motiejus/config
1
Fork 0
Code Packages Releases Activity

zfsborg: restructure config

Browse Source 
Preparing for 2 repo destinations.
This commit is contained in:
Motiejus Jakštys 2023-09-11 17:25:12 +03:00
parent 866347b042
commit 583f74cf3f
2 changed files with 76 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
hosts/vno1-oh2/configuration.nix
View File

@ -49,8 +49,9 @@
enable = true;
passwordPath = config.age.secrets.borgbackup-password.path;
sshKeyPath = "/etc/ssh/ssh_host_ed25519_key";
mountpoints = {
"/var/lib" = {
dirs = [
{
mountpoint = "/var/lib";
repo = "zh2769@zh2769.rsync.net:${config.networking.hostName}.${config.networking.domain}-var_lib";
paths = [
"/var/lib/.snapshot-latest/bitwarden_rs"
@ -64,8 +65,9 @@
"/var/lib/.snapshot-latest/private/soju"
];
backup_at = "*-*-* 00:01:00";
};
"/var/log" = {
}
{
mountpoint = "/var/log";
repo = "zh2769@zh2769.rsync.net:${config.networking.hostName}.${config.networking.domain}-var_log";
paths = ["/var/log/.snapshot-latest/caddy/"];
patterns = [
@ -73,16 +75,17 @@
"- *"
];
backup_at = "*-*-* 00:01:00";
};
"/home" = {
}
{
mountpoint = "/home";
repo = "zh2769@zh2769.rsync.net:${config.networking.hostName}.${config.networking.domain}-home-motiejus-annex2";
paths = [
"/home/.snapshot-latest/motiejus/annex2"
"/home/.snapshot-latest/motiejus/.config/syncthing"
];
backup_at = "*-*-* 00:05:00 UTC";
};
};
}
];
};
unitstatus = {

126
modules/base/zfsborg/default.nix
View File

@ -24,11 +24,12 @@ in {
default = null;
};
mountpoints = lib.mkOption {
dirs = lib.mkOption {
default = {};
type = attrsOf (submodule (
type = listOf (submodule (
{...}: {
options = {
mountpoint = lib.mkOption {type = path;};
repo = lib.mkOption {type = str;};
paths = lib.mkOption {type = listOf path;};
patterns = lib.mkOption {
@ -42,65 +43,68 @@ in {
};
};
config = lib.mkIf config.mj.base.zfsborg.enable {
systemd.services."zfsborg-snapshot-dirs" = let
mountpoints = lib.unique (lib.attrNames config.mj.base.zfsborg.mountpoints);
in {
description = "zfsborg prepare snapshot directories";
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "oneshot";
ExecStart =
builtins.map
(d: "${pkgs.coreutils}/bin/mkdir -p ${d}/.snapshot-latest")
mountpoints;
RemainAfterExit = true;
config = with config.mj.base.zfsborg;
lib.mkIf enable {
systemd.services."zfsborg-snapshot-dirs" = let
mountpoints = lib.unique (lib.catAttrs "mountpoint" dirs);
in {
description = "zfsborg prepare snapshot directories";
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "oneshot";
ExecStart =
builtins.map
(d: "${pkgs.coreutils}/bin/mkdir -p ${d}/.snapshot-latest")
mountpoints;
RemainAfterExit = true;
};
};
services.borgbackup.jobs = builtins.listToAttrs (
map (attrs: let
mountpoint = builtins.getAttr "mountpoint" attrs;
fs = builtins.getAttr mountpoint config.fileSystems;
in
assert fs.fsType == "zfs";
assert lib.assertMsg
config.mj.base.unitstatus.enable
"config.mj.base.unitstatus.enable must be true"; {
name = lib.strings.sanitizeDerivationName mountpoint;
value =
{
doInit = true;
repo = attrs.repo;
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.mj.base.zfsborg.passwordPath}";
};
paths = attrs.paths;
extraArgs = "--remote-path=borg1";
compression = "auto,lzma";
startAt = attrs.backup_at;
readWritePaths = let p = mountpoint + "/.snapshot-latest"; in [p];
preHook = mountLatest mountpoint fs.device;
postHook = umountLatest mountpoint;
prune.keep = {
within = "1d";
daily = 7;
weekly = 4;
monthly = 3;
};
}
// lib.optionalAttrs (attrs ? patterns) {
patterns = attrs.patterns;
}
// lib.optionalAttrs (sshKeyPath != null) {
environment.BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"'';
};
})
dirs
);
mj.base.unitstatus.units = let
sanitized = map lib.strings.sanitizeDerivationName (lib.catAttrs "mountpoint" dirs);
in
map (n: "borgbackup-job-${n}") sanitized;
};
services.borgbackup.jobs = lib.mapAttrs' (mountpoint: attrs: let
fs = builtins.getAttr mountpoint config.fileSystems;
in
assert fs.fsType == "zfs";
assert lib.assertMsg
config.mj.base.unitstatus.enable
"config.mj.base.unitstatus.enable must be true"; {
name = lib.strings.sanitizeDerivationName mountpoint;
value =
{
doInit = true;
repo = attrs.repo;
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.mj.base.zfsborg.passwordPath}";
};
paths = attrs.paths;
extraArgs = "--remote-path=borg1";
compression = "auto,lzma";
startAt = attrs.backup_at;
readWritePaths = let p = mountpoint + "/.snapshot-latest"; in [p];
preHook = mountLatest mountpoint fs.device;
postHook = umountLatest mountpoint;
prune.keep = {
within = "1d";
daily = 7;
weekly = 4;
monthly = 3;
};
}
// lib.optionalAttrs (attrs ? patterns) {
patterns = attrs.patterns;
}
// lib.optionalAttrs (config.mj.base.zfsborg.sshKeyPath != null) {
environment.BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"'';
};
})
config.mj.base.zfsborg.mountpoints;
mj.base.unitstatus.units = let
mounts = config.mj.base.zfsborg.mountpoints;
sanitized = map lib.strings.sanitizeDerivationName (lib.attrNames mounts);
in
map (n: "borgbackup-job-${n}") sanitized;
};
}