From 7448d3431fcfc05f9b7991e337b02083300a99db Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 1 Nov 2022 22:43:25 +0100 Subject: ... --- modules/borgsnap/default.nix | 106 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 modules/borgsnap/default.nix (limited to 'modules/borgsnap/default.nix') diff --git a/modules/borgsnap/default.nix b/modules/borgsnap/default.nix new file mode 100644 index 00000000..f4c0eec4 --- /dev/null +++ b/modules/borgsnap/default.nix @@ -0,0 +1,106 @@ +{ config, pkgs, lib, flakeInputs, hostName, ... }: + +with lib; + +let + borgsnap = flakeInputs.mach-nix.lib.${config.nixpkgs.system}.buildPythonPackage rec { + pname = "borgsnap"; + src = ./borgsnap; + version = "0.0.0"; + ignoreDataOutdated = true; + + requirements = '' + atomicwrites + pyprctl + python-unshare + python-dateutil + ''; + postInstall = '' + wrapProgram $out/bin/borgsnap \ + --prefix PATH : ${makeBinPath (with pkgs; [config.boot.zfs.package util-linux borgbackup])}:${config.security.wrapperDir} + ''; + + providers.python-unshare = "nixpkgs"; + overridesPre = [ + (self: super: { python-unshare = super.python-unshare.overrideAttrs (oldAttrs: { name = "python-unshare-0.2.1"; version = "0.2.1"; }); }) + ]; + + _.tomli.buildInputs.add = with pkgs."python3Packages"; [ flit-core ]; + }; + + cfg = config.services.borgsnap; +in { + options = { + services.borgsnap = { + enable = mkEnableOption "borgsnap service"; + + target = mkOption { + type = types.str; + }; + + archive-prefix = mkOption { + type = types.str; + default = "yggdrasil.${hostName}."; + }; + + extraConfig = mkOption { + type = with types; attrsOf str; + default = { + halfweekly = "8"; + monthly = "-1"; + }; + }; + + verbosity = mkOption { + type = types.int; + default = config.services.zfssnap.verbosity; + }; + + sshConfig = mkOption { + type = with types; nullOr str; + default = null; + }; + + keyfile = mkOption { + type = with types; nullOr str; + default = null; + }; + + extraCreateArgs = mkOption { + type = with types; listOf str; + default = []; + }; + extraCheckArgs = mkOption { + type = with types; listOf str; + default = []; + }; + }; + }; + + config = mkIf cfg.enable { + warnings = mkIf (!config.services.zfssnap.enable) [ + "borgsnap will do nothing if zfssnap is not enabled" + ]; + + services.zfssnap.config.exec = { + check = "${borgsnap}/bin/borgsnap --verbosity=${toString cfg.verbosity} --target ${escapeShellArg cfg.target} --archive-prefix ${escapeShellArg cfg.archive-prefix} check --cache-file /run/zfssnap-prune/archives-cache.json ${escapeShellArgs cfg.extraCheckArgs}"; + cmd = "${borgsnap}/bin/borgsnap --verbosity=${toString cfg.verbosity} --target ${escapeShellArg cfg.target} --archive-prefix ${escapeShellArg cfg.archive-prefix} create ${escapeShellArgs cfg.extraCreateArgs}"; + } // cfg.extraConfig; + + systemd.services."zfssnap-prune" = { + serviceConfig = { + Environment = [ + "BORG_BASE_DIR=/var/lib/borg" + "BORG_CONFIG_DIR=/var/lib/borg/config" + "BORG_CACHE_DIR=/var/lib/borg/cache" + "BORG_SECURITY_DIR=/var/lib/borg/security" + "BORG_KEYS_DIR=/var/lib/borg/keys" + "BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes" + "BORG_HOSTNAME_IS_UNIQUE=yes" + ] ++ optional (!(isNull cfg.sshConfig)) "BORG_RSH=\"${pkgs.openssh}/bin/ssh -F ${pkgs.writeText "config" cfg.sshConfig}\"" + ++ optional (!(isNull cfg.keyfile)) "BORG_KEY_FILE=${cfg.keyfile}"; + RuntimeDirectory = "zfssnap-prune"; + }; + }; + }; +} -- cgit v1.2.3