monitoring + backup

2023-10-13 11:56:50 +02:00 · 2023-10-13 11:56:50 +02:00 · aa537d77d6
parent 0d188d16f3
commit aa537d77d6
2 changed files with 36 additions and 3 deletions
--- a/backup.nix
+++ b/backup.nix
@ -0,0 +1,15 @@
+{ config, pkgs, nixpkgs, ... }:
+{
+
+
+  services.restic.backups = {
+    "localbackup" = {
+      initialize = true;
+      passwordFile = "/etc/restic-password";
+      repository = "/root/backup-target";
+      paths = [ "/etc" ];
+      timerConfig.OnCalendar = "*:0,15,30,45";
+      pruneOpts = [ "--keep-last 10" "--keep-hourly 24" "--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 100" ];
+    };
+  };
+}
--- a/configuration.nix
+++ b/configuration.nix
@ -7,9 +7,10 @@
 {
  imports =
    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-	  ./tor.nix
-    ];
+      ./hardware-configuration.nix	 
+      ./tor.nix
+      ./backup.nix
+        ];

 services.openssh.settings.PermitRootLogin = "yes";
  # Use the GRUB 2 boot loader.
@ -77,6 +78,7 @@ services.openssh.settings.PermitRootLogin = "yes";
    tmux
    git
    firefox
+    restic
  ];

  # Some programs need SUID wrappers, can be configured further or are
@ -130,6 +132,22 @@ services.openssh.settings.PermitRootLogin = "yes";
    services.prometheus = {
    enable = true;
    port = 9001;
+	    exporters = {
+      node = {
+        enable = true;
+        enabledCollectors = [ "systemd" ];
+        port = 9002;
+      };
+    };
+    scrapeConfigs = [
+      {
+        job_name = "chrysalis";
+        static_configs = [{
+          targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
+        }];
+      }
+    ];
+
  };