diff --git a/nixos/common/modules/ssh-luks.nix b/nixos/common/modules/ssh-luks.nix index 3fcb31fc..b716145f 100644 --- a/nixos/common/modules/ssh-luks.nix +++ b/nixos/common/modules/ssh-luks.nix @@ -16,31 +16,22 @@ authorizedKeys = [ # albert@nixos-framework ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDI7fJtiVPMYN2xJVdr84r1Vrquvo0abJQKtt1NO/F0umyCRvGBaim33KrgyWi8fFCqV6/26JNXx8TdJ6ekczuolxE6/LGIngJ4KUFrAaU9QDdcC7dkDGGUbsGXBNKcvy1uI2dJPqEA1+VotjwTs00Xa6nl9d5VH3yMo2Qgn3HoZvZKbBj2H+06ZJaFckLp7GT7OoPWOE50VxgH8tUsQOlgt/ZaFx7klI7EJLus7lo8gLsQeZPJVT9DXFDUJwwbUeUA/BwnRVPMTF1YrhKat/mvl7iApjNYojxClcEArj2e/hqV7EQrDv8wuW7ocb1HW/r2RLtytP27wJNc9RkrFL4mhvsRbFX2XmhbCoyCS4a1fZyxBqSS7jPbG8IBiAaMi9R45b1Jg4zE+960BKKpcrKJoU5+JHX23XJM4+1Mz9aCL2elSed5KeQDjCGdiYRL7NaqXzVK1qjgPbNsdEoL2VYuz8lT1yAtAEh7O+zFf/Argj5qaTlcRfSvKSYT3/rIj75MBLu3XKrcxBAl+2GE0WW8Wsk04XPiyR3dvAhpbLlkpQFCzsJvkAAwJr6Nh3ihY9bwBgLX8zY8ry+gkSMEsa5coazINkvJLtlLWOGt3Z5wkRIWXIrWDpGyLQCOKgUekUVIvYqJDYYuYMk/DJUJQ2OOtZMSHjXd/ajAGfRRU6hQoYopJIAPVBsZNAmQkVz1ijqX9L/B3LkPUTB3q4rxveTFFxdwFIv/QZp3Q258Sl/zfki1QPH+11Eezr2mmMLMc/AzPBONRb3T7/fv8aLXWBoI20az0lb+xCJFBkH4iVKWxAdpBD2Ou/Bc8QiEtPD5g59/bVkWnLcx03TrSL1UChcV7BIlBO0/CEcul9DZEPFaZvyAuSypIT7+Te1DSUqPugtFPdx9vnlXcar5JUfsTTgiJkHxWhidpxv36CBiwnCeAEhUhF/O2je8HCg9vkn9/WLu05X8xBFtQto5mH0SR/wAlz6iUEjQ4JvZMOsQnKnQxGRimmsAU2vM4YwO8u3xnJzs1ClJaWwkOwoHR9voBoY1Atzr/LI7o4R1mAw+HX7FtOqSnbeiD5Zv7OTNcP1RFp5rCCHoryp6WA4biVKZc7hrwDNb8jsym67Ji7Xy0VebZ9+/KOEcZMqgW94zqBlLPjL8VjwPRMdcq0yynho0TME84ODlY4Qfj6bIGcaQ+DEIVirwiomHKlWwX9kG/p4d1NByr4gM1kQ2UFGIgiXFcd56cf5mxR+0y9MhX4Wt2TRqqiwo5lEJz+ftikm3eFvCI5R9/nyVe5PPNz/UIuHjeiQ25b+eU1rt/jxQskqZsqUc8yBvfj67yIp+w3m1LHUfzXTjcPbJaNU68TgH1dComy8P albert@nixos-framework'' - # albert@nixos-vm-01 ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFnjCBEWaHzD1OVwT0rtwh91Hb4iAdgkYnE4MKKANgE0 albert@nixos-vm-01'' - # (Thu Dec 28 19:30:06 JST 2023) albert@framework-server ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAODamRCvyVOGmMSMXWdUzjcM2GsApizCvXEWKHiKhGk albert@framework-server'' - # (Thu Dec 28 19:34:47 JST 2023) albert@osaka-linode-01 ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEsl8Z0jXAboCBdAtWDkssHI3M3lHSPaM4uUgxzBJI41 albert@osaka-linode-01'' - # (Fri Dec 15 09:34:02 AM UTC 2023) forgejo-runner ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJE7z4JlohTe2TfB5ovsDWMT+M+V9AyQ6dXNelX6oGU forgejo-runner'' - # (Fri Dec 15 09:34:02 AM UTC 2023) albert@piaware-rpi4 ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINR8PCfKOTArLemqmnHom4vWJ6u8wrlpG6/gSqeYo/qD albert@piaware-rpi4'' - # (Fri Dec 15 11:40:53 AM UTC 2023) albert@backups-rpi4 ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGNkKoS32K487JaFza9TUFwrjwe9P7SNIHbVNxhzmRcI albert@backups-rpi4'' - # (Tue Dec 26 10:33:58 AM UTC 2023) abc@rdesktop ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKa86iTPkRDwga4/T3XdyWfu5xH8oL/AWWWozz3rUyuA abc@rdesktop'' - # (Thu Dec 28 10:56:22 AM UTC 2023) pixel-5 ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7HMCutPvexUsbjAzpd0ZOsmVtg80MOaGnCOv+I3UBf pixel-5'' - # (Thu Dec 28 19:23:15 JST 2023) Win10 Desktop ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMnAgxirNxrWnYARBG4sQ9wp21zK9uhrcNpFzegTk3Kl albert j. copeland@win10-desktop'' ]; diff --git a/nixos/hosts/backups-rpi4/backup-script.nix b/nixos/hosts/backups-rpi4/backup-script.nix index 50ec99d7..788eba1b 100644 --- a/nixos/hosts/backups-rpi4/backup-script.nix +++ b/nixos/hosts/backups-rpi4/backup-script.nix @@ -185,8 +185,8 @@ fi echo -e "================================================================================" echo -e "======= Time: `date`" -echo -e "rsync -avr --delete --exclude=Downloads/ root@nuc-docker01:/Storage/Data/ /mnt/$drive1/Data/" -rsync -avr --delete --exclude=Downloads/ root@nuc-docker01:/Storage/Data/ /mnt/$drive1/Data/ +echo -e "rsync -avr --delete --exclude=Downloads/ --exclude=Data/Docker/sysctl\.io/ root@nuc-docker01:/Storage/Data/ /mnt/$drive1/Data/" +rsync -avr --delete --exclude=Downloads/ --exclude=Data/Docker/sysctl\.io/ root@nuc-docker01:/Storage/Data/ /mnt/$drive1/Data/ echo -e "======= Time: `date`" echo -e "======= Time complete: `date`" @@ -195,12 +195,71 @@ echo "Sending completion message" payload="{\"message\": \"Data Vol Backup completed\nDate: `date`\n`df -h | grep sda`\n`df -h | grep sdb`\n`df -h | grep sdc`\", \"priority\": 2,\"title\": \"backups-rpi4: Data Vol Backup Complete\"}" curl -X "POST" "https://gotify.sysctl.io/message" -H "accept: application/json" -H "Content-Type: application/json" -H "X-Gotify-Key: $GOTIFY_TOKEN" -d "$payload" +''; + +rsync-sysctl = pkgs.writeScriptBin "rsync-sysctl" '' +#!${pkgs.stdenv.shell} +# Send the gotify notification: + +GOTIFY_TOKEN=`cat /var/run/secrets/gotify_token | head -n 1` +payload="{\"message\": \"sysctl.io Backup has started\nDate: `date`\", \"priority\": 2,\"title\": \"backups-rpi4: sysctl.io Backup Started\"}" +curl -X "POST" "https://gotify.sysctl.io/message" -H "accept: application/json" -H "Content-Type: application/json" -H "X-Gotify-Key: $GOTIFY_TOKEN" -d "$payload" + +drive1=`lsblk -o NAME,SERIAL | grep -v luks | grep 9RGHYP8C | awk {'print $1'}` +drive2=`lsblk -o NAME,SERIAL | grep -v luks | grep 9RGXW93C | awk {'print $1'}` +drive3=`lsblk -o NAME,SERIAL | grep -v luks | grep 5QH05G3F | awk {'print $1'}` + +mount1=`mount -l | grep $drive1` +mounted1=`echo $?` +mount2=`mount -l | grep $drive2` +mounted2=`echo $?` +mount3=`mount -l | grep $drive3` +mounted3=`echo $?` + +echo "status" +echo "$drive1 / $mount1 / $mounted1" +echo "$drive2 / $mount2 / $mounted2" +echo "$drive3 / $mount3 / $mounted3" + +# If any drive isn't found, exit: +if [[ $mounted1 != 0 ]] && [[ munted2 != 0 ]] && [[ $mounted3 != 0 ]] ; then + payload="{\"message\": \"sysctl.io Backup stopped. One or more local drives are not mounted.\nDate: `date`\", \"priority\": 2,\"title\": \"backups-rpi4: sysctl.io Backup Stopped\"}" + curl -X "POST" "https://gotify.sysctl.io/message" -H "accept: application/json" -H "Content-Type: application/json" -H "X-Gotify-Key: $GOTIFY_TOKEN" -d "$payload" + +fi + +echo "Drive 1: $drive1" +echo "Drive 2: $drive2" +echo "Drive 3: $drive3" + +echo -e "======= Time started : `date`" + +if [[ `ps aux | grep rsync | grep -v grep | grep -v rsync-sysctl` ]] ; then + echo -e "================================================================================" + echo -e "rsync still running. Exiting...." + echo -e "======= Time complete: `date`" + exit +fi + +echo -e "================================================================================" +echo -e "======= Time: `date`" +echo -e "rsync -avr --delete --exclude=Downloads/ root@framework-server:/Storage/Data/Docker/sysctl.io/ /mnt/$drive1/Data/Docker/sysctl.io/" +rsync -avr --delete --exclude=Downloads/ root@framework-server:/Storage/Data/Docker/sysctl.io/ /mnt/$drive1/Data/Docker/sysctl.io/ + +echo -e "======= Time: `date`" +echo -e "======= Time complete: `date`" + +echo "Sending completion message" +payload="{\"message\": \"sysctl.io Backup completed\nDate: `date`\n`df -h | grep sda`\n`df -h | grep sdb`\n`df -h | grep sdc`\", \"priority\": 2,\"title\": \"backups-rpi4: sysctl.io Backup Complete\"}" +curl -X "POST" "https://gotify.sysctl.io/message" -H "accept: application/json" -H "Content-Type: application/json" -H "X-Gotify-Key: $GOTIFY_TOKEN" -d "$payload" + ''; in { environment.systemPackages = [ rsync-backups rsync-data-vol + rsync-sysctl ]; # Set up the secret for the password: diff --git a/nixos/hosts/backups-rpi4/cron.nix b/nixos/hosts/backups-rpi4/cron.nix index a50c7f15..04a3ea2e 100644 --- a/nixos/hosts/backups-rpi4/cron.nix +++ b/nixos/hosts/backups-rpi4/cron.nix @@ -4,8 +4,9 @@ systemCronJobs = [ # Backups from nuc-docker01 - See "backup-script.nix" # https://git.sysctl.io/albert/random-scripts/src/branch/master/rsync-pi/rsync-all.sh - ''0 9 * * * root rsync-backups >> /root/logs/backups/rsync_`date "+\%Y-\%m-\%d"`.log'' + ''0 9 * * * root rsync-backups >> /root/logs/backups/rsync_`date "+\%Y-\%m-\%d"`.log'' ''0 19 * * 3 root rsync-data-vol >> /root/logs/data-vol/rsync_`date "+\%Y-\%m-\%d"`.log'' + ''0 1 * * * root rsync-sysctl >> /root/logs/sysctl/rsync_`date "+\%Y-\%m-\%d"`.log'' ]; }; } \ No newline at end of file diff --git a/nixos/hosts/framework-server/default.nix b/nixos/hosts/framework-server/default.nix index 9e67de51..b1b549ca 100644 --- a/nixos/hosts/framework-server/default.nix +++ b/nixos/hosts/framework-server/default.nix @@ -20,6 +20,9 @@ pkgs.distrobox ]; + # backups-rpi4 cron job to back up sysctl.io's Docker files + users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKp2wgqFcr0LGaUXbom88/zK2631pysePUWIaCMljT0K root@backups-rpi4'' ]; + # steam , etc nixpkgs.config.allowUnfree = true;