From 5299bd93a0240580bc1aec377436c44273f144e5 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 18 Dec 2018 23:24:00 +0100 Subject: ma bgt/backup.nix: init --- makefu/2configs/bgt/backup.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 makefu/2configs/bgt/backup.nix (limited to 'makefu/2configs/bgt') diff --git a/makefu/2configs/bgt/backup.nix b/makefu/2configs/bgt/backup.nix new file mode 100644 index 000000000..3b9baadef --- /dev/null +++ b/makefu/2configs/bgt/backup.nix @@ -0,0 +1,20 @@ +{ + # Manual steps: + # 1. ssh-copy-id root ssh-key to the remotes you want to back up + # 2. run `rsnapshot hourly` manually as root to check if everything works + services.rsnapshot = { + enable = true; + cronIntervals = { + daily = "50 21 * * *"; + hourly = "0 */4 * * *"; + }; + extraConfig = '' +retain hourly 5 +retain daily 365 +snapshot_root /var/backup +backup root@binaergewitter.jit.computer:/opt/isso jit +backup root@binaergewitter.jit.computer:/etc/systemd/system/isso.service jit +backup root@binaergewitter.jit.computer:/etc/nginx/conf.d/isso.conf jit + ''; + }; +} -- cgit v1.2.3 From 05916b9a2273554ffe74b8d02d737de987841bd1 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 31 Dec 2018 10:17:15 +0100 Subject: ma download.binaergewitter.de: logrotate nginx logs like a babarian --- makefu/2configs/bgt/download.binaergewitter.de.nix | 30 ++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) (limited to 'makefu/2configs/bgt') diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix index 6d64848f5..f223081e9 100644 --- a/makefu/2configs/bgt/download.binaergewitter.de.nix +++ b/makefu/2configs/bgt/download.binaergewitter.de.nix @@ -3,6 +3,8 @@ with import ; let ident = (builtins.readFile ./auphonic.pub); + bgtaccess = "/var/spool/nginx/logs/binaergewitter.access.log"; + bgterror = "/var/spool/nginx/logs/binaergewitter.error.log"; in { services.openssh = { allowSFTP = true; @@ -21,6 +23,19 @@ in { useDefaultShell = true; openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ]; }; + services.logrotate = { + enable = true; + config = '' + ${bgtaccess} ${bgterror} { + rotate 5 + weekly + create 600 nginx nginx + postrotate + ${pkgs.systemd}/bin/systemctl reload nginx + endscript + } + ''; + }; services.nginx = { enable = lib.mkDefault true; recommendedGzipSettings = true; @@ -29,10 +44,21 @@ in { serverAliases = [ "dl2.binaergewitter.de" ]; root = "/var/www/binaergewitter"; extraConfig = '' - access_log /var/spool/nginx/logs/binaergewitter.access.log combined; - error_log /var/spool/nginx/logs/binaergewitter.error.log error; + access_log ${bgtaccess} combined; + error_log ${bgterror} error; autoindex on; ''; }; }; + environment.etc."netdata/python.d/web_log.conf".text = '' + nginx_log3: + name: 'nginx' + path: '/var/spool/nginx/logs/access.log' + nginx_log4: + name: 'bgt' + path: '${bgtaccess}' + ''; + + users.users.netdata.extraGroups = [ "nginx" ]; + } -- cgit v1.2.3