70 lines
No EOL
4.5 KiB
Nix
70 lines
No EOL
4.5 KiB
Nix
{ pkgs, ... }: {
|
|
services.cron = {
|
|
enable = true;
|
|
systemCronJobs = [
|
|
# Backups to nuc-docker01
|
|
''0 0 * * * root ${pkgs.rsync}/bin/rsync --delete -avr /Storage/Data/Docker/root@nuc-docker01:/Storage/Data/Docker/''
|
|
''0 3 * * * root ${pkgs.rsync}/bin/rsync -avr /Storage/Data/Docker/nextcloud/html/data/albert/files/InstantUpload/ root@nuc-docker01:/Storage/Video/Pictures/InstantUpload/''
|
|
''0 5 * * * root ${pkgs.rsync}/bin/rsync -avr /Storage/Data/Docker/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Video/Pictures/Wallpapers''
|
|
# DERP relay certs
|
|
''@hourly root cp /Storage/Data/Docker/letsencrypt/certs/certs/\*.sysctl.io.crt /Storage/Data/Docker/letsencrypt/certs/certs/derp.sysctl.io.crt''
|
|
''@hourly root cp /Storage/Data/Docker/letsencrypt/certs/private/\*.sysctl.io.key /Storage/Data/Docker/letsencrypt/certs/private/derp.sysctl.io.key''
|
|
# Back up the docker containers weekly:
|
|
''@weekly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done''
|
|
# Set a random Pi-Hole password
|
|
''* * * * * root docker exec pihole sudo pihole -a -p $(openssl rand -hex 128)''
|
|
# Run the ClamAV scan
|
|
''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh''
|
|
# Back up Loki logs monthly
|
|
''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log''
|
|
];
|
|
};
|
|
|
|
# Old crontab:
|
|
# # At reboot, apply the ip_tables modprobe so Wireguard works
|
|
# @reboot /usr/sbin/modprobe ip_tables
|
|
#
|
|
# # At reboot, restart Docker. Otherwise, iptables / the firewall freaks out
|
|
# @reboot /usr/bin/systemctl stop docker; /usr/bin/systemctl start docker
|
|
#
|
|
# # Every day, get storage space for monitoring
|
|
# @daily source ~/.bashrc; for i in `ls /Storage/Data/Docker`; do echo echo "$(date): $(du -s /Storage/Data/Docker/$i)" | sed -e 's/\/Storage\/Data\/Docker\/\$i//' >> /root/sizes/$i.log; done
|
|
#
|
|
# # Clean up NextCloud files weekly to save space
|
|
# @weekly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php occ versions:cleanup
|
|
# # Run the Nextcloud cronjobs hourly
|
|
# @hourly source ~/.bashrc; /usr/bin/docker exec -uwww-data nextcloud php -f /var/www/html/cron.php
|
|
#
|
|
#
|
|
# # Clear out Mastodon caches daily
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --days 1 --prune-profiles
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl accounts prune
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl statuses remove --days 1
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 0
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl preview_cards remove --days 1
|
|
# @daily source ~/.bashrc; /usr/bin/docker exec mastodon-web tootctl media remove-orphans
|
|
#
|
|
# # Run the Pixelfed scheduler
|
|
# * * * * * /usr/bin/docker exec pixelfed-app php artisan schedule:run
|
|
#
|
|
# # Run the ClamAV scan
|
|
# @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh
|
|
#
|
|
# # Set a random PiHole password every minute
|
|
# * * * * * /usr/bin/docker exec pihole sudo pihole -a -p $(openssl rand -hex 128)
|
|
#
|
|
# # back up crontab:
|
|
# # 0 0 * * * /usr/bin/crontab -l > /Storage/Data/Temporary/crontab
|
|
#
|
|
# # Back up and delete local copies of Loki logs monthly
|
|
# @monthly source ~/.bashrc; /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log
|
|
#
|
|
# # Back up the docker containers weekly:
|
|
# @weekly source ~/.bashrc; ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done
|
|
#
|
|
# # Set up DERP relay certs for headscale-derp:
|
|
# @hourly cp /Storage/Data/Docker/letsencrypt/certs/certs/\*.sysctl.io.crt /Storage/Data/Docker/letsencrypt/certs/certs/derp.sysctl.io.crt
|
|
# @hourly cp /Storage/Data/Docker/letsencrypt/certs/private/\*.sysctl.io.key /Storage/Data/Docker/letsencrypt/certs/private/derp.sysctl.io.key
|
|
|
|
} |