wip snapshots

2023-07-18 12:31:48 +03:00 · 2023-07-18 12:31:48 +03:00 · 46e2d86918
parent 26747bd639
commit 46e2d86918
4 changed files with 71 additions and 8 deletions
--- a/hosts/hel1-a/configuration.nix
+++ b/hosts/hel1-a/configuration.nix
@ -117,7 +117,7 @@ in {

    nsd = {
      enable = true;
-      interfaces = [ "0.0.0.0" "::" ];
+      interfaces = ["0.0.0.0" "::"];
      zones = {
        "jakstys.lt.".data = myData.jakstysLTZone;
      };
--- a/hosts/vm/configuration.nix
+++ b/hosts/vm/configuration.nix
@ -10,6 +10,16 @@ in {
    stateVersion = "23.05";
    timeZone = "UTC";
    stubPasswords = true;
+
+    base.snapshot = {
+      enable = true;
+      pools = {
+        var_lib = {
+          mountpoint = "/var/lib";
+          zfs_name = "rpool/nixos/var/lib";
+        };
+      };
+    };
  };

  environment = {
@ -22,7 +32,7 @@ in {
  services = {
    nsd = {
      enable = true;
-      interfaces = [ "0.0.0.0" "::" ];
+      interfaces = ["0.0.0.0" "::"];
      zones = {
        "jakstys.lt.".data = myData.jakstysLTZone;
      };
--- a/modules/base/default.nix
+++ b/modules/base/default.nix
@ -8,6 +8,7 @@
  imports = [
    ./sshd
    ./initrd
+    ./snapshot
  ];

  options.mj = {
@ -51,11 +52,17 @@
    };

    users = let
-      withPasswordFile = file: attrs: (if config.mj.stubPasswords then {
-        initialPassword = "live";
-      } else {
-        passwordFile = file;
-      }) // attrs;
+      withPasswordFile = file: attrs:
+        (
+          if config.mj.stubPasswords
+          then {
+            initialPassword = "live";
+          }
+          else {
+            passwordFile = file;
+          }
+        )
+        // attrs;
    in {
      mutableUsers = false;

@ -67,7 +74,7 @@
          openssh.authorizedKeys.keys = [myData.ssh_pubkeys.motiejus];
        };

-        root = withPasswordFile config.age.secrets.root-passwd-hash.path { };
+        root = withPasswordFile config.age.secrets.root-passwd-hash.path {};
      };
    };

--- a/modules/base/snapshot/default.nix
+++ b/modules/base/snapshot/default.nix
@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  myData,
+  ...
+}:
+with lib; {
+  options.mj.base.snapshot = {
+    enable = mkEnableOption "Enable zfs snapshots";
+
+    pools = mkOption {
+      default = {};
+      type = with types;
+        attrsOf (submodule (
+          {...}: {
+            options = {
+              mountpoint = mkOption {type = str;};
+              zfs_name = mkOption {type = str;};
+              #paths = mkOption { type = listOf str; };
+              #backup_at = mkOption { type = str; };
+            };
+          }
+        ));
+    };
+  };
+
+  config = with config.mj.base.snapshot;
+    mkIf enable {
+      sanoid = {
+        enable = true;
+        templates.prod = {
+          hourly = 24;
+          daily = 7;
+          autosnap = true;
+          autoprune = true;
+        };
+        datasets =
+          lib.mapAttrs' (name: value: {
+            name = value.zfs_name;
+            value = {use_template = ["prod"];};
+          })
+          pools;
+        extraArgs = ["--verbose"];
+      };
+    };
+}