guix
/
maintenance
mirror of git://git.savannah.gnu.org/guix/maintenance.git
2
0
Fork 0
Code Issues Releases Wiki Activity

hydra: bayfront: Periodically rsync bits from berlin. 

* hydra/bayfront.scm (backup-mcron-jobs, backup-activation)
(backup-service-type): New variables.
<services>: Use it.
This commit is contained in:
Ludovic Courtès 2021-12-21 20:38:37 +01:00
parent fa5b02c5b7
commit 498a532c31
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
1 changed files with 71 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
hydra/bayfront.scm
View File

@ -9,12 +9,13 @@
;; Released under the GNU GPLv3 or any later version.
(use-modules (gnu) (guix) (guix packages) (guix git)
(guix modules)
(sysadmin people) (sysadmin services)
(sysadmin dns) (sysadmin web))
(use-service-modules admin avahi base certbot databases dns
monitoring networking shepherd ssh vpn web mcron guix)
(use-package-modules admin certs ci databases linux ssh tls vim
package-management web wget)
package-management rsync web wget)
(include "website.scm")
@ -151,6 +152,67 @@ Happy hacking!\n"))
(openpgp-fingerprint
"CA4F 8CF4 37D7 478F DA05 5FD4 4213 7701 1A37 8446")))))))
;;;
;;; Backups from berlin.
;;;
(define backup-mcron-jobs
(let* ((berlin-wg-ip "10.0.0.1") ;WireGuard VPN IP of berlin
(url (lambda (module)
(string-append "rsync://" berlin-wg-ip "/" module))))
(define (backup-job spec url target)
#~(job #$spec
(string-append #$rsync "/bin/rsync"
" -vur " #$url " " #$target)
#:user "static-web-site"))
;; Replicate (mostly) the "stateful" bits associated with the web site,
;; <https://guix.gnu.org>. See the list of rsync "modules" exported by
;; 'rsync-service-type' on berlin.guix.gnu.org.
(list (backup-job "00 4 * * *"
(url "disarchive") "/srv/disarchive")
(backup-job "10 4 * * *"
(url "web-pdf") "/srv/guix-pdfs")
(backup-job "20 4 * * *"
(url "web-video") "/srv/videos")
(backup-job "30 4 * * *"
(url "web-audio") "/srv/audio")
(backup-job "40 4 * * *"
(url "web-cuirass") "/srv/cuirass-releases"))))
(define backup-activation
(with-imported-modules (source-module-closure
'((gnu build activation)))
#~(begin
(use-modules (gnu build activation))
(for-each (lambda (directory)
(mkdir-p/perms directory
(getpw "static-web-site")
#o755))
'("/srv/disarchive"
"/srv/guix-pdfs"
"/srv/videos"
"/srv/audio"
"/srv/cuirass-releases")))))
(define backup-service-type
(service-type
(name 'backup)
(extensions
(list (service-extension mcron-service-type
(const backup-mcron-jobs))
(service-extension activation-service-type
(const backup-activation))))
(default-value #t)
(description "Backup data from berlin.guix.gnu.org.")))
;;;
;;; Nginx.
;;;
(define %bayfront-nginx-service-extra-config
"
sendfile on;
@ -612,6 +674,7 @@ ssl_dhparam /etc/dhparams.pem;
access_log /var/log/nginx/bordeaux.access.log;"))
(locations common-locations)))))
(define %guix-build-coordinator-configuration
(let* ((data.guix.gnu.org-build-event-destination
#~(string-append
@ -742,6 +805,11 @@ access_log /var/log/nginx/bordeaux.access.log;"))
(datastore-list-build-outputs
(build-coordinator-datastore build-coordinator) uuid))))))))))
;;;
;;; Operating system.
;;;
(operating-system
(host-name "bayfront")
(timezone "Europe/Paris")
@ -820,6 +888,8 @@ access_log /var/log/nginx/bordeaux.access.log;"))
(service ntp-service-type)
(service backup-service-type)
;; DNS
(service knot-service-type
(knot-configuration