movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 20:55:31 +03:00
Code Issues Projects Releases Packages Wiki Activity

services.mysqlBackup: add option to change compression algorithm (#364630)

Browse source
This commit is contained in:
Silvan Mosberger 2025-01-13 20:49:10 +01:00 committed by GitHub
commit 08f39a348e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 81 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

3
ci/OWNERS
View file

@ -252,6 +252,9 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
/nixos/modules/services/databases/postgresql.nix @NixOS/postgres /nixos/modules/services/databases/postgresql.nix @NixOS/postgres
/nixos/tests/postgresql @NixOS/postgres /nixos/tests/postgresql @NixOS/postgres
# MySQL/MariaDB and related stuff
/nixos/modules/services/backup/mysql-backup.nix @6543
# Hardened profile & related modules # Hardened profile & related modules
/nixos/modules/profiles/hardened.nix @joachifm /nixos/modules/profiles/hardened.nix @joachifm
/nixos/modules/security/lock-kernel-modules.nix @joachifm /nixos/modules/security/lock-kernel-modules.nix @joachifm

89
nixos/modules/services/backup/mysql-backup.nix
View file

@ -5,12 +5,40 @@
... ...
}: }:
let let
inherit (pkgs) mariadb gzip;
cfg = config.services.mysqlBackup; cfg = config.services.mysqlBackup;
defaultUser = "mysqlbackup"; defaultUser = "mysqlbackup";
compressionAlgs = {
gzip = rec {
pkg = pkgs.gzip;
ext = ".gz";
minLevel = 1;
maxLevel = 9;
cmd = compressionLevelFlag: "${pkg}/bin/gzip -c ${cfg.gzipOptions} ${compressionLevelFlag}";
};
xz = rec {
pkg = pkgs.xz;
ext = ".xz";
minLevel = 0;
maxLevel = 9;
cmd = compressionLevelFlag: "${pkg}/bin/xz -z -c ${compressionLevelFlag} -";
};
zstd = rec {
pkg = pkgs.zstd;
ext = ".zst";
minLevel = 1;
maxLevel = 19;
cmd = compressionLevelFlag: "${pkg}/bin/zstd ${compressionLevelFlag} -";
};
};
compressionLevelFlag = lib.optionalString (cfg.compressionLevel != null) (
"-" + toString cfg.compressionLevel
);
selectedAlg = compressionAlgs.${cfg.compressionAlg};
compressionCmd = selectedAlg.cmd compressionLevelFlag;
backupScript = '' backupScript = ''
set -o pipefail set -o pipefail
failed="" failed=""
@ -20,9 +48,10 @@ let
exit 1 exit 1
fi fi
''; '';
backupDatabaseScript = db: '' backupDatabaseScript = db: ''
dest="${cfg.location}/${db}.gz" dest="${cfg.location}/${db}${selectedAlg.ext}"
if ${mariadb}/bin/mysqldump ${lib.optionalString cfg.singleTransaction "--single-transaction"} ${db} | ${gzip}/bin/gzip -c ${cfg.gzipOptions} > $dest.tmp; then if ${pkgs.mariadb}/bin/mysqldump ${lib.optionalString cfg.singleTransaction "--single-transaction"} ${db} | ${compressionCmd} > $dest.tmp; then
mv $dest.tmp $dest mv $dest.tmp $dest
echo "Backed up to $dest" echo "Backed up to $dest"
else else
@ -33,12 +62,9 @@ let
''; '';
in in
{ {
options = { options = {
services.mysqlBackup = { services.mysqlBackup = {
enable = lib.mkEnableOption "MySQL backups"; enable = lib.mkEnableOption "MySQL backups";
calendar = lib.mkOption { calendar = lib.mkOption {
@ -49,6 +75,31 @@ in
''; '';
}; };
compressionAlg = lib.mkOption {
type = lib.types.enum (lib.attrNames compressionAlgs);
default = "gzip";
description = ''
Compression algorithm to use for database dumps.
'';
};
compressionLevel = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
description = ''
Compression level to use for ${lib.concatStringsSep ", " (lib.init (lib.attrNames compressionAlgs))} or ${lib.last (lib.attrNames compressionAlgs)}.
${lib.concatStringsSep "\n" (
lib.mapAttrsToList (
name: algo: "- For ${name}: ${toString algo.minLevel}-${toString algo.maxLevel}"
) compressionAlgs
)}
:::{.note}
If compression level is also specified in gzipOptions, the gzipOptions value will be overwritten
:::
'';
};
user = lib.mkOption { user = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = defaultUser; default = defaultUser;
@ -69,7 +120,7 @@ in
type = lib.types.path; type = lib.types.path;
default = "/var/backup/mysql"; default = "/var/backup/mysql";
description = '' description = ''
Location to put the gzipped MySQL database dumps. Location to put the compressed MySQL database dumps.
''; '';
}; };
@ -86,13 +137,25 @@ in
type = lib.types.str; type = lib.types.str;
description = '' description = ''
Command line options to use when invoking `gzip`. Command line options to use when invoking `gzip`.
Only used when compression is set to "gzip".
If compression level is specified both here and in compressionLevel, the compressionLevel value will take precedence.
''; '';
}; };
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# assert config to be correct
assertions = [
{
assertion =
cfg.compressionLevel == null
|| selectedAlg.minLevel <= cfg.compressionLevel && cfg.compressionLevel <= selectedAlg.maxLevel;
message = "${cfg.compressionAlg} compression level must be between ${toString selectedAlg.minLevel} and ${toString selectedAlg.maxLevel}";
}
];
# ensure unix user to be used to perform backup exist.
users.users = lib.optionalAttrs (cfg.user == defaultUser) { users.users = lib.optionalAttrs (cfg.user == defaultUser) {
${defaultUser} = { ${defaultUser} = {
isSystemUser = true; isSystemUser = true;
@ -102,11 +165,14 @@ in
}; };
}; };
# add the compression tool to the system environment.
environment.systemPackages = [ selectedAlg.pkg ];
# ensure database user to be used to perform backup exist.
services.mysql.ensureUsers = [ services.mysql.ensureUsers = [
{ {
name = cfg.user; name = cfg.user;
ensurePermissions = ensurePermissions =
with lib;
let let
privs = "SELECT, SHOW VIEW, TRIGGER, LOCK TABLES"; privs = "SELECT, SHOW VIEW, TRIGGER, LOCK TABLES";
grant = db: lib.nameValuePair "${db}.*" privs; grant = db: lib.nameValuePair "${db}.*" privs;
@ -140,4 +206,5 @@ in
}; };
}; };
meta.maintainers = [ lib.maintainers._6543 ];
} }