1 files changed, 120 insertions, 0 deletions

diff --git a/modules/borgcopy/default.nix b/modules/borgcopy/default.nix
new file mode 100644
index 00000000..eae07dc8
--- /dev/null
+++ b/modules/borgcopy/default.nix
@@ -0,0 +1,120 @@
+{ config, pkgs, lib, utils, flakeInputs, ... }:
+
+with lib;
+
+let
+  copyBorg = flakeInputs.mach-nix.lib.${config.nixpkgs.system}.buildPythonPackage rec {
+    pname = "copy-borg";
+    src = ./copy;
+    version = "0.0.0";
+    ignoreDataOutdated = true;
+
+    requirements = ''
+      humanize
+      tqdm
+      python-dateutil
+      xdg
+      python-unshare
+      pyprctl
+      halo
+    '';
+    postInstall = ''
+      wrapProgram $out/bin/copy_borg \
+        --prefix PATH : ${makeBinPath (with pkgs; [util-linux borgbackup])}:${config.security.wrapperDir}
+    '';
+
+    providers.python-unshare = "nixpkgs";
+    overridesPre = [
+      (self: super: { python-unshare = super.python-unshare.overrideAttrs (oldAttrs: { name = "python-unshare-0.2.1"; version = "0.2.1"; }); })
+    ];
+
+    # _.tomli.buildInputs.add = with pkgs."python3Packages"; [ flit-core ];
+  };
+
+  copyService = name: opts: nameValuePair "copy-borg@${utils.escapeSystemdPath name}" {
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${copyBorg}/bin/copy_borg --verbosity ${toString opts.verbosity} ${utils.escapeSystemdExecArgs [opts.from opts.to]}";
+      TimeoutStartSec = "8h";
+      # User = "borg";
+      # Group = "borg";
+      # StateDirectory = "borg";
+      RuntimeDirectory = "copy-borg";
+      Environment = [
+        "BORG_BASE_DIR=/var/lib/borg"
+        "BORG_CONFIG_DIR=/var/lib/borg/config"
+        "BORG_CACHE_DIR=/var/lib/borg/cache"
+        "BORG_SECURITY_DIR=/var/lib/borg/security"
+        "BORG_KEYS_DIR=/var/lib/borg/keys"
+      ]
+      ++ optional opts.unknownUnencryptedRepoAccessOk "BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes"
+      ++ optional opts.hostnameIsUnique "BORG_HOSTNAME_IS_UNIQUE=yes"
+      ++ optional (!(isNull opts.sshConfig)) "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${pkgs.writeText "config" opts.sshConfig}\""
+      ++ optional (!(isNull opts.keyfile)) "BORG_KEY_FILE=${opts.keyfile}";
+
+      LogRateLimitIntervalSec = 0;
+    };
+  };
+  copyTimer = name: opts: nameValuePair "copy-borg@${utils.escapeSystemdPath name}" (recursiveUpdate {
+    wantedBy = [ "timers.target" ];
+
+    timerConfig = {
+      Unit = "copy-borg@${utils.escapeSystemdPath name}.service";
+    };
+  } opts.timerOptions);
+
+  cfg = config.services.copyborg;
+in {
+  options = {
+    services.copyborg = mkOption {
+      type = types.attrsOf (types.submodule {
+        options = {
+          from = mkOption {
+            type = types.str;
+          };
+          to = mkOption {
+            type = types.str;
+          };
+
+          verbosity = mkOption {
+            type = types.int;
+            default = 3;
+          };
+
+          sshConfig = mkOption {
+            type = with types; nullOr str;
+            default = null;
+          };
+
+          keyfile = mkOption {
+            type = with types; nullOr str;
+            default = null;
+          };
+
+          unknownUnencryptedRepoAccessOk = mkOption {
+            type = types.bool;
+            default = false;
+          };
+          hostnameIsUnique = mkOption {
+            type = types.bool;
+            default = true;
+          };
+
+          timerOptions = mkOption {
+            # type = types.submodule utils.systemdUtils.unitOptions.stage2TimerOptions;
+            type = types.attrs;
+            default = {
+              wantedBy = ["timers.target"];
+            };
+          };
+        };
+      });
+      default = {};
+    };
+  };
+
+  config = {
+    systemd.services = mapAttrs' copyService cfg;
+    systemd.timers = mapAttrs' copyTimer cfg;
+  };
+}