summaryrefslogtreecommitdiff
path: root/hosts/vidhar/borg/default.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-11-01 22:43:25 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-11-01 22:43:25 +0100
commit7448d3431fcfc05f9b7991e337b02083300a99db (patch)
tree0664ebc0f666ef404881ac7287198ff44c0ba9e0 /hosts/vidhar/borg/default.nix
parent234eab10a84e7ffb8bbc32f5e2f94495d3c9aedd (diff)
downloadnixos-7448d3431fcfc05f9b7991e337b02083300a99db.tar
nixos-7448d3431fcfc05f9b7991e337b02083300a99db.tar.gz
nixos-7448d3431fcfc05f9b7991e337b02083300a99db.tar.bz2
nixos-7448d3431fcfc05f9b7991e337b02083300a99db.tar.xz
nixos-7448d3431fcfc05f9b7991e337b02083300a99db.zip
...
Diffstat (limited to 'hosts/vidhar/borg/default.nix')
-rw-r--r--hosts/vidhar/borg/default.nix61
1 files changed, 9 insertions, 52 deletions
diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix
index fe62c956..8d0b46ef 100644
--- a/hosts/vidhar/borg/default.nix
+++ b/hosts/vidhar/borg/default.nix
@@ -3,7 +3,7 @@
3with lib; 3with lib;
4 4
5let 5let
6 sshConfig = pkgs.writeText "config" '' 6 sshConfig = ''
7 Include /etc/ssh/ssh_config 7 Include /etc/ssh/ssh_config
8 8
9 ControlMaster auto 9 ControlMaster auto
@@ -33,7 +33,7 @@ let
33 # StateDirectory = "borg"; 33 # StateDirectory = "borg";
34 RuntimeDirectory = "copy-borg"; 34 RuntimeDirectory = "copy-borg";
35 Environment = [ 35 Environment = [
36 "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${sshConfig}\"" 36 "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${pkgs.writeText "config" sshConfig}\""
37 "BORG_BASE_DIR=/var/lib/borg" 37 "BORG_BASE_DIR=/var/lib/borg"
38 "BORG_CONFIG_DIR=/var/lib/borg/config" 38 "BORG_CONFIG_DIR=/var/lib/borg/config"
39 "BORG_CACHE_DIR=/var/lib/borg/cache" 39 "BORG_CACHE_DIR=/var/lib/borg/cache"
@@ -74,63 +74,20 @@ let
74 copy 74 copy
75 75
76 wrapProgram $out/bin/copy \ 76 wrapProgram $out/bin/copy \
77 --prefix PATH : ${makeBinPath (with pkgs; [config.boot.zfs.package util-linux borgbackup])}:${config.security.wrapperDir}
78 '';
79 });
80
81 borgsnap = flakeInputs.mach-nix.lib.${config.nixpkgs.system}.buildPythonPackage rec {
82 pname = "borgsnap";
83 src = ./borgsnap;
84 version = "0.0.0";
85 ignoreDataOutdated = true;
86
87 requirements = ''
88 atomicwrites
89 pyprctl
90 python-unshare
91 python-dateutil
92 '';
93 postInstall = ''
94 wrapProgram $out/bin/borgsnap \
95 --prefix PATH : ${makeBinPath (with pkgs; [util-linux borgbackup])}:${config.security.wrapperDir} 77 --prefix PATH : ${makeBinPath (with pkgs; [util-linux borgbackup])}:${config.security.wrapperDir}
96 ''; 78 '';
97 79 });
98 providers.python-unshare = "nixpkgs";
99 overridesPre = [
100 (self: super: { python-unshare = super.python-unshare.overrideAttrs (oldAttrs: { name = "python-unshare-0.2.1"; version = "0.2.1"; }); })
101 ];
102
103 _.tomli.buildInputs.add = with pkgs."python3Packages"; [ flit-core ];
104 };
105in { 80in {
106 config = { 81 config = {
107 services.zfssnap.config.exec = { 82 services.borgsnap = {
108 check = "${borgsnap}/bin/borgsnap -vv --target yggdrasil.borgbase:repo --archive-prefix yggdrasil.vidhar. check --cache-file /run/zfssnap-prune/archives-cache.json"; 83 enable = true;
109 cmd = "${borgsnap}/bin/borgsnap -vv --target yggdrasil.borgbase:repo --archive-prefix yggdrasil.vidhar. create";
110 84
111 halfweekly = "8"; 85 target = "yggdrasil.borgbase:repo";
112 monthly = "-1"; 86 inherit sshConfig;
87 keyfile = config.sops.secrets."yggdrasil.borgkey".path;
113 }; 88 };
114 89
115 systemd.services = { 90 systemd.services = listToAttrs (map copyService [{ repo = "/srv/backup/borg/jotnar"; repoEscaped = "srv-backup-borg-jotnar"; }]);
116 "zfssnap-prune" = {
117 serviceConfig = {
118 Environment = [
119 "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${sshConfig}\""
120 "BORG_BASE_DIR=/var/lib/borg"
121 "BORG_CONFIG_DIR=/var/lib/borg/config"
122 "BORG_CACHE_DIR=/var/lib/borg/cache"
123 "BORG_SECURITY_DIR=/var/lib/borg/security"
124 "BORG_KEYS_DIR=/var/lib/borg/keys"
125 "BORG_KEY_FILE=${config.sops.secrets."yggdrasil.borgkey".path}"
126 "BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes"
127 "BORG_HOSTNAME_IS_UNIQUE=yes"
128 ];
129 RuntimeDirectory = "zfssnap-prune";
130 };
131 };
132 } // listToAttrs (map copyService [{ repo = "/srv/backup/borg/jotnar"; repoEscaped = "srv-backup-borg-jotnar"; }]);
133
134 91
135 services.borgbackup.repos.jotnar = { 92 services.borgbackup.repos.jotnar = {
136 path = "/srv/backup/borg/jotnar"; 93 path = "/srv/backup/borg/jotnar";