Simon Bruder
76e1ec00af
Migrate docker module to podman
...
This also enables podman on mayushii.
2024-06-01 13:57:44 +02:00
Simon Bruder
10b8d432d5
Relicense
...
This applies the REUSE specification to the repository, so the licensing
information can be tracked for every file individually.
2024-01-13 14:39:22 +01:00
Simon Bruder
ba843ac8c0
Upgrade to 23.11
...
Flake lock file updates:
• Updated input 'bang-evaluator':
'git+https://git.sbruder.de/simon/bangs?ref=refs/heads/master&rev=7fc3d5019c907566abbad8f84ba9555a5786bd01 ' (2021-08-01)
→ 'git+https://git.sbruder.de/simon/bangs?ref=refs/heads/master&rev=a06c68c44862f74757a203e2df41ea83c33722d9 ' (2023-12-02)
• Updated input 'home-manager':
'github:nix-community/home-manager/04bac349d585c9df38d78e0285b780a140dc74a4' (2023-11-12)
→ 'github:nix-community/home-manager/aeb2232d7a32530d3448318790534d196bf9427a' (2023-11-24)
• Updated input 'home-manager-unstable':
'github:nix-community/home-manager/9a4725afa67db35cdf7be89f30527d745194cafa' (2023-11-19)
→ 'github:nix-community/home-manager/4a8545f5e737a6338814a4676dc8e18c7f43fc57' (2023-12-01)
• Updated input 'nix-pre-commit-hooks':
'github:cachix/pre-commit-hooks.nix/e558068cba67b23b4fbc5537173dbb43748a17e8' (2023-11-15)
→ 'github:cachix/pre-commit-hooks.nix/e5ee5c5f3844550c01d2131096c7271cec5e9b78' (2023-11-25)
• Updated input 'nixos-hardware':
'github:nixos/nixos-hardware/1721da31f9b30cbf4460c4ec5068b3b6174a4694' (2023-11-18)
→ 'github:nixos/nixos-hardware/8772491ed75f150f02552c60694e1beff9f46013' (2023-11-29)
• Updated input 'nixpkgs':
'github:nixos/nixpkgs/9fb122519e9cd465d532f736a98c1e1eb541ef6f' (2023-11-16)
→ 'github:nixos/nixpkgs/5de0b32be6e85dc1a9404c75131316e4ffbc634c' (2023-12-01)
• Updated input 'nixpkgs-overlay':
'git+https://git.sbruder.de/simon/nixpkgs-overlay?ref=refs/heads/master&rev=c8a17806a75733dec2ecdd8f0021c70d1f9dfc43 ' (2023-10-04)
→ 'git+https://git.sbruder.de/simon/nixpkgs-overlay?ref=refs/heads/master&rev=37f80d1593ab856372cc0da199f49565f3b05c71 ' (2023-12-02)
• Updated input 'nixpkgs-overlay/poetry2nix':
'github:nix-community/poetry2nix/093383b3d7fdd36846a7d84e128ca11865800538' (2023-09-22)
→ 'github:nix-community/poetry2nix/7acb78166a659d6afe9b043bb6fe5cb5e86bb75e' (2023-12-01)
• Updated input 'nixpkgs-overlay/poetry2nix/nix-github-actions':
'github:nix-community/nix-github-actions/165b1650b753316aa7f1787f3005a8d2da0f5301' (2023-07-09)
→ 'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03)
• Added input 'nixpkgs-overlay/poetry2nix/systems':
'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09)
• Added input 'nixpkgs-overlay/poetry2nix/treefmt-nix':
'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12)
• Added input 'nixpkgs-overlay/poetry2nix/treefmt-nix/nixpkgs':
follows 'nixpkgs-overlay/poetry2nix/nixpkgs'
• Updated input 'nixpkgs-unstable':
'github:nixos/nixpkgs/c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad' (2023-11-17)
→ 'github:nixos/nixpkgs/e92039b55bcd58469325ded85d4f58dd5a4eaf58' (2023-11-29)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/49a87c6c827ccd21c225531e30745a9a6464775c' (2023-11-19)
→ 'github:Mic92/sops-nix/e19071f9958c8da4f4347d3d78790d97e98ba22f' (2023-12-02)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/decdf666c833a325cb4417041a90681499e06a41' (2023-11-18)
→ 'github:NixOS/nixpkgs/dfb95385d21475da10b63da74ae96d89ab352431' (2023-11-25)
2023-12-02 18:54:42 +01:00
Simon Bruder
816004e80b
restic: Use QoS instead of uploadLimit
...
This implements a crude mechanism for signalling my router to add the
packets to its own qdisc.
The way in which this is implemented with nftables is hacky because of
NixOS’ limitations on build-time checking (which obviously can’t know
about the existence of cgroups on the target).
2023-10-07 22:49:47 +02:00
Simon Bruder
54c5cfb240
restic/system: Enable compression
...
Fixes #66 .
2022-12-13 09:59:31 +01:00
Simon Bruder
e31c264c92
restic: Do not limit upload by default
...
This allows servers that have a fast internet connection to complete
their backup in seconds instead of minutes.
2022-08-25 23:22:17 +02:00
Simon Bruder
4e78d87bde
restic: Use storage box and restic-rest-server
...
While this setup complicates things, it also should protect me against
(malicious) deletion of old backups.
2022-08-25 23:12:42 +02:00
Simon Bruder
8dc59487f3
restic/system: Exclude /var/cache
2022-07-08 11:51:04 +02:00
Simon Bruder
23652c4b8f
restic/system: Exclude mounts
2022-05-15 11:14:34 +02:00
Simon Bruder
76787d43a0
restic/system: Ignore /root/.cache
2022-04-23 21:10:55 +02:00
Simon Bruder
922e007db9
restic/system: Don’t explicitly ignore rust target
...
Newer cargo versions automatically add a CACHEDIR.TAG file to the target
directory.
2022-01-22 10:33:33 +01:00
Simon Bruder
6499b7b196
restic/system: Start earlier
...
This avoids the backup failing due to clients being suspended during the
backup.
2022-01-22 10:32:51 +01:00
Simon Bruder
2c160661ec
Apply fixes for breaking module changes in 21.11
2021-12-01 19:15:31 +01:00
Simon Bruder
de3f8f8909
restic: Make restic prune regularily on fuuko
...
Closes #41 .
2021-05-28 15:01:06 +02:00
Simon Bruder
e9dc4601ad
restic: Do not initialise the repository
...
It already is initialised, and NixOS’ initialisation always prints all
existing snapshots to the journal which makes it almost impossible to
find the logs from the regular backup.
2021-05-28 15:01:06 +02:00
Simon Bruder
ea45b45c60
restic: Fix restic-auth script
...
Since I migrated to sops, the password store structure changed.
2021-05-27 14:38:33 +02:00
Simon Bruder
4a8a7e0a4f
Use sops for secrets
...
Since I currently do not have access to sayuri, sayuri’s migration is
not done yet. The host keys and wg-home-private-key secret still have to
be added.
2021-04-06 14:05:48 +02:00
Simon Bruder
41f8d468b6
restic/system: Include /root and /etc
2021-04-06 10:47:05 +02:00
Simon Bruder
d73da1a131
restic/system: Limit upload to 1.5M by default
2021-03-08 18:46:35 +01:00
Simon Bruder
83f1c69713
restic/system: Constantly use system for naming
...
In the future I may create add other backup jobs, so it should be clear,
that this only backs up the system.
2021-02-28 12:22:43 +01:00