citadel

My dotfiles, scripts and nix configs
git clone git://jb55.com/citadel
Log | Files | Refs | README | LICENSE

wiki.nix (1199B)

      1 extra:
      2 { config, lib, pkgs, ... }:
      3 let pubkey = pkgs.fetchurl {
      4                url = "https://jb55.com/pgp.txt";
      5                sha256 = "012910961fb58b886fc44a8ebedba394240be4e17604703f3b094eef86d5aca5";
      6              };
      7 in
      8 {
      9   systemd.services.wiki-backup = {
     10     description = "Wiki backups";
     11 
     12     environment = {
     13       AWS_ACCESS_KEY_ID = extra.private.aws_access_key;
     14       AWS_SECRET_ACCESS_KEY = extra.private.aws_secret_key;
     15     };
     16 
     17     unitConfig.OnFailure = "notify-failed@%n.service";
     18     startAt = "Sat *-*-* 02:57:00";
     19     serviceConfig.ExecStart = extra.util.writeBash "wiki-backup" ''
     20       set -euo pipefail
     21 
     22       filename="Monstercat-wiki-$(date +%F-%H%M%z).tar.xz.gpg"
     23 
     24       ${pkgs.gnupg}/bin/gpg2 --import ${pubkey} || echo "already have key!"
     25 
     26       ${pkgs.gnutar}/bin/tar -cf - /var/lib/gitit  \
     27          | ${pkgs.pxz}/bin/pxz -T24 \
     28          | ${pkgs.gnupg}/bin/gpg2 \
     29               -e \
     30               --compress-level 0 \
     31               --yes \
     32               --no-tty \
     33               --output - \
     34               -r 0x6D3E2004415AF4A3 \
     35          | ${pkgs.awscli}/bin/aws s3 \
     36               cp - \
     37               "s3://data.monstercat.com/backups/wiki/$filename"
     38 
     39     '';
     40   };
     41 
     42 }