Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

modules/backup: refactor to be more configurable

Browse source
This commit is contained in:
Infinidoge 2024-04-28 01:25:26 -04:00
parent ef62ad0339
commit 0443c2185e
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
1 changed files with 77 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

121
modules/modules/backup.nix
View file

@ -5,30 +5,21 @@
with lib;
with lib.our;
let
excludes = {
"/home/infinidoge" = [
".cache"
"*/cache2"
"*/Cache"
];
};
append = root: path: (root + "/" + path);
excludes' = concatLists
(mapAttrsToList
(root: map (append root))
excludes
cfg.excludes
);
commonArgs = {
environment = {
BORG_RSH = "ssh -i ${config.secrets.borg-ssh-key}";
BORG_REMOTE_PATH = "/usr/local/bin/borg1/borg1";
BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes";
};
extraCreateArgs = "--verbose --stats --checkpoint-interval 600";
extraCreateArgs = "--verbose --stats --checkpoint-interval 300";
compression = "auto,zstd,3";
doInit = true;
persistentTimer = true;
@ -37,37 +28,6 @@ let
mode = "repokey-blake2";
passCommand = "cat ${config.secrets.borg-password}";
};
};
repo = "rsync.net:backups/hosts";
backupTimes = {
"Infini-FRAMEWORK" = "00:00";
"Infini-OPTIPLEX" = "01:00";
"Infini-SERVER" = "02:00";
"Infini-DESKTOP" = "03:00";
"Infini-SD" = "04:00";
};
in
{
users.groups."borg" = { };
environment.systemPackages = with pkgs; [
borgbackup
];
environment.variables = {
inherit (commonArgs.environment) BORG_RSH BORG_REMOTE_PATH;
BORG_REPO = repo;
BORG_PASSCOMMAND = commonArgs.encryption.passCommand;
};
services.borgbackup.jobs."persist" = commonArgs // rec {
paths = "/persist";
inherit repo;
exclude = map (append paths) excludes';
startAt = "*-*-* ${backupTimes.${config.networking.hostName}}";
prune.keep = {
within = "1d"; # Keep all archives from the last day
daily = 7;
@ -76,7 +36,80 @@ in
};
};
systemd.timers."borgbackup-job-persist" = {
requires = [ "network-online.target" ];
mkJob = paths: commonArgs // {
inherit paths;
inherit (cfg) repo;
exclude = cfg.extraExcludes ++ (map (append paths) excludes');
startAt = "*-*-* ${cfg.backupTimes.${config.networking.hostName}}";
};
cfg = config.modules.backups;
in
{
options.modules.backups = with types; {
enable = mkBoolOpt true;
userEnvironment = mkBoolOpt true;
repo = mkOpt str "rsync.net:backups/hosts";
excludes = mkOpt (attrsOf (listOf str)) {};
extraExcludes = mkOpt (listOf str) [ ];
backupTimes = mkOpt (attrsOf str) { };
jobs = mkOpt (attrsOf str) { };
};
config = mkMerge [
{
modules.backups.excludes = {
"/home/infinidoge" = [
".cache"
"*/cache2"
"*/Cache"
".local/share/Steam"
];
};
modules.backups.backupTimes = {
"Infini-FRAMEWORK" = "00:00";
"Infini-OPTIPLEX" = "01:00";
"Infini-SERVER" = "02:00";
"Infini-DESKTOP" = "03:00";
"Infini-SD" = "04:00";
};
modules.backups.jobs = {
"persist" = "/persist";
};
common.backups = {
inherit commonArgs;
};
# For allowing user access to borg password
# See secrets/default.nix
users.groups."borg" = { };
}
(mkIf cfg.userEnvironment {
environment.systemPackages = with pkgs; [
borgbackup
];
environment.variables = {
inherit (commonArgs.environment) BORG_RSH BORG_REMOTE_PATH;
BORG_REPO = cfg.repo;
BORG_PASSCOMMAND = commonArgs.encryption.passCommand;
};
})
(mkIf cfg.enable {
services.borgbackup.jobs = mapAttrs (_: mkJob) cfg.jobs;
systemd.timers = lib.mapAttrs'
(n: _: lib.nameValuePair "borgbackup-job-${n}" {
requires = [ "network-online.target" ];
})
cfg.jobs;
persist.directories = [
"/root/.cache/borg"
];
})
];
}