[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/03: hydra: bayfront: Periodically rsync bits from berlin.
From: |
Ludovic Courtès |
Subject: |
01/03: hydra: bayfront: Periodically rsync bits from berlin. |
Date: |
Tue, 21 Dec 2021 14:41:47 -0500 (EST) |
civodul pushed a commit to branch master
in repository maintenance.
commit 498a532c31225d39049680243850a49933e2487d
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Tue Dec 21 20:38:37 2021 +0100
hydra: bayfront: Periodically rsync bits from berlin.
* hydra/bayfront.scm (backup-mcron-jobs, backup-activation)
(backup-service-type): New variables.
<services>: Use it.
---
hydra/bayfront.scm | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 71 insertions(+), 1 deletion(-)
diff --git a/hydra/bayfront.scm b/hydra/bayfront.scm
index 2bea4eb..2a53b6a 100644
--- a/hydra/bayfront.scm
+++ b/hydra/bayfront.scm
@@ -9,12 +9,13 @@
;; Released under the GNU GPLv3 or any later version.
(use-modules (gnu) (guix) (guix packages) (guix git)
+ (guix modules)
(sysadmin people) (sysadmin services)
(sysadmin dns) (sysadmin web))
(use-service-modules admin avahi base certbot databases dns
monitoring networking shepherd ssh vpn web mcron guix)
(use-package-modules admin certs ci databases linux ssh tls vim
- package-management web wget)
+ package-management rsync web wget)
(include "website.scm")
@@ -151,6 +152,67 @@ Happy hacking!\n"))
(openpgp-fingerprint
"CA4F 8CF4 37D7 478F DA05 5FD4 4213 7701 1A37
8446")))))))
+
+;;;
+;;; Backups from berlin.
+;;;
+
+(define backup-mcron-jobs
+ (let* ((berlin-wg-ip "10.0.0.1") ;WireGuard VPN IP of berlin
+ (url (lambda (module)
+ (string-append "rsync://" berlin-wg-ip "/" module))))
+ (define (backup-job spec url target)
+ #~(job #$spec
+ (string-append #$rsync "/bin/rsync"
+ " -vur " #$url " " #$target)
+ #:user "static-web-site"))
+
+ ;; Replicate (mostly) the "stateful" bits associated with the web site,
+ ;; <https://guix.gnu.org>. See the list of rsync "modules" exported by
+ ;; 'rsync-service-type' on berlin.guix.gnu.org.
+ (list (backup-job "00 4 * * *"
+ (url "disarchive") "/srv/disarchive")
+ (backup-job "10 4 * * *"
+ (url "web-pdf") "/srv/guix-pdfs")
+ (backup-job "20 4 * * *"
+ (url "web-video") "/srv/videos")
+ (backup-job "30 4 * * *"
+ (url "web-audio") "/srv/audio")
+ (backup-job "40 4 * * *"
+ (url "web-cuirass") "/srv/cuirass-releases"))))
+
+(define backup-activation
+ (with-imported-modules (source-module-closure
+ '((gnu build activation)))
+ #~(begin
+ (use-modules (gnu build activation))
+
+ (for-each (lambda (directory)
+ (mkdir-p/perms directory
+ (getpw "static-web-site")
+ #o755))
+ '("/srv/disarchive"
+ "/srv/guix-pdfs"
+ "/srv/videos"
+ "/srv/audio"
+ "/srv/cuirass-releases")))))
+
+(define backup-service-type
+ (service-type
+ (name 'backup)
+ (extensions
+ (list (service-extension mcron-service-type
+ (const backup-mcron-jobs))
+ (service-extension activation-service-type
+ (const backup-activation))))
+ (default-value #t)
+ (description "Backup data from berlin.guix.gnu.org.")))
+
+
+;;;
+;;; Nginx.
+;;;
+
(define %bayfront-nginx-service-extra-config
"
sendfile on;
@@ -612,6 +674,7 @@ ssl_dhparam /etc/dhparams.pem;
access_log /var/log/nginx/bordeaux.access.log;"))
(locations common-locations)))))
+
(define %guix-build-coordinator-configuration
(let* ((data.guix.gnu.org-build-event-destination
#~(string-append
@@ -742,6 +805,11 @@ access_log /var/log/nginx/bordeaux.access.log;"))
(datastore-list-build-outputs
(build-coordinator-datastore build-coordinator)
uuid))))))))))
+
+;;;
+;;; Operating system.
+;;;
+
(operating-system
(host-name "bayfront")
(timezone "Europe/Paris")
@@ -820,6 +888,8 @@ access_log /var/log/nginx/bordeaux.access.log;"))
(service ntp-service-type)
+ (service backup-service-type)
+
;; DNS
(service knot-service-type
(knot-configuration