nx2site-backup

home-modules/nx2site-backup.nix

@@ -0,0 +1,67 @@
+{ pkgs, ... }:
+{
+  home.packages = [
+    (pkgs.writeShellApplication {
+      name = "nx_backup";
+      runtimeInputs = [ ];
+      text = let
+        web-root = "/var/nginx/webroot";
+        gitea-backup = "/var/backup/gitea";
+        postgres-backup = "/var/backup/postgresql";
+      in /* bash */ ''
+        DIRECTORIES=(
+          "${web-root}"
+          "${gitea-backup}"
+          "${postgres-backup}"
+        )
+
+        NOW=$(date +%Y_%m_%d-%H_%M)
+        TEMP_BAK_DIR=$(mktemp -d)
+        TEMP_WORKING_DIR=$(mktemp -d)
+        ZIP_NAME="nx2site-backup-''${NOW}.zip"
+        ZIP_FILE="$TEMP_WORKING_DIR/$ZIP_NAME"
+        ENCRYPTED_NAME="''${ZIP_NAME}.asc"
+        ENCRYPTED_FILE="$TEMP_WORKING_DIR/$ENCRYPTED_NAME"
+        DESTINATION="/vault/$ENCRYPTED_NAME"
+        WEBROOT="${web-root}"
+
+        echo "Fixing Permissions of Gitea dump"
+        sudo chmod -R g+r "${gitea-backup}"
+
+        echo "Fixing Permissions of Postgres dump"
+        sudo chmod -R g+r "${postgres-backup}"
+        sudo chmod g+x "${postgres-backup}"
+        echo "Fixing Ownership of Postgres dump"
+        sudo chown -R postgres:postgres "${postgres-backup}"
+
+        echo "Copying files to backup to tempoary directory $TEMP_BAK_DIR ..."
+        for DIR in "''${DIRECTORIES[@]}"; do
+            rsync -aR "$DIR" "$TEMP_BAK_DIR"
+        done
+
+        # Create the zip file
+        echo "Adding files to $ZIP_NAME ..."
+        zip -qr "$ZIP_FILE" "$TEMP_BAK_DIR"
+
+        # Encrypt the zip file using GPG
+        echo "Encryping file with gpg"
+        gpg -e -r gpg@nx2.site -o "$ENCRYPTED_FILE" "$ZIP_FILE"
+
+        echo "Moving file to Destination $DESTINATION"
+        mv "$ENCRYPTED_FILE" "$DESTINATION"
+
+        echo "Updating latest-bakup path in $WEBROOT"
+        echo "$DESTINATION" > "$WEBROOT/latest-backup"
+
+        echo "Cleaning up tempoary files and directories"
+        rm -rf "$TEMP_BAK_DIR" "$TEMP_WORKING_DIR" "$ZIP_FILE"
+
+        echo "Backup and encryption complete: $DESTINATION"
+
+        echo "Space remaining:"
+        df -h | head -n 1
+        df -h | grep -P "^/dev.+? "
+      '';
+    })
+  ];
+}

home.nix

@@ -1,4 +1,4 @@
-{ pkgs, pkgs-unstable, host, user, inputs, ... }:
+{ pkgs, pkgs-unstable, lib, host, user, inputs, ... }:
 {
   imports = [
     ./home-modules/auto-mount.nix
@@ -31,7 +31,6 @@
     ./home-modules/nh.nix
     ./home-modules/nixd.nix
     ./home-modules/nvidia.nix
-    ./home-modules/nx2site.nix
     ./home-modules/nxgs.nix
     # ./home-modules/nx-gcal-event.nix
     ./home-modules/obs.nix
@@ -62,7 +61,10 @@
     ./home-modules/yazi.nix
     ./home-modules/zathura.nix
     ./home-modules/zoxide.nix
-  ];
+  ] ++ (if (host == "NxACE") then [ 
+    ./home-modules/nx2site.nix
+    ./home-modules/nx2site-backup.nix
+  ] else []);
   home.username = user;
   home.homeDirectory = "/home/${user}";
   home.stateVersion = "24.05";