unitstatus: pre-defined service units now exist

2023-07-20 09:31:26 +03:00 · 2023-07-20 09:31:26 +03:00 · 0f1d12cb34
commit 0f1d12cb34
parent 1bfd201028
3 changed files with 130 additions and 164 deletions
--- a/hosts/hel1-a/configuration.nix
+++ b/hosts/hel1-a/configuration.nix
@ -6,29 +6,6 @@
  myData,
  ...
 }: let
-  backup_paths = {
-    var_lib = {
-      mountpoint = "/var/lib";
-      zfs_name = "rpool/nixos/var/lib";
-      paths = [
-        "/var/lib/.snapshot-latest/gitea"
-        "/var/lib/.snapshot-latest/headscale"
-        "/var/lib/.snapshot-latest/matrix-synapse"
-      ];
-      backup_at = "*-*-* 00:11:00";
-    };
-    var_log = {
-      mountpoint = "/var/log";
-      zfs_name = "rpool/nixos/var/log";
-      paths = ["/var/log/.snapshot-latest/caddy/"];
-      patterns = [
-        "+ /var/log/.snapshot-latest/caddy/access-jakstys.lt.log-*.zst"
-        "- *"
-      ];
-      backup_at = "*-*-* 00:10:00";
-    };
-  };
-
  turn_cert_dir = "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/turn.jakstys.lt";
  gitea_uidgid = 995;

@ -106,7 +83,7 @@ in {
        enable = true;
        email = "motiejus+alerts@jakstys.lt";
        # see TODO in base/unitstatus/default.nix
-        #units = ["zfs-scrub"];
+        units = ["zfs-scrub" "nixos-upgrade"];
      };
    };
  };
@ -531,8 +508,7 @@ in {
    "d /run/matrix-synapse 0700 matrix-synapse matrix-synapse -"
  ];

-  systemd.services =
-    {
+  systemd.services = {
    coturn = {
      preStart = ''
        ln -sf ''${CREDENTIALS_DIRECTORY}/tls-key.pem /run/coturn/tls-key.pem
@ -593,17 +569,7 @@ in {
        ExecStart = "${pkgs.systemd}/bin/systemctl restart coturn.service";
      };
    };
-
-      zfs-scrub.unitConfig.OnFailure = "unit-status-mail@zfs-scrub.service";
-      nixos-upgrade.unitConfig.OnFailure = "unit-status-mail@nixos-upgrade.service";
-    }
-    // lib.mapAttrs' (name: value: {
-      name = "borgbackup-job-${name}";
-      value = {
-        unitConfig.OnFailure = "unit-status-mail@borgbackup-job-${name}.service";
  };
-    })
-    backup_paths;

  systemd.paths = {
    cert-watcher = {
--- a/modules/base/unitstatus/default.nix
+++ b/modules/base/unitstatus/default.nix
@ -5,19 +5,17 @@
  ...
 }: {
  # TODO:
-  # - accept unit names:
-  #   - assert they exist
-  #   - add 'systemd.<unit>.unitConfig.OnFailure' to point to this one.
  # - assert postfix is configured
  options.mj.base.unitstatus = with lib.types; {
    enable = lib.mkEnableOption "alert by email on unit failure";
    email = lib.mkOption {type = str;};
-    #units = lib.mkOption {type = lisOf str;};
+    units = lib.mkOption {type = listOf str;};
  };

-  config =
-    lib.mkIf config.mj.base.unitstatus.enable {
-      systemd.services."unit-status-mail@" = let
+  config = lib.mkIf config.mj.base.unitstatus.enable {
+    systemd.services =
+      {
+        "unit-status-mail@" = let
          # https://northernlightlabs.se/2014-07-05/systemd-status-mail-on-unit-failure.html
          script = pkgs.writeShellScript "unit-status-mail" ''
            set -e
@ -46,19 +44,11 @@
            ExecStart = ''${script} "%I" "Hostname: %H" "Machine ID: %m" "Boot ID: %b" '';
          };
        };
-    #};
-    # See TODO above.
-    #// {
-    #  systemd.services =
-    #    lib.listToAttrs
-    #    (map (
-    #        unit: {
-    #          name = unit;
-    #          value = {
-    #            unitConfig = {OnFailure = "unit-status-mail@${unit}.service";};
-    #          };
-    #        }
-    #      )
-    #      config.mj.base.unitstatus.units);
+      }
+      // lib.genAttrs config.mj.base.unitstatus.units (
+        unit: {
+          unitConfig = {OnFailure = "unit-status-mail@${unit}.service";};
+        }
+      );
  };
 }
--- a/modules/base/zfsborg/default.nix
+++ b/modules/base/zfsborg/default.nix
@ -57,7 +57,11 @@ in {
    services.borgbackup.jobs = lib.mapAttrs' (mountpoint: attrs: let
      fs = builtins.getAttr mountpoint config.fileSystems;
    in
-      assert fs.fsType == "zfs"; {
+      assert fs.fsType == "zfs";
+      assert lib.assertMsg
+          config.mj.base.unitstatus.enable
+          "config.mj.base.unitstatus.enable must be true";
+        {
          name = lib.strings.sanitizeDerivationName mountpoint;
          value =
            {
@ -86,5 +90,11 @@ in {
            };
        })
    config.mj.base.zfsborg.mountpoints;
+
+    mj.base.unitstatus.units = let
+      mounts = config.mj.base.zfsborg.mountpoints;
+      sanitized = map lib.strings.sanitizeDerivationName (lib.attrNames mounts);
+    in
+      map (n: "borgbackup-job-${n}") sanitized;
  };
 }