From 376f15ab7355cc968d4ae8405c90bcb81d2f8b8e Mon Sep 17 00:00:00 2001 From: albert Date: Wed, 14 Aug 2024 09:24:18 +0900 Subject: [PATCH] Update warsaw and framework-server cron --- nixos/hosts/framework-server/cron.nix | 50 +------------------------- nixos/hosts/warsaw-ovh-01/cron.nix | 52 ++------------------------- 2 files changed, 3 insertions(+), 99 deletions(-) diff --git a/nixos/hosts/framework-server/cron.nix b/nixos/hosts/framework-server/cron.nix index 97b4e90f..2fe37da8 100644 --- a/nixos/hosts/framework-server/cron.nix +++ b/nixos/hosts/framework-server/cron.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: { +{ ... }: { services.cron = { enable = true; systemCronJobs = [ @@ -8,8 +8,6 @@ ''0 5 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Media/Pictures/Wallpapers'' # Back up the docker containers monthly: ''@monthly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done'' - # Set a random Pi-Hole password - ''* * * * * root docker exec pihole sudo pihole -a -p $(openssl rand -hex 128)'' # Run the ClamAV scan ''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh'' # Archive Loki logs monthly @@ -29,49 +27,3 @@ ]; }; } -# Old crontab: -# # At reboot, apply the ip_tables modprobe so Wireguard works -# @reboot /usr/sbin/modprobe ip_tables -# -# # At reboot, restart Docker. Otherwise, iptables / the firewall freaks out -# @reboot /usr/bin/systemctl stop docker; /usr/bin/systemctl start docker -# -# # Every day, get storage space for monitoring -# @daily source ~/.bashrc; for i in `ls /Storage/Data/Docker`; do echo echo "$(date): $(du -s /Storage/Data/Docker/$i)" | sed -e 's/\/Storage\/Data\/Docker\/\$i//' >> /root/sizes/$i.log; done -# -# # Clean up NextCloud files weekly to save space -# @weekly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php occ versions:cleanup -# DONE # Run the Nextcloud cronjobs hourly -# DONE @hourly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php -f /var/www/html/cron.php -# -# -# # Clear out Mastodon caches daily -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --days 1 --prune-profiles -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl accounts prune -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl statuses remove --days 1 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 0 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove-orphans -# -# DONE # Run the Pixelfed scheduler -# DONE * * * * * /usr/bin/docker exec pixelfed-app php artisan schedule:run -# -# DONE # Run the ClamAV scan -# DONE @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh -# -# DONE # Set a random PiHole password every minute -# DONE * * * * * /usr/bin/docker exec pihole sudo pihole -a -p $(openssl rand -hex 128) -# -# NOT NEEDED # back up crontab: -# NOT NEEDED # 0 0 * * * /usr/bin/crontab -l > /Storage/Data/Temporary/crontab -# -# # Back up and delete local copies of Loki logs monthly -# DONE @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log -# -# DONE # Back up the docker containers weekly: -# DONE @weekly source ~/.bashrc; ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done -# -# # Set up DERP relay certs for headscale-derp: -# DONE @hourly cp /Storage/Data/Docker/letsencrypt/certs/certs/\*.sysctl.io.crt /Storage/Data/Docker/letsencrypt/certs/certs/derp.sysctl.io.crt -# DONE @hourly cp /Storage/Data/Docker/letsencrypt/certs/private/\*.sysctl.io.key /Storage/Data/Docker/letsencrypt/certs/private/derp.sysctl.io.key diff --git a/nixos/hosts/warsaw-ovh-01/cron.nix b/nixos/hosts/warsaw-ovh-01/cron.nix index 97b4e90f..b201e216 100644 --- a/nixos/hosts/warsaw-ovh-01/cron.nix +++ b/nixos/hosts/warsaw-ovh-01/cron.nix @@ -1,6 +1,6 @@ -{ pkgs, ... }: { +{ ... }: { services.cron = { - enable = true; + enable = false; systemCronJobs = [ # Backups to nuc-docker01 ''0 0 * * * root rsync --delete -avr /Storage/Data/Docker/sysctl.io/ root@nuc-docker01:/Storage/Data/Docker/sysctl.io/'' @@ -8,8 +8,6 @@ ''0 5 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Media/Pictures/Wallpapers'' # Back up the docker containers monthly: ''@monthly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done'' - # Set a random Pi-Hole password - ''* * * * * root docker exec pihole sudo pihole -a -p $(openssl rand -hex 128)'' # Run the ClamAV scan ''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh'' # Archive Loki logs monthly @@ -29,49 +27,3 @@ ]; }; } -# Old crontab: -# # At reboot, apply the ip_tables modprobe so Wireguard works -# @reboot /usr/sbin/modprobe ip_tables -# -# # At reboot, restart Docker. Otherwise, iptables / the firewall freaks out -# @reboot /usr/bin/systemctl stop docker; /usr/bin/systemctl start docker -# -# # Every day, get storage space for monitoring -# @daily source ~/.bashrc; for i in `ls /Storage/Data/Docker`; do echo echo "$(date): $(du -s /Storage/Data/Docker/$i)" | sed -e 's/\/Storage\/Data\/Docker\/\$i//' >> /root/sizes/$i.log; done -# -# # Clean up NextCloud files weekly to save space -# @weekly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php occ versions:cleanup -# DONE # Run the Nextcloud cronjobs hourly -# DONE @hourly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php -f /var/www/html/cron.php -# -# -# # Clear out Mastodon caches daily -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --days 1 --prune-profiles -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl accounts prune -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl statuses remove --days 1 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 0 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1 -# DONE @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove-orphans -# -# DONE # Run the Pixelfed scheduler -# DONE * * * * * /usr/bin/docker exec pixelfed-app php artisan schedule:run -# -# DONE # Run the ClamAV scan -# DONE @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh -# -# DONE # Set a random PiHole password every minute -# DONE * * * * * /usr/bin/docker exec pihole sudo pihole -a -p $(openssl rand -hex 128) -# -# NOT NEEDED # back up crontab: -# NOT NEEDED # 0 0 * * * /usr/bin/crontab -l > /Storage/Data/Temporary/crontab -# -# # Back up and delete local copies of Loki logs monthly -# DONE @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log -# -# DONE # Back up the docker containers weekly: -# DONE @weekly source ~/.bashrc; ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done -# -# # Set up DERP relay certs for headscale-derp: -# DONE @hourly cp /Storage/Data/Docker/letsencrypt/certs/certs/\*.sysctl.io.crt /Storage/Data/Docker/letsencrypt/certs/certs/derp.sysctl.io.crt -# DONE @hourly cp /Storage/Data/Docker/letsencrypt/certs/private/\*.sysctl.io.key /Storage/Data/Docker/letsencrypt/certs/private/derp.sysctl.io.key