From 11b63ec89eee228030fc031a664d22d3eb1e8db0 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Tue, 2 May 2023 21:02:16 +0200
Subject: [PATCH] working on temporary rsync script rbackup.nix

---
 nixos/machines/chungus/configuration.nix |  2 +-
 nixos/machines/chungus/disko-config.nix  |  9 +++
 nixos/machines/chungus/rbackup.nix       | 34 +++++++++
 nixos/machines/chungus/rsync.nix         |  4 --
 nixos/modules/default.nix                |  1 +
 nixos/modules/services/rbackup.nix       | 89 ++++++++++++++++++++++++
 6 files changed, 134 insertions(+), 5 deletions(-)
 create mode 100644 nixos/machines/chungus/rbackup.nix
 delete mode 100644 nixos/machines/chungus/rsync.nix
 create mode 100644 nixos/modules/services/rbackup.nix

diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix
index 5dc44ea..afc530c 100644
--- a/nixos/machines/chungus/configuration.nix
+++ b/nixos/machines/chungus/configuration.nix
@@ -30,7 +30,7 @@
     #./home-display.nix
     #./tdarr.nix
 
-    ./rsync.nix
+    ./rbackup.nix
 
   ];
 
diff --git a/nixos/machines/chungus/disko-config.nix b/nixos/machines/chungus/disko-config.nix
index 2ebd6a8..e91598f 100644
--- a/nixos/machines/chungus/disko-config.nix
+++ b/nixos/machines/chungus/disko-config.nix
@@ -86,6 +86,7 @@ in
         rootFsOptions = {
           mountpoint = "none";
           canmount = "off";
+          compression = "lz4";
         };
         datasets = {
           "root" = {
@@ -129,6 +130,14 @@ in
               "com.sun:auto-snapshot:montly" = "true,keep=48";
             };
           };
+          "legacy" = {
+            type = "zfs_fs";
+            mountpoint = "/legacy";
+            options = {
+              mountpoint = "legacy";
+              compression = "lz4";
+            };
+          };
           "borg" = {
             type = "zfs_fs";
             mountpoint = "/borg";
diff --git a/nixos/machines/chungus/rbackup.nix b/nixos/machines/chungus/rbackup.nix
new file mode 100644
index 0000000..3d5788e
--- /dev/null
+++ b/nixos/machines/chungus/rbackup.nix
@@ -0,0 +1,34 @@
+{ config, ... }:
+{
+  sops.secrets.rsync_private_key = { };
+
+  rbackup.plans = {
+    nextcloud = {
+      sshKeyPath = config.sops.secrets.rsync_private_key.path;
+      src = "root@robi:/var/lib/nextcloud/";
+      dst = "/nextcloud";
+    };
+    taskwarrior = {
+      sshKeyPath = config.sops.secrets.rsync_private_key.path;
+      src = "root@robi:/var/lib/taskwarrior/";
+      dst = "/services/taskwarrior";
+    };
+    gitea = {
+      sshKeyPath = config.sops.secrets.rsync_private_key.path;
+      src = "root@robi:/var/lib/gitea/";
+      dst = "/services/gitea";
+    };
+    bitwarden = {
+      sshKeyPath = config.sops.secrets.rsync_private_key.path;
+      src = "root@robi:/var/lib/bitwarden_rs/";
+      dst = "/services/bitwarden_rs";
+    };
+    media = {
+      sshKeyPath = config.sops.secrets.rsync_private_key.path;
+      src = "root@robi:/media/syncthing/media/";
+      dst = "/media";
+    };
+  };
+
+
+}
diff --git a/nixos/machines/chungus/rsync.nix b/nixos/machines/chungus/rsync.nix
deleted file mode 100644
index 842b04b..0000000
--- a/nixos/machines/chungus/rsync.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-{ ... }:
-{
-  sops.secrets.rsync_private_key = { };
-}
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
index cb2b192..01ba222 100644
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@@ -5,6 +5,7 @@
     ./services/light-control.nix
 
     ./services/castget.nix
+    ./services/rbackup.nix
     ./services/home-assistant.nix
     ./services/lektor.nix
     ./services/samba-share.nix
diff --git a/nixos/modules/services/rbackup.nix b/nixos/modules/services/rbackup.nix
new file mode 100644
index 0000000..ca861c1
--- /dev/null
+++ b/nixos/modules/services/rbackup.nix
@@ -0,0 +1,89 @@
+{ config, lib, pkgs, ... }:
+with lib;
+let
+  escape = escapeShellArg;
+  cfg = config.rbackup;
+
+  start = name: plan:
+    let
+      login-name = "root";
+      identity = plan.sshKeyPath;
+      ssh = "ssh -i ${escape identity}";
+    in
+    pkgs.writers.writeBash "backup.${name}" ''
+      set -efu
+      rsync_src=${escape plan.src}
+      rsync_dst=${escape plan.dst}
+      echo >&2 "update snapshot current; $rsync_dst <- $rsync_src"
+
+      rsync \
+          --rsh=${escape ssh} \
+          --append -avz \
+          --delete \
+          "$rsync_src/" \
+          "$rsync_dst"
+    '';
+
+in
+{
+  options.rbackup = {
+    plans = mkOption {
+      default = { };
+      type = types.attrsOf
+        (types.submodule ({ config, ... }: {
+          options = {
+            sshKeyPath = mkOption {
+              type = types.str;
+            };
+            src = mkOption {
+              type = types.str;
+            };
+            dst = mkOption {
+              type = types.str;
+            };
+            startAt = mkOption {
+              default = "hourly";
+              type = with types; nullOr str; # TODO systemd.time(7)'s calendar event
+            };
+            timerConfig = mkOption {
+              type = with types; attrsOf str;
+              default = optionalAttrs (config.startAt != null) {
+                OnCalendar = config.startAt;
+              };
+            };
+          };
+        }));
+    };
+  };
+
+  config = {
+
+    systemd.services =
+      mapAttrs'
+        (name: plan: nameValuePair "rbackup.${name}" {
+          path = with pkgs; [
+            coreutils
+            gnused
+            openssh
+            rsync
+            util-linux
+          ];
+          restartIfChanged = false;
+          serviceConfig = rec {
+            ExecStart = start name plan;
+            SyslogIdentifier = ExecStart.name;
+            Type = "oneshot";
+          };
+        })
+        cfg.plans;
+
+    systemd.timers = mapAttrs'
+      (name: plan: nameValuePair "rbackup.${name}" {
+        wantedBy = [ "timers.target" ];
+        timerConfig = plan.timerConfig;
+      })
+      cfg.plans;
+
+  };
+
+}