movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-09 20:16:16 +03:00
Code Activity

nixos/restic: nixfmt

Browse source
This commit is contained in:
Tert0 2025-01-30 16:43:51 +01:00
parent 5224d91ed1
commit 54dba7bed8
No known key found for this signature in database
GPG key ID: 89DC25DE6F62550F
1 changed files with 403 additions and 358 deletions
Download patch file Download diff file Expand all files Collapse all files

117
nixos/modules/services/backup/restic.nix
View file

@ -1,4 +1,10 @@
{ config, lib, pkgs, utils, ... }: {
config,
lib,
pkgs,
utils,
...
}:
let let
# Type for a valid systemd unit option. Needed for correctly passing "timerConfig" to "systemd.timers" # Type for a valid systemd unit option. Needed for correctly passing "timerConfig" to "systemd.timers"
inherit (utils.systemdUtils.unitOptions) unitOption; inherit (utils.systemdUtils.unitOptions) unitOption;
@ -8,7 +14,10 @@ in
description = '' description = ''
Periodic backups to create with Restic. Periodic backups to create with Restic.
''; '';
type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: { type = lib.types.attrsOf (
lib.types.submodule (
{ name, ... }:
{
options = { options = {
passwordFile = lib.mkOption { passwordFile = lib.mkOption {
type = lib.types.str; type = lib.types.str;
@ -28,7 +37,14 @@ in
}; };
rcloneOptions = lib.mkOption { rcloneOptions = lib.mkOption {
type = with lib.types; nullOr (attrsOf (oneOf [ str bool ])); type =
with lib.types;
nullOr (
attrsOf (oneOf [
str
bool
])
);
default = null; default = null;
description = '' description = ''
Options to pass to rclone to control its behavior. Options to pass to rclone to control its behavior.
@ -45,7 +61,14 @@ in
}; };
rcloneConfig = lib.mkOption { rcloneConfig = lib.mkOption {
type = with lib.types; nullOr (attrsOf (oneOf [ str bool ])); type =
with lib.types;
nullOr (
attrsOf (oneOf [
str
bool
])
);
default = null; default = null;
description = '' description = ''
Configuration for the rclone remote being used for backup. Configuration for the rclone remote being used for backup.
@ -270,7 +293,9 @@ in
''; '';
}; };
}; };
})); }
)
);
default = { }; default = { };
example = { example = {
localbackup = { localbackup = {
@ -300,9 +325,8 @@ in
assertion = (v.repository == null) != (v.repositoryFile == null); assertion = (v.repository == null) != (v.repositoryFile == null);
message = "services.restic.backups.${n}: exactly one of repository or repositoryFile should be set"; message = "services.restic.backups.${n}: exactly one of repository or repositoryFile should be set";
}) config.services.restic.backups; }) config.services.restic.backups;
systemd.services = systemd.services = lib.mapAttrs' (
lib.mapAttrs' name: backup:
(name: backup:
let let
extraOptions = lib.concatMapStrings (arg: " -o ${arg}") backup.extraOptions; extraOptions = lib.concatMapStrings (arg: " -o ${arg}") backup.extraOptions;
inhibitCmd = lib.concatStringsSep " " [ inhibitCmd = lib.concatStringsSep " " [
@ -313,7 +337,9 @@ in
"--why=${lib.escapeShellArg "Scheduled backup ${name}"} " "--why=${lib.escapeShellArg "Scheduled backup ${name}"} "
]; ];
resticCmd = "${lib.optionalString backup.inhibitsSleep inhibitCmd}${backup.package}/bin/restic${extraOptions}"; resticCmd = "${lib.optionalString backup.inhibitsSleep inhibitCmd}${backup.package}/bin/restic${extraOptions}";
excludeFlags = lib.optional (backup.exclude != []) "--exclude-file=${pkgs.writeText "exclude-patterns" (lib.concatStringsSep "\n" backup.exclude)}"; excludeFlags = lib.optional (
backup.exclude != [ ]
) "--exclude-file=${pkgs.writeText "exclude-patterns" (lib.concatStringsSep "\n" backup.exclude)}";
filesFromTmpFile = "/run/restic-backups-${name}/includes"; filesFromTmpFile = "/run/restic-backups-${name}/includes";
doBackup = (backup.dynamicFilesFrom != null) || (backup.paths != null && backup.paths != [ ]); doBackup = (backup.dynamicFilesFrom != null) || (backup.paths != null && backup.paths != [ ]);
pruneCmd = lib.optionals (builtins.length backup.pruneOpts > 0) [ pruneCmd = lib.optionals (builtins.length backup.pruneOpts > 0) [
@ -328,41 +354,55 @@ in
rcloneAttrToConf = v: "RCLONE_CONFIG_" + lib.toUpper (rcloneRemoteName + "_" + v); rcloneAttrToConf = v: "RCLONE_CONFIG_" + lib.toUpper (rcloneRemoteName + "_" + v);
toRcloneVal = v: if lib.isBool v then lib.boolToString v else v; toRcloneVal = v: if lib.isBool v then lib.boolToString v else v;
in in
lib.nameValuePair "restic-backups-${name}" ({ lib.nameValuePair "restic-backups-${name}" (
environment = { {
environment =
{
# not %C, because that wouldn't work in the wrapper script # not %C, because that wouldn't work in the wrapper script
RESTIC_CACHE_DIR = "/var/cache/restic-backups-${name}"; RESTIC_CACHE_DIR = "/var/cache/restic-backups-${name}";
RESTIC_PASSWORD_FILE = backup.passwordFile; RESTIC_PASSWORD_FILE = backup.passwordFile;
RESTIC_REPOSITORY = backup.repository; RESTIC_REPOSITORY = backup.repository;
RESTIC_REPOSITORY_FILE = backup.repositoryFile; RESTIC_REPOSITORY_FILE = backup.repositoryFile;
} // lib.optionalAttrs (backup.rcloneOptions != null) (lib.mapAttrs' }
(name: value: // lib.optionalAttrs (backup.rcloneOptions != null) (
lib.nameValuePair (rcloneAttrToOpt name) (toRcloneVal value) lib.mapAttrs' (
name: value: lib.nameValuePair (rcloneAttrToOpt name) (toRcloneVal value)
) backup.rcloneOptions
) )
backup.rcloneOptions) // lib.optionalAttrs (backup.rcloneConfigFile != null) { // lib.optionalAttrs (backup.rcloneConfigFile != null) {
RCLONE_CONFIG = backup.rcloneConfigFile; RCLONE_CONFIG = backup.rcloneConfigFile;
} // lib.optionalAttrs (backup.rcloneConfig != null) (lib.mapAttrs' }
(name: value: // lib.optionalAttrs (backup.rcloneConfig != null) (
lib.nameValuePair (rcloneAttrToConf name) (toRcloneVal value) lib.mapAttrs' (
) name: value: lib.nameValuePair (rcloneAttrToConf name) (toRcloneVal value)
backup.rcloneConfig); ) backup.rcloneConfig
);
path = [ config.programs.ssh.package ]; path = [ config.programs.ssh.package ];
restartIfChanged = false; restartIfChanged = false;
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
after = [ "network-online.target" ]; after = [ "network-online.target" ];
serviceConfig = { serviceConfig =
{
Type = "oneshot"; Type = "oneshot";
ExecStart = (lib.optionals doBackup [ "${resticCmd} backup ${lib.concatStringsSep " " (backup.extraBackupArgs ++ excludeFlags)} --files-from=${filesFromTmpFile}" ]) ExecStart =
++ pruneCmd ++ checkCmd; (lib.optionals doBackup [
"${resticCmd} backup ${
lib.concatStringsSep " " (backup.extraBackupArgs ++ excludeFlags)
} --files-from=${filesFromTmpFile}"
])
++ pruneCmd
++ checkCmd;
User = backup.user; User = backup.user;
RuntimeDirectory = "restic-backups-${name}"; RuntimeDirectory = "restic-backups-${name}";
CacheDirectory = "restic-backups-${name}"; CacheDirectory = "restic-backups-${name}";
CacheDirectoryMode = "0700"; CacheDirectoryMode = "0700";
PrivateTmp = true; PrivateTmp = true;
} // lib.optionalAttrs (backup.environmentFile != null) { }
// lib.optionalAttrs (backup.environmentFile != null) {
EnvironmentFile = backup.environmentFile; EnvironmentFile = backup.environmentFile;
}; };
} // lib.optionalAttrs (backup.initialize || doBackup || backup.backupPrepareCommand != null) { }
// lib.optionalAttrs (backup.initialize || doBackup || backup.backupPrepareCommand != null) {
preStart = '' preStart = ''
${lib.optionalString (backup.backupPrepareCommand != null) '' ${lib.optionalString (backup.backupPrepareCommand != null) ''
${pkgs.writeScript "backupPrepareCommand" backup.backupPrepareCommand} ${pkgs.writeScript "backupPrepareCommand" backup.backupPrepareCommand}
@ -377,7 +417,8 @@ in
${pkgs.writeScript "dynamicFilesFromScript" backup.dynamicFilesFrom} >> ${filesFromTmpFile} ${pkgs.writeScript "dynamicFilesFromScript" backup.dynamicFilesFrom} >> ${filesFromTmpFile}
''} ''}
''; '';
} // lib.optionalAttrs (doBackup || backup.backupCleanupCommand != null) { }
// lib.optionalAttrs (doBackup || backup.backupCleanupCommand != null) {
postStop = '' postStop = ''
${lib.optionalString (backup.backupCleanupCommand != null) '' ${lib.optionalString (backup.backupCleanupCommand != null) ''
${pkgs.writeScript "backupCleanupCommand" backup.backupCleanupCommand} ${pkgs.writeScript "backupCleanupCommand" backup.backupCleanupCommand}
@ -386,22 +427,25 @@ in
rm ${filesFromTmpFile} rm ${filesFromTmpFile}
''} ''}
''; '';
}) }
) )
config.services.restic.backups; ) config.services.restic.backups;
systemd.timers = systemd.timers = lib.mapAttrs' (
lib.mapAttrs' name: backup:
(name: backup: lib.nameValuePair "restic-backups-${name}" { lib.nameValuePair "restic-backups-${name}" {
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = backup.timerConfig; timerConfig = backup.timerConfig;
}) }
(lib.filterAttrs (_: backup: backup.timerConfig != null) config.services.restic.backups); ) (lib.filterAttrs (_: backup: backup.timerConfig != null) config.services.restic.backups);
# generate wrapper scripts, as described in the createWrapper option # generate wrapper scripts, as described in the createWrapper option
environment.systemPackages = lib.mapAttrsToList (name: backup: let environment.systemPackages = lib.mapAttrsToList (
name: backup:
let
extraOptions = lib.concatMapStrings (arg: " -o ${arg}") backup.extraOptions; extraOptions = lib.concatMapStrings (arg: " -o ${arg}") backup.extraOptions;
resticCmd = "${backup.package}/bin/restic${extraOptions}"; resticCmd = "${backup.package}/bin/restic${extraOptions}";
in pkgs.writeShellScriptBin "restic-${name}" '' in
pkgs.writeShellScriptBin "restic-${name}" ''
set -a # automatically export variables set -a # automatically export variables
${lib.optionalString (backup.environmentFile != null) "source ${backup.environmentFile}"} ${lib.optionalString (backup.environmentFile != null) "source ${backup.environmentFile}"}
# set same environment variables as the systemd service # set same environment variables as the systemd service
@ -413,6 +457,7 @@ in
PATH=${config.systemd.services."restic-backups-${name}".environment.PATH}:$PATH PATH=${config.systemd.services."restic-backups-${name}".environment.PATH}:$PATH
exec ${resticCmd} "$@" exec ${resticCmd} "$@"
'') (lib.filterAttrs (_: v: v.createWrapper) config.services.restic.backups); ''
) (lib.filterAttrs (_: v: v.createWrapper) config.services.restic.backups);
}; };
} }