diff --git a/hosts/vno1-oh2/configuration.nix b/hosts/vno1-oh2/configuration.nix index 12fe4b0..463d2f8 100644 --- a/hosts/vno1-oh2/configuration.nix +++ b/hosts/vno1-oh2/configuration.nix @@ -49,8 +49,9 @@ enable = true; passwordPath = config.age.secrets.borgbackup-password.path; sshKeyPath = "/etc/ssh/ssh_host_ed25519_key"; - mountpoints = { - "/var/lib" = { + dirs = [ + { + mountpoint = "/var/lib"; repo = "zh2769@zh2769.rsync.net:${config.networking.hostName}.${config.networking.domain}-var_lib"; paths = [ "/var/lib/.snapshot-latest/bitwarden_rs" @@ -64,8 +65,9 @@ "/var/lib/.snapshot-latest/private/soju" ]; backup_at = "*-*-* 00:01:00"; - }; - "/var/log" = { + } + { + mountpoint = "/var/log"; repo = "zh2769@zh2769.rsync.net:${config.networking.hostName}.${config.networking.domain}-var_log"; paths = ["/var/log/.snapshot-latest/caddy/"]; patterns = [ @@ -73,16 +75,17 @@ "- *" ]; backup_at = "*-*-* 00:01:00"; - }; - "/home" = { + } + { + mountpoint = "/home"; repo = "zh2769@zh2769.rsync.net:${config.networking.hostName}.${config.networking.domain}-home-motiejus-annex2"; paths = [ "/home/.snapshot-latest/motiejus/annex2" "/home/.snapshot-latest/motiejus/.config/syncthing" ]; backup_at = "*-*-* 00:05:00 UTC"; - }; - }; + } + ]; }; unitstatus = { diff --git a/modules/base/zfsborg/default.nix b/modules/base/zfsborg/default.nix index 82f2fd8..d4a4b0e 100644 --- a/modules/base/zfsborg/default.nix +++ b/modules/base/zfsborg/default.nix @@ -24,11 +24,12 @@ in { default = null; }; - mountpoints = lib.mkOption { + dirs = lib.mkOption { default = {}; - type = attrsOf (submodule ( + type = listOf (submodule ( {...}: { options = { + mountpoint = lib.mkOption {type = path;}; repo = lib.mkOption {type = str;}; paths = lib.mkOption {type = listOf path;}; patterns = lib.mkOption { @@ -42,65 +43,68 @@ in { }; }; - config = lib.mkIf config.mj.base.zfsborg.enable { - systemd.services."zfsborg-snapshot-dirs" = let - mountpoints = lib.unique (lib.attrNames config.mj.base.zfsborg.mountpoints); - in { - description = "zfsborg prepare snapshot directories"; - wantedBy = ["multi-user.target"]; - serviceConfig = { - Type = "oneshot"; - ExecStart = - builtins.map - (d: "${pkgs.coreutils}/bin/mkdir -p ${d}/.snapshot-latest") - mountpoints; - RemainAfterExit = true; + config = with config.mj.base.zfsborg; + lib.mkIf enable { + systemd.services."zfsborg-snapshot-dirs" = let + mountpoints = lib.unique (lib.catAttrs "mountpoint" dirs); + in { + description = "zfsborg prepare snapshot directories"; + wantedBy = ["multi-user.target"]; + serviceConfig = { + Type = "oneshot"; + ExecStart = + builtins.map + (d: "${pkgs.coreutils}/bin/mkdir -p ${d}/.snapshot-latest") + mountpoints; + RemainAfterExit = true; + }; }; + + services.borgbackup.jobs = builtins.listToAttrs ( + map (attrs: let + mountpoint = builtins.getAttr "mountpoint" attrs; + fs = builtins.getAttr mountpoint config.fileSystems; + in + assert fs.fsType == "zfs"; + assert lib.assertMsg + config.mj.base.unitstatus.enable + "config.mj.base.unitstatus.enable must be true"; { + name = lib.strings.sanitizeDerivationName mountpoint; + value = + { + doInit = true; + repo = attrs.repo; + encryption = { + mode = "repokey-blake2"; + passCommand = "cat ${config.mj.base.zfsborg.passwordPath}"; + }; + paths = attrs.paths; + extraArgs = "--remote-path=borg1"; + compression = "auto,lzma"; + startAt = attrs.backup_at; + readWritePaths = let p = mountpoint + "/.snapshot-latest"; in [p]; + preHook = mountLatest mountpoint fs.device; + postHook = umountLatest mountpoint; + prune.keep = { + within = "1d"; + daily = 7; + weekly = 4; + monthly = 3; + }; + } + // lib.optionalAttrs (attrs ? patterns) { + patterns = attrs.patterns; + } + // lib.optionalAttrs (sshKeyPath != null) { + environment.BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"''; + }; + }) + dirs + ); + + mj.base.unitstatus.units = let + sanitized = map lib.strings.sanitizeDerivationName (lib.catAttrs "mountpoint" dirs); + in + map (n: "borgbackup-job-${n}") sanitized; }; - - services.borgbackup.jobs = lib.mapAttrs' (mountpoint: attrs: let - fs = builtins.getAttr mountpoint config.fileSystems; - in - assert fs.fsType == "zfs"; - assert lib.assertMsg - config.mj.base.unitstatus.enable - "config.mj.base.unitstatus.enable must be true"; { - name = lib.strings.sanitizeDerivationName mountpoint; - value = - { - doInit = true; - repo = attrs.repo; - encryption = { - mode = "repokey-blake2"; - passCommand = "cat ${config.mj.base.zfsborg.passwordPath}"; - }; - paths = attrs.paths; - extraArgs = "--remote-path=borg1"; - compression = "auto,lzma"; - startAt = attrs.backup_at; - readWritePaths = let p = mountpoint + "/.snapshot-latest"; in [p]; - preHook = mountLatest mountpoint fs.device; - postHook = umountLatest mountpoint; - prune.keep = { - within = "1d"; - daily = 7; - weekly = 4; - monthly = 3; - }; - } - // lib.optionalAttrs (attrs ? patterns) { - patterns = attrs.patterns; - } - // lib.optionalAttrs (config.mj.base.zfsborg.sshKeyPath != null) { - environment.BORG_RSH = ''ssh -i "${config.mj.base.zfsborg.sshKeyPath}"''; - }; - }) - config.mj.base.zfsborg.mountpoints; - - mj.base.unitstatus.units = let - mounts = config.mj.base.zfsborg.mountpoints; - sanitized = map lib.strings.sanitizeDerivationName (lib.attrNames mounts); - in - map (n: "borgbackup-job-${n}") sanitized; - }; }