nixpkgs/nixos/modules/services/backup/duplicity.nix

{
  config,
  lib,
  pkgs,
  ...
}:
let
  cfg = config.services.duplicity;

  stateDirectory = "/var/lib/duplicity";

  localTarget =
    if lib.hasPrefix "file://" cfg.targetUrl then lib.removePrefix "file://" cfg.targetUrl else null;

in
{
  options.services.duplicity = {
    enable = lib.mkEnableOption "backups with duplicity";

    root = lib.mkOption {
      type = lib.types.path;
      default = "/";
      description = ''
        Root directory to backup.
      '';
    };

    include = lib.mkOption {
      type = lib.types.listOf lib.types.str;
      default = [ ];
      example = [ "/home" ];
      description = ''
        List of paths to include into the backups. See the FILE SELECTION
        section in {manpage}`duplicity(1)` for details on the syntax.
      '';
    };

    exclude = lib.mkOption {
      type = lib.types.listOf lib.types.str;
      default = [ ];
      description = ''
        List of paths to exclude from backups. See the FILE SELECTION section in
        {manpage}`duplicity(1)` for details on the syntax.
      '';
    };

    includeFileList = lib.mkOption {
      type = lib.types.nullOr lib.types.path;
      default = null;
      example = /path/to/fileList.txt;
      description = ''
        File containing newline-separated list of paths to include into the
        backups. See the FILE SELECTION section in {manpage}`duplicity(1)` for
        details on the syntax.
      '';
    };

    excludeFileList = lib.mkOption {
      type = lib.types.nullOr lib.types.path;
      default = null;
      example = /path/to/fileList.txt;
      description = ''
        File containing newline-separated list of paths to exclude into the
        backups. See the FILE SELECTION section in {manpage}`duplicity(1)` for
        details on the syntax.
      '';
    };

    targetUrl = lib.mkOption {
      type = lib.types.str;
      example = "s3://host:port/prefix";
      description = ''
        Target url to backup to. See the URL FORMAT section in
        {manpage}`duplicity(1)` for supported urls.
      '';
    };

    secretFile = lib.mkOption {
      type = lib.types.nullOr lib.types.path;
      default = null;
      description = ''
        Path of a file containing secrets (gpg passphrase, access key...) in
        the format of EnvironmentFile as described by
        {manpage}`systemd.exec(5)`. For example:
        ```
        PASSPHRASE=«...»
        AWS_ACCESS_KEY_ID=«...»
        AWS_SECRET_ACCESS_KEY=«...»
        ```
      '';
    };

    frequency = lib.mkOption {
      type = lib.types.nullOr lib.types.str;
      default = "daily";
      description = ''
        Run duplicity with the given frequency (see
        {manpage}`systemd.time(7)` for the format).
        If null, do not run automatically.
      '';
    };

    extraFlags = lib.mkOption {
      type = lib.types.listOf lib.types.str;
      default = [ ];
      example = [
        "--backend-retry-delay"
        "100"
      ];
      description = ''
        Extra command-line flags passed to duplicity. See
        {manpage}`duplicity(1)`.
      '';
    };

    fullIfOlderThan = lib.mkOption {
      type = lib.types.str;
      default = "never";
      example = "1M";
      description = ''
        If `"never"` (the default) always do incremental
        backups (the first backup will be a full backup, of course).  If
        `"always"` always do full backups.  Otherwise, this
        must be a string representing a duration. Full backups will be made
        when the latest full backup is older than this duration. If this is not
        the case, an incremental backup is performed.
      '';
    };

    cleanup = {
      maxAge = lib.mkOption {
        type = lib.types.nullOr lib.types.str;
        default = null;
        example = "6M";
        description = ''
          If non-null, delete all backup sets older than the given time.  Old backup sets
          will not be deleted if backup sets newer than time depend on them.
        '';
      };
      maxFull = lib.mkOption {
        type = lib.types.nullOr lib.types.int;
        default = null;
        example = 2;
        description = ''
          If non-null, delete all backups sets that are older than the count:th last full
          backup (in other words, keep the last count full backups and
          associated incremental sets).
        '';
      };
      maxIncr = lib.mkOption {
        type = lib.types.nullOr lib.types.int;
        default = null;
        example = 1;
        description = ''
          If non-null, delete incremental sets of all backups sets that are
          older than the count:th last full backup (in other words, keep only
          old full backups and not their increments).
        '';
      };
    };
  };

  config = lib.mkIf cfg.enable {
    systemd = {
      services.duplicity =
        {
          description = "backup files with duplicity";

          environment.HOME = stateDirectory;

          script =
            let
              target = lib.escapeShellArg cfg.targetUrl;
              extra = lib.escapeShellArgs (
                [
                  "--archive-dir"
                  stateDirectory
                ]
                ++ cfg.extraFlags
              );
              dup = "${pkgs.duplicity}/bin/duplicity";
            in
            ''
              set -x
              ${dup} cleanup ${target} --force ${extra}
              ${lib.optionalString (
                cfg.cleanup.maxAge != null
              ) "${dup} remove-older-than ${lib.escapeShellArg cfg.cleanup.maxAge} ${target} --force ${extra}"}
              ${lib.optionalString (
                cfg.cleanup.maxFull != null
              ) "${dup} remove-all-but-n-full ${toString cfg.cleanup.maxFull} ${target} --force ${extra}"}
              ${lib.optionalString (
                cfg.cleanup.maxIncr != null
              ) "${dup} remove-all-inc-of-but-n-full ${toString cfg.cleanup.maxIncr} ${target} --force ${extra}"}
              exec ${dup} ${if cfg.fullIfOlderThan == "always" then "full" else "incr"} ${
                lib.escapeShellArgs (
                  [
                    cfg.root
                    cfg.targetUrl
                  ]
                  ++ lib.optionals (cfg.includeFileList != null) [
                    "--include-filelist"
                    cfg.includeFileList
                  ]
                  ++ lib.optionals (cfg.excludeFileList != null) [
                    "--exclude-filelist"
                    cfg.excludeFileList
                  ]
                  ++ lib.concatMap (p: [
                    "--include"
                    p
                  ]) cfg.include
                  ++ lib.concatMap (p: [
                    "--exclude"
                    p
                  ]) cfg.exclude
                  ++ (lib.optionals (cfg.fullIfOlderThan != "never" && cfg.fullIfOlderThan != "always") [
                    "--full-if-older-than"
                    cfg.fullIfOlderThan
                  ])
                )
              } ${extra}
            '';
          serviceConfig =
            {
              PrivateTmp = true;
              ProtectSystem = "strict";
              ProtectHome = "read-only";
              StateDirectory = baseNameOf stateDirectory;
            }
            // lib.optionalAttrs (localTarget != null) {
              ReadWritePaths = localTarget;
            }
            // lib.optionalAttrs (cfg.secretFile != null) {
              EnvironmentFile = cfg.secretFile;
            };
        }
        // lib.optionalAttrs (cfg.frequency != null) {
          startAt = cfg.frequency;
        };

      tmpfiles.rules = lib.optional (localTarget != null) "d ${localTarget} 0700 root root -";
    };

    assertions = lib.singleton {
      # Duplicity will fail if the last file selection option is an include. It
      # is not always possible to detect but this simple case can be caught.
      assertion = cfg.include != [ ] -> cfg.exclude != [ ] || cfg.extraFlags != [ ];
      message = ''
        Duplicity will fail if you only specify included paths ("Because the
        default is to include all files, the expression is redundant. Exiting
        because this probably isn't what you meant.")
      '';
    };
  };
}
nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`let`
			`cfg = config.services.duplicity;`

			`stateDirectory = "/var/lib/duplicity";`

nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`localTarget =`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`if lib.hasPrefix "file://" cfg.targetUrl then lib.removePrefix "file://" cfg.targetUrl else null;`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00
nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`in`
			`{`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`options.services.duplicity = {`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`enable = lib.mkEnableOption "backups with duplicity";`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`root = lib.mkOption {`
			`type = lib.types.path;`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`default = "/";`
			`description = ''`
			`Root directory to backup.`
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`include = lib.mkOption {`
			`type = lib.types.listOf lib.types.str;`
nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`default = [ ];`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`example = [ "/home" ];`
			`description = ''`
			`List of paths to include into the backups. See the FILE SELECTION`
			section in {manpage}`duplicity(1)` for details on the syntax.
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`exclude = lib.mkOption {`
			`type = lib.types.listOf lib.types.str;`
nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`default = [ ];`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`description = ''`
			`List of paths to exclude from backups. See the FILE SELECTION section in`
			{manpage}`duplicity(1)` for details on the syntax.
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`includeFileList = lib.mkOption {`
			`type = lib.types.nullOr lib.types.path;`
nixos/duplicity: Add support for --include-filelist / --exclude-filelist 2024-07-08 17:02:42 +02:00			`default = null;`
			`example = /path/to/fileList.txt;`
			`description = ''`
			`File containing newline-separated list of paths to include into the`
			backups. See the FILE SELECTION section in {manpage}`duplicity(1)` for
			`details on the syntax.`
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`excludeFileList = lib.mkOption {`
			`type = lib.types.nullOr lib.types.path;`
nixos/duplicity: Add support for --include-filelist / --exclude-filelist 2024-07-08 17:02:42 +02:00			`default = null;`
			`example = /path/to/fileList.txt;`
			`description = ''`
			`File containing newline-separated list of paths to exclude into the`
			backups. See the FILE SELECTION section in {manpage}`duplicity(1)` for
			`details on the syntax.`
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`targetUrl = lib.mkOption {`
			`type = lib.types.str;`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`example = "s3://host:port/prefix";`
			`description = ''`
			`Target url to backup to. See the URL FORMAT section in`
			{manpage}`duplicity(1)` for supported urls.
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`secretFile = lib.mkOption {`
			`type = lib.types.nullOr lib.types.path;`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`default = null;`
			`description = ''`
			`Path of a file containing secrets (gpg passphrase, access key...) in`
			`the format of EnvironmentFile as described by`
			{manpage}`systemd.exec(5)`. For example:
nixos/*: convert options with listings minor rendering changes. 2022-08-30 14:08:50 +02:00			```
nixos/*: replace <replaceable>s with «thing» we can't embed syntactic annotations of this kind in markdown code blocks without yet another extension. replaceable is rare enough to make this not much worth it, so we'll go with «thing» instead. the module system already uses this format for its placeholder names in attrsOf paths. 2022-08-03 01:57:59 +02:00			`PASSPHRASE=«...»`
			`AWS_ACCESS_KEY_ID=«...»`
			`AWS_SECRET_ACCESS_KEY=«...»`
nixos/*: convert options with listings minor rendering changes. 2022-08-30 14:08:50 +02:00			```
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`frequency = lib.mkOption {`
			`type = lib.types.nullOr lib.types.str;`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`default = "daily";`
			`description = ''`
			`Run duplicity with the given frequency (see`
			{manpage}`systemd.time(7)` for the format).
			`If null, do not run automatically.`
			`'';`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`extraFlags = lib.mkOption {`
			`type = lib.types.listOf lib.types.str;`
nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`default = [ ];`
nixos/duplicity: add options to exercise all possible verbs except restore ;) 2021-05-13 12:00:00 +00:00			`example = [`
			`"--backend-retry-delay"`
			`"100"`
			`];`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`description = ''`
			`Extra command-line flags passed to duplicity. See`
			{manpage}`duplicity(1)`.
			`'';`
			`};`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`fullIfOlderThan = lib.mkOption {`
			`type = lib.types.str;`
nixos/duplicity: add options to exercise all possible verbs except restore ;) 2021-05-13 12:00:00 +00:00			`default = "never";`
			`example = "1M";`
			`description = ''`
			If `"never"` (the default) always do incremental
			`backups (the first backup will be a full backup, of course). If`
			`"always"` always do full backups. Otherwise, this
			`must be a string representing a duration. Full backups will be made`
			`when the latest full backup is older than this duration. If this is not`
			`the case, an incremental backup is performed.`
			`'';`
			`};`

nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`cleanup = {`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`maxAge = lib.mkOption {`
			`type = lib.types.nullOr lib.types.str;`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`default = null;`
			`example = "6M";`
			`description = ''`
			`If non-null, delete all backup sets older than the given time. Old backup sets`
			`will not be deleted if backup sets newer than time depend on them.`
			`'';`
			`};`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`maxFull = lib.mkOption {`
			`type = lib.types.nullOr lib.types.int;`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`default = null;`
			`example = 2;`
			`description = ''`
			`If non-null, delete all backups sets that are older than the count:th last full`
			`backup (in other words, keep the last count full backups and`
			`associated incremental sets).`
			`'';`
			`};`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`maxIncr = lib.mkOption {`
			`type = lib.types.nullOr lib.types.int;`
nixos/duplicity: add options to exercise all possible verbs except restore ;) 2021-05-13 12:00:00 +00:00			`default = null;`
			`example = 1;`
			`description = ''`
			`If non-null, delete incremental sets of all backups sets that are`
			`older than the count:th last full backup (in other words, keep only`
			`old full backups and not their increments).`
			`'';`
			`};`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`};`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`config = lib.mkIf cfg.enable {`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`systemd = {`
			`services.duplicity =`
			`{`
			`description = "backup files with duplicity";`
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH 2024-12-10 20:26:33 +01:00
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`environment.HOME = stateDirectory;`
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH 2024-12-10 20:26:33 +01:00
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`script =`
			`let`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`target = lib.escapeShellArg cfg.targetUrl;`
			`extra = lib.escapeShellArgs (`
			`[`
			`"--archive-dir"`
			`stateDirectory`
			`]`
			`++ cfg.extraFlags`
			`);`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`dup = "${pkgs.duplicity}/bin/duplicity";`
			`in`
			`''`
			`set -x`
			`${dup} cleanup ${target} --force ${extra}`
			`${lib.optionalString (`
			`cfg.cleanup.maxAge != null`
			`) "${dup} remove-older-than ${lib.escapeShellArg cfg.cleanup.maxAge} ${target} --force ${extra}"}`
			`${lib.optionalString (`
			`cfg.cleanup.maxFull != null`
			`) "${dup} remove-all-but-n-full ${toString cfg.cleanup.maxFull} ${target} --force ${extra}"}`
nixos/duplicity: fix typo in subcommand In https://github.com/NixOS/nixpkgs/pull/120622 cleanup options were added, but `remove-all-inc-of-but-n-full` was misspelled and as such was not functioning. 2021-06-27 09:39:23 +02:00			`${lib.optionalString (`
			`cfg.cleanup.maxIncr != null`
			`) "${dup} remove-all-inc-of-but-n-full ${toString cfg.cleanup.maxIncr} ${target} --force ${extra}"}`
nixos/duplicity: add options to exercise all possible verbs except restore ;) 2021-05-13 12:00:00 +00:00			`exec ${dup} ${if cfg.fullIfOlderThan == "always" then "full" else "incr"} ${`
			`lib.escapeShellArgs (`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`[`
			`cfg.root`
			`cfg.targetUrl`
			`]`
nixos/duplicity: Add support for --include-filelist / --exclude-filelist 2024-07-08 17:02:42 +02:00			`++ lib.optionals (cfg.includeFileList != null) [`
			`"--include-filelist"`
			`cfg.includeFileList`
			`]`
			`++ lib.optionals (cfg.excludeFileList != null) [`
			`"--exclude-filelist"`
			`cfg.excludeFileList`
			`]`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`++ lib.concatMap (p: [`
			`"--include"`
			`p`
			`]) cfg.include`
			`++ lib.concatMap (p: [`
			`"--exclude"`
			`p`
			`]) cfg.exclude`
nixos/duplicity: add options to exercise all possible verbs except restore ;) 2021-05-13 12:00:00 +00:00			`++ (lib.optionals (cfg.fullIfOlderThan != "never" && cfg.fullIfOlderThan != "always") [`
			`"--full-if-older-than"`
			`cfg.fullIfOlderThan`
			`])`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`)`
			`} ${extra}`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`'';`
nixos/duplicity: add options to not keep backups forever Current module add backups forever, with no way to prune old ones. Add an option to remove backups after n full backups or after some amount of time. Also run duplicity cleanup to clean unused files in case some previous backup was improperly interrupted. 2021-04-25 12:00:00 +00:00			`serviceConfig =`
			`{`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`PrivateTmp = true;`
			`ProtectSystem = "strict";`
			`ProtectHome = "read-only";`
			`StateDirectory = baseNameOf stateDirectory;`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`}`
			`// lib.optionalAttrs (localTarget != null) {`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`ReadWritePaths = localTarget;`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`}`
			`// lib.optionalAttrs (cfg.secretFile != null) {`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`EnvironmentFile = cfg.secretFile;`
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev b32a0943687d2a5094a6d92f25a4b6e16a76b5b7 result/bin/apply-formatting $NIXPKGS_PATH 2024-12-10 20:26:33 +01:00			`};`
			`}`
nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`// lib.optionalAttrs (cfg.frequency != null) {`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`startAt = cfg.frequency;`
			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`tmpfiles.rules = lib.optional (localTarget != null) "d ${localTarget} 0700 root root -";`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`};`

nixos/services.duplicity: remove `with lib;` 2024-08-30 00:46:40 +02:00			`assertions = lib.singleton {`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`# Duplicity will fail if the last file selection option is an include. It`
			`# is not always possible to detect but this simple case can be caught.`
nixos/duplicity: format 2021-04-25 12:00:00 +00:00			`assertion = cfg.include != [ ] -> cfg.exclude != [ ] \|\| cfg.extraFlags != [ ];`
nixos/duplicity: init Add a simple module that wrap duplicity in a systemd service. 2019-01-05 13:55:01 +01:00			`message = ''`
			`Duplicity will fail if you only specify included paths ("Because the`
			`default is to include all files, the expression is redundant. Exiting`
			`because this probably isn't what you meant.")`
			`'';`
			`};`
			`};`
			`}`