From aad5bfaf14d2df6aa4f7125f8c481f15e26a0cc5 Mon Sep 17 00:00:00 2001
From: Malte Brandy <malte.brandy@maralorn.de>
Date: Mon, 16 Dec 2019 01:38:19 +0100
Subject: [PATCH] Add backup

---
 hosts/hera/configuration.nix  |  49 +++++++++++++++++++++++++++++-----
 hosts/hera/secret/secrets.nix | Bin 0 -> 350 bytes
 2 files changed, 42 insertions(+), 7 deletions(-)
 create mode 100644 hosts/hera/secret/secrets.nix

diff --git a/hosts/hera/configuration.nix b/hosts/hera/configuration.nix
index d0811ec8..6a269a9a 100644
--- a/hosts/hera/configuration.nix
+++ b/hosts/hera/configuration.nix
@@ -36,14 +36,49 @@ in {
     host = "hera-intern:9100";
   }];
 
+  programs = {
+    ssh.extraConfig = ''
+      Host fb04*.mathematik.tu-darmstadt.de
+        ProxyJump brandy@gwres1.mathematik.tu-darmstadt.de
+    '';
+  };
   services = {
-    #borgbackup.jobs.data = {
-    #doInit = false;
-    #encryption.mode = "none";
-    #paths = "/home/${me.user}/data";
-    #repo = "borg@borg:.";
-    #compression = "zstd,5";
-    #};
+    borgbackup.jobs = let
+      passphrases = (import secret/secrets.nix).borgbackup;
+      defaultBackup = {
+        doInit = false;
+        compression = "zstd,5";
+        paths = [
+          "/media"
+          "/var/lib/containers/mail/var/vmail"
+          "/var/lib/containers/chor-cloud/var/lib/nextcloud/data"
+          "/var/lib/containers/chor-cloud/var/lib/postgresql"
+          "/var/lib/containers/cloud/var/lib/nextcloud/data"
+          "/var/lib/containers/cloud/var/lib/postgresql"
+          "/var/lib/matrix-synapse"
+          "/var/lib/postgresql"
+          "/var/lib/gitolite"
+          "/var/lib/taskserver"
+        ];
+      };
+    in {
+      fb04217 = defaultBackup // {
+        encryption = {
+          mode = "keyfile-blake2";
+          passphrase = passphrases.fb04217;
+        };
+        extraArgs = "--remote-path=bin/borg";
+        repo =
+          "brandy@fb04217.mathematik.tu-darmstadt.de:/media/maralorn-backup/hera-borg-repo";
+      };
+      cysec = defaultBackup // {
+        encryption = {
+          mode = "keyfile-blake2";
+          passphrase = passphrases.cysec;
+        };
+        repo = "maralorn@borg.cysec.de:/srv/cube/maralorn/hera-borg-repo";
+      };
+    };
     taskserver = {
       enable = true;
       fqdn = "hera.m-0.eu";
diff --git a/hosts/hera/secret/secrets.nix b/hosts/hera/secret/secrets.nix
new file mode 100644
index 0000000000000000000000000000000000000000..7521fe657cddc37bfd72396443868e74655e4fc0
GIT binary patch
literal 350
zcmV-k0ipf?M@dveQdv+`0MDuH_n=w<g3%&T%C`t(;z;4(dCq)_<y}zTO^dqfJZuNE
z+2i&kGm$%^kTo|m6N$0^N88(1P0v+t*f06ub(w{T(?NiGS~h^C$a6i+{P(H+qDc&!
zh82vgSp6`A&rURtMK;$fk)tyVT#3>5^+Q1Tf_QZHwY$_UgF$tm`(cpX!B9>h6Y^7%
z^GGs+;=t@6j?hVz1~m-A#pI^}bNK!l@EeMwbMU+@e;!vrw(Krw6#*J^u;M8H7;E0s
zJ6Bff5w~4){g7D-y`mDluT)OvKo^}sMNciLIK_B0Tyvfcy?J|$jXao|Sb<Q6gf+QR
z&Y<NmU<+AtREbs%qSbu2U{%bMq(v$qKS_w4;=IwrQ_{ziXwG;2epKA|z#1iL<L22t
w>h^Sn;(oO{C-mvI!x$Tzah&3g)&Sly@P`<Qvs9ITkc;*08>#k3Jhu5H6S|hOWdHyG

literal 0
HcmV?d00001