Backups for local systems#

Backups are performed using borgbackup

The warehouse is located on voile

NixOS#

A nixos module exists under modules/nixos/borg.

Darwin#

The darwin module was custom built and is under modules/darwin/borg.

Adding a host#

  1. In this repo, run just borg-generate-secrets <hostname>
  2. This will create a repo key and passphrase in secrets.yaml via sops
  3. Commit and push the secrets
  4. Run just sops-update-hosts to re-encrypt for all keys
  5. Add the host to borgwarehouse
  6. Configure the host
...
tsunaminoai.borg = {
  enable = true;
  repo = "8a95a28d";
};
...
  1. Deploy

Schedule#

Backups are scheduled to run at 3am EST daily. Cronjobs for status and storage usage are configured in uptime kuma to alert if the backup fails or if the storage is getting low.

Restoring from Backup#

See Restoring a Host from Backup for the full procedure, including how to handle sops key rotation after a machine wipe.

Backups for MS365#

Backups for all of the sc2.in domain are performed daily by the Active Backup MS365 package running on voile.

The portal for backups is located at Active Backup for Microsoft 365 Portal

Backup Schedule