forked from Deuxfleurs/nixcfg
Backup Cryptpad
This commit is contained in:
parent
8cd2f72926
commit
52f14f9da2
6 changed files with 76 additions and 0 deletions
57
app/cryptpad/deploy/backup.hcl
Normal file
57
app/cryptpad/deploy/backup.hcl
Normal file
|
@ -0,0 +1,57 @@
|
|||
job "cryptpad_backup" {
|
||||
datacenters = ["neptune"]
|
||||
type = "batch"
|
||||
|
||||
priority = "60"
|
||||
|
||||
periodic {
|
||||
cron = "@daily"
|
||||
// Do not allow overlapping runs.
|
||||
prohibit_overlap = true
|
||||
}
|
||||
|
||||
group "backup-cryptpad" {
|
||||
constraint {
|
||||
attribute = "${attr.unique.hostname}"
|
||||
operator = "="
|
||||
value = "courgette"
|
||||
}
|
||||
|
||||
task "main" {
|
||||
driver = "docker"
|
||||
|
||||
config {
|
||||
image = "restic/restic:0.12.1"
|
||||
entrypoint = [ "/bin/sh", "-c" ]
|
||||
args = [ "restic backup /cryptpad && restic forget --keep-within 1m1d --keep-within-weekly 3m --keep-within-monthly 1y && restic prune --max-unused 50% --max-repack-size 2G && restic check" ]
|
||||
volumes = [
|
||||
"/mnt/storage/cryptpad:/cryptpad"
|
||||
]
|
||||
}
|
||||
|
||||
template {
|
||||
data = <<EOH
|
||||
AWS_ACCESS_KEY_ID={{ key "secrets/cryptpad_backup/backup_aws_access_key_id" }}
|
||||
AWS_SECRET_ACCESS_KEY={{ key "secrets/cryptpad_backup/backup_aws_secret_access_key" }}
|
||||
RESTIC_REPOSITORY={{ key "secrets/cryptpad_backup/backup_restic_repository" }}
|
||||
RESTIC_PASSWORD={{ key "secrets/cryptpad_backup/backup_restic_password" }}
|
||||
EOH
|
||||
|
||||
destination = "secrets/env_vars"
|
||||
env = true
|
||||
}
|
||||
|
||||
resources {
|
||||
cpu = 500
|
||||
memory = 200
|
||||
}
|
||||
|
||||
restart {
|
||||
attempts = 2
|
||||
interval = "30m"
|
||||
delay = "15s"
|
||||
mode = "fail"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
USER Backup AWS access key ID
|
|
@ -0,0 +1 @@
|
|||
USER Backup AWS secret access key
|
|
@ -0,0 +1 @@
|
|||
USER Restic password to encrypt backups
|
|
@ -0,0 +1 @@
|
|||
USER Restic repository, eg. s3:https://s3.garage.tld
|
15
app/shell.nix
Normal file
15
app/shell.nix
Normal file
|
@ -0,0 +1,15 @@
|
|||
{
|
||||
pkgs ? import <nixpkgs> {}
|
||||
}:
|
||||
|
||||
with pkgs; mkShell {
|
||||
nativeBuildInputs = [
|
||||
nomad
|
||||
docker-compose
|
||||
python39Packages.pip
|
||||
python39Packages.ldap
|
||||
python39Packages.consul
|
||||
python39Packages.passlib
|
||||
];
|
||||
}
|
||||
|
Loading…
Reference in a new issue