Compare commits
No commits in common. "b1fd941bb2e6f8a0045e36e0f7fbd117e8f8617c" and "62ba6d8fb7b4e23b3af507aac9975c372cf03c5f" have entirely different histories.
b1fd941bb2
...
62ba6d8fb7
3 changed files with 40 additions and 20 deletions
|
@ -1,4 +1,4 @@
|
|||
{ lib, config, pkgs, ... }: {
|
||||
{ lib, config, ... }: {
|
||||
imports = [
|
||||
../../common
|
||||
../../profiles/headless.nix
|
||||
|
@ -31,8 +31,9 @@
|
|||
backupPrepareCommand = ''
|
||||
umask 0077
|
||||
rm -f -- ${pgBackup}
|
||||
su -c '${lib.getExe' config.services.postgresql.package "pg_dumpall"}' \
|
||||
${config.services.postgresql.superUser} >${pgBackup}
|
||||
${lib.getExe' config.services.postgresql.package "pg_dumpall"} \
|
||||
-U ${config.services.postgresql.superUser} \
|
||||
-f ${pgBackup}
|
||||
'';
|
||||
|
||||
backupCleanupCommand = ''
|
||||
|
|
24
flake.lock
24
flake.lock
|
@ -12,11 +12,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731270564,
|
||||
"narHash": "sha256-6KMC/NH/VWP5Eb+hA56hz0urel3jP6Y6cF2PX6xaTkk=",
|
||||
"lastModified": 1731193172,
|
||||
"narHash": "sha256-Ykz7q58tF0wLTOjCxQMe5+jdAPPQ1dC8k39y9I/5k+I=",
|
||||
"owner": "zhaofengli",
|
||||
"repo": "attic",
|
||||
"rev": "47752427561f1c34debb16728a210d378f0ece36",
|
||||
"rev": "a02bf38a7562e4041345a136aef6e5a4eb891bbb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -562,11 +562,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731235328,
|
||||
"narHash": "sha256-NjavpgE9/bMe/ABvZpyHIUeYF1mqR5lhaep3wB79ucs=",
|
||||
"lastModified": 1730837930,
|
||||
"narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "60bb110917844d354f3c18e05450606a435d2d10",
|
||||
"rev": "2f607e07f3ac7e53541120536708e824acccfaa8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -946,11 +946,11 @@
|
|||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1731139594,
|
||||
"narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
|
||||
"lastModified": 1730785428,
|
||||
"narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
|
||||
"rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -1059,11 +1059,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731213149,
|
||||
"narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=",
|
||||
"lastModified": 1731047660,
|
||||
"narHash": "sha256-iyp51lPWEQz4c5VH9bVbAuBcFP4crETU2QJYh5V0NYA=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7",
|
||||
"rev": "60e1bce1999f126e3b16ef45f89f72f0c3f8d16f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -1,11 +1,9 @@
|
|||
{ config, lib, options, pkgs, ... }: let
|
||||
{ config, lib, pkgs, utils, ... }: let
|
||||
cfg = config.kyouma.restic;
|
||||
in {
|
||||
options.kyouma.restic = let
|
||||
inherit (lib) mkOption types;
|
||||
in {
|
||||
inherit (options.services.restic.backups.type.getSubOptions [])
|
||||
timerConfig backupPrepareCommand backupCleanupCommand;
|
||||
enable = lib.mkEnableOption "Enable restic backup";
|
||||
paths = mkOption {
|
||||
description = "paths to backup";
|
||||
|
@ -42,6 +40,27 @@ in {
|
|||
type = types.nonEmptyStr;
|
||||
default = "${config.networking.hostName}-backup";
|
||||
};
|
||||
timerConfig = mkOption {
|
||||
description = "timer config";
|
||||
type = with types; nullOr (attrsOf utils.systemdUtils.unitOptions.unitOption);
|
||||
default = {
|
||||
OnCalendar = "daily";
|
||||
Persistent = true;
|
||||
};
|
||||
};
|
||||
|
||||
# FIXME: Can these be just inherited?
|
||||
backupPrepareCommand = mkOption {
|
||||
description = "preparation script";
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
};
|
||||
|
||||
backupCleanupCommand = mkOption {
|
||||
description = "cleanup script";
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
config = lib.mkIf cfg.enable {
|
||||
sops.secrets."restic/${cfg.remoteUser}/password" = {
|
||||
|
@ -52,7 +71,7 @@ in {
|
|||
};
|
||||
|
||||
services.restic.backups."${config.networking.hostName}-${cfg.remote}" = {
|
||||
inherit (cfg) paths user pruneOpts timerConfig backupPrepareCommand backupCleanupCommand;
|
||||
inherit (cfg) paths user pruneOpts timerConfig;
|
||||
initialize = true;
|
||||
repository = "sftp:${cfg.remoteUser}@${cfg.remote}:${cfg.repo}";
|
||||
passwordFile = config.sops.secrets."restic/${cfg.remoteUser}/password".path;
|
||||
|
|
Loading…
Reference in a new issue