forked from DGNum/infrastructure
feat(django-apps): Add automatic backup
This commit is contained in:
parent
3085d9e3a8
commit
e19100f856
6 changed files with 49 additions and 2 deletions
BIN
machines/nixos/web03/secrets/bupstash-put_key
Normal file
BIN
machines/nixos/web03/secrets/bupstash-put_key
Normal file
Binary file not shown.
|
@ -4,6 +4,7 @@
|
||||||
|
|
||||||
(import ../../../../keys).mkSecrets [ "web03" ] [
|
(import ../../../../keys).mkSecrets [ "web03" ] [
|
||||||
# List of secrets for web03
|
# List of secrets for web03
|
||||||
|
"bupstash-put_key"
|
||||||
"dj_annuaire-secret_key_file"
|
"dj_annuaire-secret_key_file"
|
||||||
"dj_bocal-secret_key_file"
|
"dj_bocal-secret_key_file"
|
||||||
"dj_ernestophone-secret_key_file"
|
"dj_ernestophone-secret_key_file"
|
||||||
|
|
|
@ -11,7 +11,12 @@
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (lib) mkEnableOption mkOption remove;
|
inherit (lib)
|
||||||
|
getExe'
|
||||||
|
mkEnableOption
|
||||||
|
mkOption
|
||||||
|
remove
|
||||||
|
;
|
||||||
|
|
||||||
inherit (lib.types)
|
inherit (lib.types)
|
||||||
attrs
|
attrs
|
||||||
|
@ -34,6 +39,7 @@ let
|
||||||
compute01 = "*-*-* *:38:00";
|
compute01 = "*-*-* *:38:00";
|
||||||
storage01 = "*-*-* *:21:00";
|
storage01 = "*-*-* *:21:00";
|
||||||
web01 = "*-*-* *:47:00";
|
web01 = "*-*-* *:47:00";
|
||||||
|
web03 = "*-*-* *:13:00";
|
||||||
};
|
};
|
||||||
|
|
||||||
mkJobs = builtins.mapAttrs (
|
mkJobs = builtins.mapAttrs (
|
||||||
|
@ -93,7 +99,7 @@ in
|
||||||
"${db}-db".settings = {
|
"${db}-db".settings = {
|
||||||
user = "postgres";
|
user = "postgres";
|
||||||
command = [
|
command = [
|
||||||
"${lib.getExe' config.services.postgresql.package "pg_dump"}"
|
(getExe' config.services.postgresql.package "pg_dump")
|
||||||
db
|
db
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
@ -113,6 +119,8 @@ in
|
||||||
"storage01"
|
"storage01"
|
||||||
"vault01"
|
"vault01"
|
||||||
"web01"
|
"web01"
|
||||||
|
"web02"
|
||||||
|
"web03"
|
||||||
];
|
];
|
||||||
allowed = [ "put" ];
|
allowed = [ "put" ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,4 +6,5 @@
|
||||||
"compute01.key"
|
"compute01.key"
|
||||||
"storage01.key"
|
"storage01.key"
|
||||||
"web01.key"
|
"web01.key"
|
||||||
|
"web03.key"
|
||||||
]
|
]
|
||||||
|
|
28
modules/nixos/dgn-backups/keys/web03.key
Normal file
28
modules/nixos/dgn-backups/keys/web03.key
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 jIXfPA CuALmA0MhxnWOn91YhtxAyn1h3xkoiuRoo4Ew1Eu32Q
|
||||||
|
TRZxY9rF3NM9ulaA6s6SUetVcLT0He9yGaDZ38T9F6A
|
||||||
|
-> ssh-ed25519 QlRB9Q TNA65R5tFs+KXJklNgfPPF12W52Fk6w7epstVzk9Ojw
|
||||||
|
SD3IW1+ngBUkbBJz+53zDFVhne6b5rfVi2ym0UjTwLM
|
||||||
|
-> ssh-ed25519 r+nK/Q b67auhVkYiVwthLGP3z719Ql/kHZQbxuJJgL7NzZiVc
|
||||||
|
kl0ML0yd+QqBm9VZwMcMrZ8uuQkbJySaa9kI4RQFOak
|
||||||
|
-> ssh-rsa krWCLQ
|
||||||
|
NfHVOPshS0CR3ATrPcYAAiX/kAbgqw6mEVhxdTnvbWa8cPpblUpO/gm4UqW2vP0Q
|
||||||
|
XUfvOCgH6ur3joLf/NylqwZ0UkQhmNj2hu8cOtjC4KgTohkMkZZmHlFKM9e3PuSS
|
||||||
|
ZMx0GraugdTUD/ViCplwVxFPBUUblLcAuYx/BcV1hTb0ctbN9afi8DVzuSxoalDj
|
||||||
|
Jy1UakJU0OwguB+ctv9kZcyLyV7zjchiq+dAoIDvkw0Z9bTCz7xhQ6uXAE7ahp3H
|
||||||
|
rvycD/ZkK7h6yhg78x2lIBHP3sPaY3DFMFW9bDLtHYox22RVcm6/7oPbv0hTQ8ob
|
||||||
|
n4Q7MWPF4vL1Xz9zyksetQ
|
||||||
|
-> ssh-ed25519 /vwQcQ YvQmf/qYc6DVQT0gFPGuakvgDg/A76tor3f0+nTjbH4
|
||||||
|
lMQoOb/kimcsSmNnUsUW7XmVdhLMee/s4NACiKi0Xls
|
||||||
|
-> ssh-ed25519 0R97PA LzA+wuKlE3cEOpvGEW29/rx3qCU1X32F8HwJNic2Glg
|
||||||
|
VOBmCcrtGrUk3ERWJL4QszdDtJrfoI/f1xA+X+a+PQk
|
||||||
|
-> ssh-ed25519 JGx7Ng MIxNmk0eTtCUMHiWzklS2zNWdf16EHeOtere8cRoNSk
|
||||||
|
X+gf1Ts9n2U+h6a0herR+WuiRXFS5BhicGKxpHQtQzM
|
||||||
|
-> ssh-ed25519 bUjjig uSweFovyFxnz7Pqc/MCEE5/ZKgEblqs8xb1Ni+qrhS0
|
||||||
|
AUhBDt7YN4x6k34g7mERYbn7rPVPZMmVvmZD668blRs
|
||||||
|
-> m-grease \ %<B.PbZ ^G= >nhHA<}
|
||||||
|
KhUslr0J28p4r62y0bCKOg2jGOx6M7deQ9Y8gfQ9oi7WYiEygoMghWdUP0lnzh3i
|
||||||
|
a+rpJNPtRCIFScDWMazSvnmN6y5Y7W3dmOgLH8aN
|
||||||
|
--- +/Cw6vq7b3Kn4D3/ogaSPxfxHBF0YxLXTxiskuD0vHg
|
||||||
|
ðÎN½UÉÏôbÈ!D~Ò<>¬‰æ¿Aൟ¥1¯,ÙÍòe;y)N$Ô–NøO]9C_l{ œÎ„'Ù-÷q³‹<È°¢:¯ÊMÕ¯Á%ïqŒ¸Œ™í®“‰"Ûªð¦˜A®ÜMhè,iì<69>¦<EFBFBD>S9šÜyp&r /ŒÜÂlÙîÂ!.oƒ…ô¥èAº‰µ{#ƒt<08>ú¶–é4eA-ÆFšßÔ9+ˆ—"¿e¥7»pÏüN”¢BÚ×˶¾Úþ•OÝŸæOIÊ
kDèŒæ‹ˆZ=Pq—ðšQ üGB’²OÅj×ÒhHû+¡ëX<C3AB>¿‰Lά¶ÎP™ 4ÿÐX$¢Áy©÷ßÀxoÞáÄÍ <09>Ɩ܈]â»_‚µ³
\¼M<C2BC>7m.ByŽºlCr†-ŽHM¤“ãuªùu…+X}¦oÛgg.ÌŠG/$¯LXözÁBâ…¾¿¹sÔá©DÉÈK„Ç>þeü~2‡+W–ÿ‚©¹ƒÏq<C38F>Ï¢òPßSÕîRÆIñD {"jD¡‹ƒÉŸ9 åÈ<C3A5>¥= ¬SüÒ=<3D>®—HtHÕêbs¬Ÿµ£+èTÑãà0OŒ :¬£}˜mÓp«©ž¶
|
||||||
|
z¥DÄ‹ƒÇ§±÷žmSå™8èïa±ípë2ÝÞ”° d°ÈÍÕSùròz½²í v#ÇÎœsñíÎÕ‰
0æMù¿ÂÎfÚA%Ó
™Ö³ïçD…뉆P<E280A0>drŠ£ÌX’IW±HôG©¾\IÑ8_ª„Lœ8Š Ù1MÚÚíôµMêz)ö$ì{ªM{S|b=ÙêÏkô*ïO”{Úêz•ª2:6}#–>_¨Ë-$ǪÈÑV‰ãp¨²("Wé«U[>>¤žÌ0Qh°-‰ê]¤§ªÞ†r;d&T¡£vÝ-i†Å]šû$ó°$<24>½aè™E94žéé`žçÐ<>í=!p©Æ[£ºqÖÏ›¦?U•/ÏkÀ… ÍwÓ^¥ZµÚIJèG¬lœiÇâè‘…€ö4C÷áb…ÑF÷´ªà+!Ót<C393>\¶t1ôc¡¯îSÇ~ž€+Òwª‘Ñ·[5¡jùû
g6†&©¯o¼´˜±ôÃ
|
|
@ -732,5 +732,14 @@ in
|
||||||
) config.extraServices)
|
) config.extraServices)
|
||||||
) cfg.sites);
|
) cfg.sites);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
dgn-backups = {
|
||||||
|
jobs = mapAttrs' (
|
||||||
|
name: _: nameValuePair "dj-${name}" { settings.paths = [ "/var/lib/django-apps/${name}" ]; }
|
||||||
|
) cfg.sites;
|
||||||
|
postgresDatabases = builtins.map (name: "dj-${name}") (
|
||||||
|
attrNames (filterAttrs (_: { dbType, ... }: dbType == "postgresql") cfg.sites)
|
||||||
|
);
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue