3 files changed, 69 insertions, 4 deletions

diff --git a/hosts/surtr/postgresql/default.nix b/hosts/surtr/postgresql/default.nix
index 8c373f49..dc6c531d 100644
--- a/hosts/surtr/postgresql/default.nix
+++ b/hosts/surtr/postgresql/default.nix
@@ -31,6 +31,8 @@ in {
           repo2-retention-archive = 7;
         };
 
+        archive.archive-timout = 3600;
+
         "global" = {
           compress-type = "zst";
           compress-level = 9;
diff --git a/modules/envfs.nix b/modules/envfs.nix
index 6aa12c1c..1463dce8 100644
--- a/modules/envfs.nix
+++ b/modules/envfs.nix
@@ -1,4 +1,67 @@
-{ lib, ... }:
-{
-  config.services.envfs.enable = lib.mkDefault true;
+{ pkgs, config, lib, ... }:
+
+let
+  cfg = config.services.envfs;
+  mounts = {
+    "/usr/bin" = {
+      device = "none";
+      fsType = "envfs";
+      options = [
+        "fallback-path=${pkgs.symlinkJoin {
+          name = "fallback-path";
+          inherit (cfg) paths;
+        }}"
+      ];
+    };
+    "/bin" = {
+      device = "/usr/bin";
+      fsType = "none";
+      options = [ "bind" "nofail" ];
+    };
+  };
+in {
+  disabledModules = [ "tasks/filesystems/envfs.nix" ];
+
+  options = {
+    services.envfs = {
+      enable = lib.mkEnableOption (lib.mdDoc "Envfs filesystem") // {
+        default = true;
+        description = lib.mdDoc ''
+          Fuse filesystem that returns symlinks to executables based on the PATH
+          of the requesting process. This is useful to execute shebangs on NixOS
+          that assume hard coded locations in locations like /bin or /usr/bin
+          etc.
+        '';
+      };
+
+      package = lib.mkOption {
+        type = lib.types.package;
+        default = pkgs.envfs;
+        defaultText = lib.literalExpression "pkgs.envfs";
+        description = lib.mdDoc "Which package to use for the envfs.";
+      };
+
+      paths = lib.mkOption {
+        type = lib.types.listOf lib.types.package;
+        default = [
+          (pkgs.runCommand "fallback-path-environment" {} ''
+            mkdir -p $out
+            ln -s ${config.environment.usrbinenv} $out/env
+            ln -s ${config.environment.binsh} $out/sh
+          '')
+        ];
+        description = lib.mdDoc "Extra packages to join into collection of fallback executables in case not other executable is found";
+      };
+    };
+  };
+
+  config = lib.mkIf (cfg.enable) {
+    environment.systemPackages = [ cfg.package ];
+    # we also want these mounts in virtual machines.
+    fileSystems = if config.virtualisation ? qemu then lib.mkVMOverride mounts else mounts;
+
+    # We no longer need those when using envfs
+    system.activationScripts.usrbinenv = lib.mkForce "";
+    system.activationScripts.binsh = lib.mkForce "";
+  };
 }
diff --git a/modules/pgbackrest.nix b/modules/pgbackrest.nix
index d4a4f9d6..41a7b381 100644
--- a/modules/pgbackrest.nix
+++ b/modules/pgbackrest.nix
@@ -143,7 +143,7 @@ in {
     environment.systemPackages = [ cfg.package ];
 
     services.postgresql.settings = mkIf cfg.configurePostgresql.enable {
-      archive_command = "pgbackrest --stanza ${cfg.configurePostgresql.stanza} archive-push %p";
+      archive_command = "pgbackrest --stanza ${escapeSystemdExecArg cfg.configurePostgresql.stanza} archive-push %p";
       archive_mode = true;
       max_wal_senders = mkDefault 3;
       wal_level = "replica";