From 7448d3431fcfc05f9b7991e337b02083300a99db Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 1 Nov 2022 22:43:25 +0100 Subject: ... --- hosts/vidhar/borg/default.nix | 61 +++++++------------------------------------ 1 file changed, 9 insertions(+), 52 deletions(-) (limited to 'hosts/vidhar/borg/default.nix') diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix index fe62c956..8d0b46ef 100644 --- a/hosts/vidhar/borg/default.nix +++ b/hosts/vidhar/borg/default.nix @@ -3,7 +3,7 @@ with lib; let - sshConfig = pkgs.writeText "config" '' + sshConfig = '' Include /etc/ssh/ssh_config ControlMaster auto @@ -33,7 +33,7 @@ let # StateDirectory = "borg"; RuntimeDirectory = "copy-borg"; Environment = [ - "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${sshConfig}\"" + "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${pkgs.writeText "config" sshConfig}\"" "BORG_BASE_DIR=/var/lib/borg" "BORG_CONFIG_DIR=/var/lib/borg/config" "BORG_CACHE_DIR=/var/lib/borg/cache" @@ -74,63 +74,20 @@ let copy wrapProgram $out/bin/copy \ - --prefix PATH : ${makeBinPath (with pkgs; [config.boot.zfs.package util-linux borgbackup])}:${config.security.wrapperDir} - ''; - }); - - borgsnap = flakeInputs.mach-nix.lib.${config.nixpkgs.system}.buildPythonPackage rec { - pname = "borgsnap"; - src = ./borgsnap; - version = "0.0.0"; - ignoreDataOutdated = true; - - requirements = '' - atomicwrites - pyprctl - python-unshare - python-dateutil - ''; - postInstall = '' - wrapProgram $out/bin/borgsnap \ --prefix PATH : ${makeBinPath (with pkgs; [util-linux borgbackup])}:${config.security.wrapperDir} ''; - - providers.python-unshare = "nixpkgs"; - overridesPre = [ - (self: super: { python-unshare = super.python-unshare.overrideAttrs (oldAttrs: { name = "python-unshare-0.2.1"; version = "0.2.1"; }); }) - ]; - - _.tomli.buildInputs.add = with pkgs."python3Packages"; [ flit-core ]; - }; + }); in { config = { - services.zfssnap.config.exec = { - check = "${borgsnap}/bin/borgsnap -vv --target yggdrasil.borgbase:repo --archive-prefix yggdrasil.vidhar. check --cache-file /run/zfssnap-prune/archives-cache.json"; - cmd = "${borgsnap}/bin/borgsnap -vv --target yggdrasil.borgbase:repo --archive-prefix yggdrasil.vidhar. create"; + services.borgsnap = { + enable = true; - halfweekly = "8"; - monthly = "-1"; + target = "yggdrasil.borgbase:repo"; + inherit sshConfig; + keyfile = config.sops.secrets."yggdrasil.borgkey".path; }; - systemd.services = { - "zfssnap-prune" = { - serviceConfig = { - Environment = [ - "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${sshConfig}\"" - "BORG_BASE_DIR=/var/lib/borg" - "BORG_CONFIG_DIR=/var/lib/borg/config" - "BORG_CACHE_DIR=/var/lib/borg/cache" - "BORG_SECURITY_DIR=/var/lib/borg/security" - "BORG_KEYS_DIR=/var/lib/borg/keys" - "BORG_KEY_FILE=${config.sops.secrets."yggdrasil.borgkey".path}" - "BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes" - "BORG_HOSTNAME_IS_UNIQUE=yes" - ]; - RuntimeDirectory = "zfssnap-prune"; - }; - }; - } // listToAttrs (map copyService [{ repo = "/srv/backup/borg/jotnar"; repoEscaped = "srv-backup-borg-jotnar"; }]); - + systemd.services = listToAttrs (map copyService [{ repo = "/srv/backup/borg/jotnar"; repoEscaped = "srv-backup-borg-jotnar"; }]); services.borgbackup.repos.jotnar = { path = "/srv/backup/borg/jotnar"; -- cgit v1.2.3