup
|
||||||
|
systemd.services.media-backup-luks = {
|
||||||
|
after = [ ''dev-disk-by\x2dlabel-fuuko\x2dmedia\x2dbackup\x2dluks.device'' ];
|
||||||
|
bindsTo = [ ''dev-disk-by\x2dlabel-fuuko\x2dmedia\x2dbackup\x2dluks.device'' ];
|
||||||
|
unitConfig = {
|
||||||
|
StopWhenUnneeded = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
RemainAfterExit = "yes";
|
||||||
|
ExecStart = "${pkgs.cryptsetup}/bin/cryptsetup open --type luks2 --key-file=${baseDir}/.backup-key /dev/disk/by-label/fuuko-media-backup-luks media-backup";
|
||||||
|
ExecStop = "${pkgs.cryptsetup}/bin/cryptsetup close media-backup";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.mounts = lib.singleton {
|
||||||
|
after = [ "media-backup-luks.service" ];
|
||||||
|
bindsTo = [ "media-backup-luks.service" ];
|
||||||
|
unitConfig = {
|
||||||
|
StopWhenUnneeded = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
what = "/dev/mapper/media-backup";
|
||||||
|
where = mountPoint;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.media-backup = {
|
||||||
|
wantedBy = [ ''dev-disk-by\x2dlabel-fuuko\x2dmedia\x2dbackup\x2dluks.device'' ];
|
||||||
|
unitConfig = {
|
||||||
|
RequiresMountsFor = "/mnt/media-backup";
|
||||||
|
};
|
||||||
|
|
||||||
|
script = ''
|
||||||
|
${pkgs.rsync}/bin/rsync \
|
||||||
|
--archive \
|
||||||
|
--delete \
|
||||||
|
--links \
|
||||||
|
--partial \
|
||||||
|
--recursive\
|
||||||
|
--verbose \
|
||||||
|
${lib.escapeShellArg baseDir} \
|
||||||
|
${lib.escapeShellArg mountPoint}
|
||||||
|
'';
|
||||||
|
serviceConfig = {
|
||||||
|
IOSchedulingClass = "best-effort";
|
||||||
|
IOSchedulingPriority = 7;
|
||||||
|
Nice = 10;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue