diff options
| author | Karel Kočí <cynerd@email.cz> | 2024-10-17 15:37:56 +0200 | 
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2024-10-17 15:37:56 +0200 | 
| commit | 846e847fee79cc54b0ad5284020f46ecd79ded21 (patch) | |
| tree | 2ed8067ce13186b52d3f5ab22e0377ad079b0376 /nixos/modules | |
| parent | 0662c2dc1955b07f64f641edecfb2278e10dd3f1 (diff) | |
| download | nixos-personal-846e847fee79cc54b0ad5284020f46ecd79ded21.tar.gz nixos-personal-846e847fee79cc54b0ad5284020f46ecd79ded21.tar.bz2 nixos-personal-846e847fee79cc54b0ad5284020f46ecd79ded21.zip | |
nixos/backup: add backup configuration
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/backup.nix | 63 | ||||
| -rw-r--r-- | nixos/modules/desktop.nix | 2 | 
2 files changed, 64 insertions, 1 deletions
| diff --git a/nixos/modules/backup.nix b/nixos/modules/backup.nix new file mode 100644 index 0000000..3f5042b --- /dev/null +++ b/nixos/modules/backup.nix @@ -0,0 +1,63 @@ +{ +  config, +  lib, +  ... +}: let +  inherit (builtins) elem readFile readDir; +  inherit (lib) mkOption types mkIf hasSuffix removeSuffix hasAttr filterAttrs mapAttrs mapAttrs' nameValuePair mergeAttrsList recursiveUpdate; + +  servers = ["ridcully"]; # TODO "errol" +  clients = +    mapAttrs' (fname: _: +      nameValuePair (removeSuffix ".pub" fname) +      (readFile (config.personal-secrets + "/unencrypted/backup/${fname}"))) +    (filterAttrs (n: v: v == "regular" && hasSuffix ".pub" n) +      (readDir (config.personal-secrets + "/unencrypted/backup"))); +  edpersonal = readFile (config.personal-secrets + "/unencrypted/edpersonal.pub"); +in { +  options.cynerd = { +    borgjobs = mkOption { +      type = with types; attrsOf anything; +      description = "Job to be backed up for this "; +    }; +  }; + +  config = { +    services.borgbackup = { +      repos = mkIf (elem config.networking.hostName servers) ( +        mapAttrs (name: key: { +          path = "/back/${name}"; +          authorizedKeys = [key edpersonal]; +          allowSubRepos = true; +        }) +        clients +      ); + +      jobs = mkIf (hasAttr config.networking.hostName clients) (mergeAttrsList +        (map (server: (mapAttrs' (n: v: +            nameValuePair "${server}-${n}" +            (recursiveUpdate +              (recursiveUpdate { +                  encryption.mode = "none"; +                  prune = { +                    keep = { +                      daily = 7; +                      weekly = 4; +                      monthly = -1; +                    }; +                    prefix = n; +                  }; +                } +                v) +              { +                repo = "borg@${server}:./${n}"; +                environment = { +                  BORG_RSH = "ssh -i /run/secrets/borgbackup.key"; +                }; +                archiveBaseName = null; +              })) +          config.cynerd.borgjobs)) +          servers)); +    }; +  }; +} diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix index b3746d0..3c9215a 100644 --- a/nixos/modules/desktop.nix +++ b/nixos/modules/desktop.nix @@ -70,7 +70,7 @@ in {              msmtp              notmuch              astroid -            dodo +            #dodo              taskwarrior3              vdirsyncer              khal | 
