From 1b1d3f2c1aa2ebedeb137e999efdb211c51848c1 Mon Sep 17 00:00:00 2001 From: Andreas Zweili Date: Tue, 6 Jun 2023 22:19:23 +0200 Subject: [PATCH] Move to restic-client-server-mysql to options --- modules/default.nix | 1 + .../restic-client-server-mysql/default.nix | 113 +++++++++++------- systems/git/default.nix | 9 +- systems/nextcloud/default.nix | 9 +- 4 files changed, 79 insertions(+), 53 deletions(-) diff --git a/modules/default.nix b/modules/default.nix index 4fd80e3..ad2e2de 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -40,6 +40,7 @@ ./services/rdp ./services/restic-client-desktop ./services/restic-client-server + ./restic-client-server-mysql ./services/syslog ./services/telegram-notifications ./services/tlp diff --git a/modules/restic-client-server-mysql/default.nix b/modules/restic-client-server-mysql/default.nix index 8a077bb..6c689d7 100644 --- a/modules/restic-client-server-mysql/default.nix +++ b/modules/restic-client-server-mysql/default.nix @@ -1,56 +1,79 @@ -{ path -, tag ? "home-dir" -, time -}: { config, inputs, pkgs, ... }: +{ config, inputs, lib, pkgs, ... }: +let + cfg = config.services.az-restic-client-server-mysql; +in { - services.az-telegram-notifications.enable = true; - - age.secrets.resticKey.file = "${inputs.self}/scrts/restic.key.age"; - - systemd.timers."restic-backups" = { - wantedBy = [ "timers.target" ]; - partOf = [ "restic-backups.service" ]; - timerConfig = { - OnCalendar = time; + options = { + services.az-restic-client-server-mysql = { + enable = lib.mkEnableOption "Enable restic backups for MariaDB."; + path = lib.mkOption { + type = lib.types.path; + description = "The directory to backup."; + }; + tag = lib.mkOption { + type = lib.types.str; + description = "The tag to attach to the backups."; + default = "home-dir"; + }; + time = lib.mkOption { + type = lib.types.str; + description = "The time at which the backup runs."; + }; }; }; - systemd.services."restic-backups" = { - serviceConfig = { - User = "root"; - Type = "oneshot"; + config = lib.mkIf cfg.enable { + services.az-telegram-notifications = { + enable = true; }; - environment = { - RESTIC_PASSWORD_FILE = config.age.secrets.resticKey.path; - RESTIC_REPOSITORY = "rest:http://10.7.89.30:8000"; + + age.secrets.resticKey.file = "${inputs.self}/scrts/restic.key.age"; + + systemd.timers."restic-backups" = { + wantedBy = [ "timers.target" ]; + partOf = [ "restic-backups.service" ]; + timerConfig = { + OnCalendar = cfg.time; + }; }; - onFailure = [ "unit-status-telegram@%n.service" ]; - script = '' - ${pkgs.restic}/bin/restic backup \ - --exclude-file=${inputs.self}/modules/misc/restic-client/excludes.txt \ - --tag ${tag} ${path} - ${pkgs.mariadb}/bin/mariabackup --backup --user=root --stream=xbstream | \ - ${pkgs.restic}/bin/restic backup \ - --tag mariadb \ - --stdin \ - --stdin-filename mariadb.xb + systemd.services."restic-backups" = { + serviceConfig = { + User = "root"; + Type = "oneshot"; + }; + environment = { + RESTIC_PASSWORD_FILE = config.age.secrets.resticKey.path; + RESTIC_REPOSITORY = "rest:http://10.7.89.30:8000"; + }; + onFailure = [ "unit-status-telegram@%n.service" ]; + script = '' + ${pkgs.restic}/bin/restic backup \ + --exclude-file=${inputs.self}/modules/misc/restic-client/excludes.txt \ + --tag ${cfg.tag} ${cfg.path} - ${pkgs.restic}/bin/restic forget \ - --tag home-dir \ - --host ${config.networking.hostName} \ - --keep-daily 7 \ - --keep-weekly 5 \ - --keep-monthly 12 \ - --keep-yearly 75 + ${pkgs.mariadb}/bin/mariabackup --backup --user=root --stream=xbstream | \ + ${pkgs.restic}/bin/restic backup \ + --tag mariadb \ + --stdin \ + --stdin-filename mariadb.xb - ${pkgs.restic}/bin/restic forget \ - --tag mariadb \ - --host ${config.networking.hostName} \ - --keep-daily 7 \ - --keep-weekly 5 \ - --keep-monthly 12 \ - --keep-yearly 75 - ''; + ${pkgs.restic}/bin/restic forget \ + --tag home-dir \ + --host ${config.networking.hostName} \ + --keep-daily 7 \ + --keep-weekly 5 \ + --keep-monthly 12 \ + --keep-yearly 75 + + ${pkgs.restic}/bin/restic forget \ + --tag mariadb \ + --host ${config.networking.hostName} \ + --keep-daily 7 \ + --keep-weekly 5 \ + --keep-monthly 12 \ + --keep-yearly 75 + ''; + }; }; } diff --git a/systems/git/default.nix b/systems/git/default.nix index bcbc11f..ff669ea 100644 --- a/systems/git/default.nix +++ b/systems/git/default.nix @@ -8,10 +8,6 @@ in ip = "10.7.89.109"; inherit hostname; }) - (import "${inputs.self}/modules/restic-client-server-mysql" { - path = "/home/andreas"; - time = "00:30"; - }) ]; services = { az-gitea = { @@ -22,5 +18,10 @@ in enable = true; domain = domain; }; + az-restic-client-server-mysql = { + enable = true; + path = "/home/andreas"; + time = "00:30"; + }; }; } diff --git a/systems/nextcloud/default.nix b/systems/nextcloud/default.nix index 84e1127..534b7e6 100644 --- a/systems/nextcloud/default.nix +++ b/systems/nextcloud/default.nix @@ -5,10 +5,6 @@ ip = "10.7.89.103"; inherit hostname; }) - (import "${inputs.self}/modules/restic-client-server-mysql" { - path = "/home/andreas"; - time = "01:30"; - }) ]; services = { @@ -16,5 +12,10 @@ enable = true; domain = "nextcloud.2li.ch"; }; + az-restic-client-server-mysql = { + enable = true; + path = "/home/andreas"; + time = "01:30"; + }; }; }