palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

working on temporary rsync script rbackup.nix

Browse source
This commit is contained in:
Ingolf Wagner 2023-05-02 21:02:16 +02:00
parent 094b98351a
commit 11b63ec89e
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
6 changed files with 134 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/machines/chungus/configuration.nix
View file

@ -30,7 +30,7 @@
#./home-display.nix
#./tdarr.nix
./rsync.nix
./rbackup.nix
];

9
nixos/machines/chungus/disko-config.nix
View file

@ -86,6 +86,7 @@ in
rootFsOptions = {
mountpoint = "none";
canmount = "off";
compression = "lz4";
};
datasets = {
"root" = {
@ -129,6 +130,14 @@ in
"com.sun:auto-snapshot:montly" = "true,keep=48";
};
};
"legacy" = {
type = "zfs_fs";
mountpoint = "/legacy";
options = {
mountpoint = "legacy";
compression = "lz4";
};
};
"borg" = {
type = "zfs_fs";
mountpoint = "/borg";

34
nixos/machines/chungus/rbackup.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, ... }:
{
sops.secrets.rsync_private_key = { };
rbackup.plans = {
nextcloud = {
sshKeyPath = config.sops.secrets.rsync_private_key.path;
src = "root@robi:/var/lib/nextcloud/";
dst = "/nextcloud";
};
taskwarrior = {
sshKeyPath = config.sops.secrets.rsync_private_key.path;
src = "root@robi:/var/lib/taskwarrior/";
dst = "/services/taskwarrior";
};
gitea = {
sshKeyPath = config.sops.secrets.rsync_private_key.path;
src = "root@robi:/var/lib/gitea/";
dst = "/services/gitea";
};
bitwarden = {
sshKeyPath = config.sops.secrets.rsync_private_key.path;
src = "root@robi:/var/lib/bitwarden_rs/";
dst = "/services/bitwarden_rs";
};
media = {
sshKeyPath = config.sops.secrets.rsync_private_key.path;
src = "root@robi:/media/syncthing/media/";
dst = "/media";
};
};
}

4
nixos/machines/chungus/rsync.nix
View file

@ -1,4 +0,0 @@
{ ... }:
{
sops.secrets.rsync_private_key = { };
}

1
nixos/modules/default.nix
View file

@ -5,6 +5,7 @@
./services/light-control.nix
./services/castget.nix
./services/rbackup.nix
./services/home-assistant.nix
./services/lektor.nix
./services/samba-share.nix

89
nixos/modules/services/rbackup.nix Normal file
View file

@ -0,0 +1,89 @@
{ config, lib, pkgs, ... }:
with lib;
let
escape = escapeShellArg;
cfg = config.rbackup;
start = name: plan:
let
login-name = "root";
identity = plan.sshKeyPath;
ssh = "ssh -i ${escape identity}";
in
pkgs.writers.writeBash "backup.${name}" ''
set -efu
rsync_src=${escape plan.src}
rsync_dst=${escape plan.dst}
echo >&2 "update snapshot current; $rsync_dst <- $rsync_src"
rsync \
--rsh=${escape ssh} \
--append -avz \
--delete \
"$rsync_src/" \
"$rsync_dst"
'';
in
{
options.rbackup = {
plans = mkOption {
default = { };
type = types.attrsOf
(types.submodule ({ config, ... }: {
options = {
sshKeyPath = mkOption {
type = types.str;
};
src = mkOption {
type = types.str;
};
dst = mkOption {
type = types.str;
};
startAt = mkOption {
default = "hourly";
type = with types; nullOr str; # TODO systemd.time(7)'s calendar event
};
timerConfig = mkOption {
type = with types; attrsOf str;
default = optionalAttrs (config.startAt != null) {
OnCalendar = config.startAt;
};
};
};
}));
};
};
config = {
systemd.services =
mapAttrs'
(name: plan: nameValuePair "rbackup.${name}" {
path = with pkgs; [
coreutils
gnused
openssh
rsync
util-linux
];
restartIfChanged = false;
serviceConfig = rec {
ExecStart = start name plan;
SyslogIdentifier = ExecStart.name;
Type = "oneshot";
};
})
cfg.plans;
systemd.timers = mapAttrs'
(name: plan: nameValuePair "rbackup.${name}" {
wantedBy = [ "timers.target" ];
timerConfig = plan.timerConfig;
})
cfg.plans;
};
}