tree: 1b69fd877b2d841f7f61ed213f7f2735709cebc1 [path history] [tgz]
  1. default.nix
  2. README.md
modules/nixos/clicks/users/backups/README.md

The backups user

The backups user is not a "regular" clicks user. It's used by our backup infrastructure to SSH into the machine and create btrfs snapshots.

Here's the script we use to backup. We run it once a day via cron

#!/bin/sh

SERVER=$DOAS_USER
HOME=$(eval echo ~$SERVER)

LAST=$(ls $HOME/snapshots -1 | tail -n1)
CURRENT=$(date -u -I)

AREA=$(cat $HOME/area)

DATA=$(cat $HOME/data_dir || echo "/")
SNAPSHOTS=$(cat $HOME/snapshots_dir || echo $DATA/snapshots/)

echo "Backing up $CURRENT incrementally (comparing to $LAST)"

echo "Ensuring $SERVER.$AREA has a $SNAPSHOTS directory"
echo "  $SERVER# mkdir -p $SNAPSHOTS"
ssh backups@$SERVER.$AREA.clicks.domains -i /root/.ssh/id_$SERVER "doas mkdir -p $SNAPSHOTS"

echo "Creating a snapshot on $SERVER.$AREA"
echo "  $SERVER# btrfs subvolume snapshot -r $DATA ${SNAPSHOTS}${CURRENT}"
ssh backups@$SERVER.$AREA.clicks.domains -i /root/.ssh/id_$SERVER "doas btrfs subvolume snapshot -r $DATA ${SNAPSHOTS}${CURRENT}"

echo "Sending backup from $SERVER.$AREA and receiving it locally"
echo "  $SERVER# btrfs send -p ${SNAPSHOTS}${LAST} ${SNAPSHOTS}${CURRENT} | @# btrfs receive $HOME/snapshots"
ssh backups@$SERVER.$AREA.clicks.domains -i /root/.ssh/id_$SERVER "doas btrfs send -p ${SNAPSHOTS}${LAST} ${SNAPSHOTS}${CURRENT}" | pv | btrfs receive $HOME/snapshots

echo "Completed incremental backup"

For impermanence machines, DATA and SNAPSHOTS should be explicitly set to directories that won't get wiped. For example, teal.alpha has /persist/data as the data dir, and /persist/snapshots as the snapshots dir.

DATA must be set to the root of a BTRFS subvolume.

As someone trying to set up a Clicks server, you should contact minion@clicks.codes, who manages our backups. She will be able to help you set up backups for the server and maintain them over its lifetime.