nix/nixos/hosts/framework-server/cron.nix

{ pkgs, ... }: {
  services.cron = {
    enable = true;
    systemCronJobs = [
      # Backups to nuc-docker01
      ''0 0 * * * root rsync --delete -avr /Storage/Data/Docker/sysctl.io/ root@nuc-docker01:/Storage/Data/Docker/sysctl.io/''
      ''0 3 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/InstantUpload/ root@nuc-docker01:/Storage/Video/Pictures/InstantUpload/''
      ''0 5 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Video/Pictures/Wallpapers''
      # Back up the docker containers monthly:
      ''@monthly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done''
      # Set a random Pi-Hole password
      ''* * * * * root docker exec  pihole sudo pihole -a -p $(openssl rand -hex 128)''
      # Run the ClamAV scan
      ''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh''
      # Archive Loki logs monthly
      ''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log''
      # Run the Nextcloud cronjobs hourly
      ''@hourly root docker exec -uwww-data nextcloud php -f /var/www/html/cron.php''
      # Run the Pixelfed scheduler
      ''* * * * * root docker exec pixelfed-app php artisan schedule:run''
      # Update / CLean Mastodon caches
      ''@daily root docker exec mastodon-web tootctl preview_cards  remove --days 7''
      ''@daily root docker exec mastodon-web tootctl media remove --days 7 --prune-profiles''
      ''@daily root docker exec mastodon-web tootctl accounts prune''
      ''@daily root docker exec mastodon-web tootctl statuses remove --days 7''
      ''@daily root docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 7''
      ''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''
      ''@daily root docker exec mastodon-web tootctl media remove-orphans''
    ];
  };
}
# Old crontab:
#  # At reboot, apply the ip_tables modprobe so Wireguard works
#  @reboot /usr/sbin/modprobe ip_tables
#  
#  # At reboot, restart Docker.  Otherwise, iptables / the firewall freaks out
#  @reboot /usr/bin/systemctl stop docker; /usr/bin/systemctl start docker
#  
#  # Every day, get storage space for monitoring
#  @daily source ~/.bashrc; for i in `ls /Storage/Data/Docker`; do echo echo "$(date): $(du -s /Storage/Data/Docker/$i)" | sed -e 's/\/Storage\/Data\/Docker\/\$i//' >> /root/sizes/$i.log; done
#  
#  # Clean up NextCloud files weekly to save space
#  @weekly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php occ versions:cleanup
# DONE # Run the Nextcloud cronjobs hourly
# DONE @hourly  source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php -f /var/www/html/cron.php
#  
#  
#  # Clear out Mastodon caches daily
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards  remove --days 1
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media          remove --days 1 --prune-profiles
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl accounts       prune
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl statuses       remove --days 1
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 0
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1
# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove-orphans
#  
# DONE # Run the Pixelfed scheduler
# DONE * * * * * /usr/bin/docker exec pixelfed-app php artisan schedule:run
#  
# DONE  # Run the ClamAV scan
# DONE  @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh
#  
# DONE # Set a random PiHole password every minute
# DONE * * * * * /usr/bin/docker exec  pihole sudo pihole -a -p $(openssl rand -hex 128)
#  
# NOT NEEDED # back up crontab:
# NOT NEEDED # 0 0 * * * /usr/bin/crontab -l > /Storage/Data/Temporary/crontab
#  
#  # Back up and delete local copies of Loki logs monthly
# DONE  @monthly  source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log
#  
# DONE  # Back up the docker containers weekly:
# DONE  @weekly source ~/.bashrc; ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done
#  
#  # Set up DERP relay certs for headscale-derp:
# DONE  @hourly cp /Storage/Data/Docker/letsencrypt/certs/certs/\*.sysctl.io.crt   /Storage/Data/Docker/letsencrypt/certs/certs/derp.sysctl.io.crt
# DONE  @hourly cp /Storage/Data/Docker/letsencrypt/certs/private/\*.sysctl.io.key /Storage/Data/Docker/letsencrypt/certs/private/derp.sysctl.io.key
test 2023-12-07 10:16:46 +01:00			`{ pkgs, ... }: {`
Updates 2024-05-01 09:24:11 +02:00			`services.cron = {`
			`enable = true;`
			`systemCronJobs = [`
			`# Backups to nuc-docker01`
			`''0 0 * * * root rsync --delete -avr /Storage/Data/Docker/sysctl.io/ root@nuc-docker01:/Storage/Data/Docker/sysctl.io/''`
			`''0 3 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/InstantUpload/ root@nuc-docker01:/Storage/Video/Pictures/InstantUpload/''`
			`''0 5 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Video/Pictures/Wallpapers''`
			`# Back up the docker containers monthly:`
			`''@monthly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i \| gzip -cf \| ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done''`
			`# Set a random Pi-Hole password`
			`''* * * * * root docker exec pihole sudo pihole -a -p $(openssl rand -hex 128)''`
			`# Run the ClamAV scan`
			`''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh''`
			`# Archive Loki logs monthly`
			`''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log''`
			`# Run the Nextcloud cronjobs hourly`
			`''@hourly root docker exec -uwww-data nextcloud php -f /var/www/html/cron.php''`
			`# Run the Pixelfed scheduler`
			`''* * * * * root docker exec pixelfed-app php artisan schedule:run''`
			`# Update / CLean Mastodon caches`
			`''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''`
			`''@daily root docker exec mastodon-web tootctl media remove --days 7 --prune-profiles''`
			`''@daily root docker exec mastodon-web tootctl accounts prune''`
			`''@daily root docker exec mastodon-web tootctl statuses remove --days 7''`
			`''@daily root docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 7''`
			`''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''`
			`''@daily root docker exec mastodon-web tootctl media remove-orphans''`
			`];`
			`};`
Testing at jobs for setting themes 2024-01-02 13:26:44 +01:00			`}`
Update cron 2023-12-08 11:18:06 +01:00			`# Old crontab:`
			`# # At reboot, apply the ip_tables modprobe so Wireguard works`
			`# @reboot /usr/sbin/modprobe ip_tables`
			`#`
			`# # At reboot, restart Docker. Otherwise, iptables / the firewall freaks out`
			`# @reboot /usr/bin/systemctl stop docker; /usr/bin/systemctl start docker`
			`#`
			`# # Every day, get storage space for monitoring`
			# @daily source ~/.bashrc; for i in `ls /Storage/Data/Docker`; do echo echo "$(date): $(du -s /Storage/Data/Docker/$i)" \| sed -e 's/\/Storage\/Data\/Docker\/\$i//' >> /root/sizes/$i.log; done
			`#`
			`# # Clean up NextCloud files weekly to save space`
			`# @weekly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php occ versions:cleanup`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE # Run the Nextcloud cronjobs hourly`
			`# DONE @hourly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php -f /var/www/html/cron.php`
Update cron 2023-12-08 11:18:06 +01:00			`#`
			`#`
			`# # Clear out Mastodon caches daily`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1`
			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --days 1 --prune-profiles`
			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl accounts prune`
			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl statuses remove --days 1`
			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 0`
			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1`
			`# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove-orphans`
Update cron 2023-12-08 11:18:06 +01:00			`#`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE # Run the Pixelfed scheduler`
			`# DONE * * * * * /usr/bin/docker exec pixelfed-app php artisan schedule:run`
Update cron 2023-12-08 11:18:06 +01:00			`#`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE # Run the ClamAV scan`
			`# DONE @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh`
Update cron 2023-12-08 11:18:06 +01:00			`#`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE # Set a random PiHole password every minute`
			`# DONE * * * * * /usr/bin/docker exec pihole sudo pihole -a -p $(openssl rand -hex 128)`
Update cron 2023-12-08 11:18:06 +01:00			`#`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# NOT NEEDED # back up crontab:`
			`# NOT NEEDED # 0 0 * * * /usr/bin/crontab -l > /Storage/Data/Temporary/crontab`
Update cron 2023-12-08 11:18:06 +01:00			`#`
			`# # Back up and delete local copies of Loki logs monthly`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log`
Update cron 2023-12-08 11:18:06 +01:00			`#`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE # Back up the docker containers weekly:`
			`# DONE @weekly source ~/.bashrc; ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i \| gzip -cf \| ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done`
Update cron 2023-12-08 11:18:06 +01:00			`#`
			`# # Set up DERP relay certs for headscale-derp:`
Add Mastodon cache cleanup 2023-12-27 12:54:13 +01:00			`# DONE @hourly cp /Storage/Data/Docker/letsencrypt/certs/certs/\*.sysctl.io.crt /Storage/Data/Docker/letsencrypt/certs/certs/derp.sysctl.io.crt`
			`# DONE @hourly cp /Storage/Data/Docker/letsencrypt/certs/private/\*.sysctl.io.key /Storage/Data/Docker/letsencrypt/certs/private/derp.sysctl.io.key`