From 0443c2185eba84edad58a41cda38ac4cb80f05f2 Mon Sep 17 00:00:00 2001 From: Infinidoge Date: Sun, 28 Apr 2024 01:25:26 -0400 Subject: [PATCH] modules/backup: refactor to be more configurable --- modules/modules/backup.nix | 121 +++++++++++++++++++++++-------------- 1 file changed, 77 insertions(+), 44 deletions(-) diff --git a/modules/modules/backup.nix b/modules/modules/backup.nix index 2cfa470..df8f960 100644 --- a/modules/modules/backup.nix +++ b/modules/modules/backup.nix @@ -5,30 +5,21 @@ with lib; with lib.our; let - excludes = { - "/home/infinidoge" = [ - ".cache" - "*/cache2" - "*/Cache" - ]; - }; - append = root: path: (root + "/" + path); excludes' = concatLists (mapAttrsToList (root: map (append root)) - excludes + cfg.excludes ); - commonArgs = { environment = { BORG_RSH = "ssh -i ${config.secrets.borg-ssh-key}"; BORG_REMOTE_PATH = "/usr/local/bin/borg1/borg1"; BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes"; }; - extraCreateArgs = "--verbose --stats --checkpoint-interval 600"; + extraCreateArgs = "--verbose --stats --checkpoint-interval 300"; compression = "auto,zstd,3"; doInit = true; persistentTimer = true; @@ -37,37 +28,6 @@ let mode = "repokey-blake2"; passCommand = "cat ${config.secrets.borg-password}"; }; - }; - - repo = "rsync.net:backups/hosts"; - - backupTimes = { - "Infini-FRAMEWORK" = "00:00"; - "Infini-OPTIPLEX" = "01:00"; - "Infini-SERVER" = "02:00"; - "Infini-DESKTOP" = "03:00"; - "Infini-SD" = "04:00"; - - }; -in -{ - users.groups."borg" = { }; - - environment.systemPackages = with pkgs; [ - borgbackup - ]; - - environment.variables = { - inherit (commonArgs.environment) BORG_RSH BORG_REMOTE_PATH; - BORG_REPO = repo; - BORG_PASSCOMMAND = commonArgs.encryption.passCommand; - }; - - services.borgbackup.jobs."persist" = commonArgs // rec { - paths = "/persist"; - inherit repo; - exclude = map (append paths) excludes'; - startAt = "*-*-* ${backupTimes.${config.networking.hostName}}"; prune.keep = { within = "1d"; # Keep all archives from the last day daily = 7; @@ -76,7 +36,80 @@ in }; }; - systemd.timers."borgbackup-job-persist" = { - requires = [ "network-online.target" ]; + mkJob = paths: commonArgs // { + inherit paths; + inherit (cfg) repo; + exclude = cfg.extraExcludes ++ (map (append paths) excludes'); + startAt = "*-*-* ${cfg.backupTimes.${config.networking.hostName}}"; }; + + cfg = config.modules.backups; +in +{ + options.modules.backups = with types; { + enable = mkBoolOpt true; + userEnvironment = mkBoolOpt true; + repo = mkOpt str "rsync.net:backups/hosts"; + excludes = mkOpt (attrsOf (listOf str)) {}; + extraExcludes = mkOpt (listOf str) [ ]; + backupTimes = mkOpt (attrsOf str) { }; + jobs = mkOpt (attrsOf str) { }; + }; + + config = mkMerge [ + { + modules.backups.excludes = { + "/home/infinidoge" = [ + ".cache" + "*/cache2" + "*/Cache" + ".local/share/Steam" + ]; + }; + + modules.backups.backupTimes = { + "Infini-FRAMEWORK" = "00:00"; + "Infini-OPTIPLEX" = "01:00"; + "Infini-SERVER" = "02:00"; + "Infini-DESKTOP" = "03:00"; + "Infini-SD" = "04:00"; + }; + + modules.backups.jobs = { + "persist" = "/persist"; + }; + + common.backups = { + inherit commonArgs; + }; + + # For allowing user access to borg password + # See secrets/default.nix + users.groups."borg" = { }; + } + (mkIf cfg.userEnvironment { + environment.systemPackages = with pkgs; [ + borgbackup + ]; + + environment.variables = { + inherit (commonArgs.environment) BORG_RSH BORG_REMOTE_PATH; + BORG_REPO = cfg.repo; + BORG_PASSCOMMAND = commonArgs.encryption.passCommand; + }; + }) + (mkIf cfg.enable { + services.borgbackup.jobs = mapAttrs (_: mkJob) cfg.jobs; + + systemd.timers = lib.mapAttrs' + (n: _: lib.nameValuePair "borgbackup-job-${n}" { + requires = [ "network-online.target" ]; + }) + cfg.jobs; + + persist.directories = [ + "/root/.cache/borg" + ]; + }) + ]; }