dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

nixos/services.duplicity: remove with lib;

Browse Source
This commit is contained in:
Felix Buehler 2024-08-30 00:46:40 +02:00
parent 699a0f8601
commit 01218209dc
1 changed files with 39 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
nixos/modules/services/backup/duplicity.nix
View File

@ -1,30 +1,28 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.duplicity;
stateDirectory = "/var/lib/duplicity";
localTarget =
if hasPrefix "file://" cfg.targetUrl
then removePrefix "file://" cfg.targetUrl else null;
if lib.hasPrefix "file://" cfg.targetUrl
then lib.removePrefix "file://" cfg.targetUrl else null;
in
{
options.services.duplicity = {
enable = mkEnableOption "backups with duplicity";
enable = lib.mkEnableOption "backups with duplicity";
root = mkOption {
type = types.path;
root = lib.mkOption {
type = lib.types.path;
default = "/";
description = ''
Root directory to backup.
'';
};
include = mkOption {
type = types.listOf types.str;
include = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "/home" ];
description = ''
@ -33,8 +31,8 @@ in
'';
};
exclude = mkOption {
type = types.listOf types.str;
exclude = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = ''
List of paths to exclude from backups. See the FILE SELECTION section in
@ -42,8 +40,8 @@ in
'';
};
includeFileList = mkOption {
type = types.nullOr types.path;
includeFileList = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = /path/to/fileList.txt;
description = ''
@ -53,8 +51,8 @@ in
'';
};
excludeFileList = mkOption {
type = types.nullOr types.path;
excludeFileList = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = /path/to/fileList.txt;
description = ''
@ -64,8 +62,8 @@ in
'';
};
targetUrl = mkOption {
type = types.str;
targetUrl = lib.mkOption {
type = lib.types.str;
example = "s3://host:port/prefix";
description = ''
Target url to backup to. See the URL FORMAT section in
@ -73,8 +71,8 @@ in
'';
};
secretFile = mkOption {
type = types.nullOr types.path;
secretFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
Path of a file containing secrets (gpg passphrase, access key...) in
@ -88,8 +86,8 @@ in
'';
};
frequency = mkOption {
type = types.nullOr types.str;
frequency = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "daily";
description = ''
Run duplicity with the given frequency (see
@ -98,8 +96,8 @@ in
'';
};
extraFlags = mkOption {
type = types.listOf types.str;
extraFlags = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "--backend-retry-delay" "100" ];
description = ''
@ -108,8 +106,8 @@ in
'';
};
fullIfOlderThan = mkOption {
type = types.str;
fullIfOlderThan = lib.mkOption {
type = lib.types.str;
default = "never";
example = "1M";
description = ''
@ -123,8 +121,8 @@ in
};
cleanup = {
maxAge = mkOption {
type = types.nullOr types.str;
maxAge = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "6M";
description = ''
@ -132,8 +130,8 @@ in
will not be deleted if backup sets newer than time depend on them.
'';
};
maxFull = mkOption {
type = types.nullOr types.int;
maxFull = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 2;
description = ''
@ -142,8 +140,8 @@ in
associated incremental sets).
'';
};
maxIncr = mkOption {
type = types.nullOr types.int;
maxIncr = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 1;
description = ''
@ -155,7 +153,7 @@ in
};
};
config = mkIf cfg.enable {
config = lib.mkIf cfg.enable {
systemd = {
services.duplicity = {
description = "backup files with duplicity";
@ -164,8 +162,8 @@ in
script =
let
target = escapeShellArg cfg.targetUrl;
extra = escapeShellArgs ([ "--archive-dir" stateDirectory ] ++ cfg.extraFlags);
target = lib.escapeShellArg cfg.targetUrl;
extra = lib.escapeShellArgs ([ "--archive-dir" stateDirectory ] ++ cfg.extraFlags);
dup = "${pkgs.duplicity}/bin/duplicity";
in
''
@ -178,8 +176,8 @@ in
[ cfg.root cfg.targetUrl ]
++ lib.optionals (cfg.includeFileList != null) [ "--include-filelist" cfg.includeFileList ]
++ lib.optionals (cfg.excludeFileList != null) [ "--exclude-filelist" cfg.excludeFileList ]
++ concatMap (p: [ "--include" p ]) cfg.include
++ concatMap (p: [ "--exclude" p ]) cfg.exclude
++ lib.concatMap (p: [ "--include" p ]) cfg.include
++ lib.concatMap (p: [ "--exclude" p ]) cfg.exclude
++ (lib.optionals (cfg.fullIfOlderThan != "never" && cfg.fullIfOlderThan != "always") [ "--full-if-older-than" cfg.fullIfOlderThan ])
)} ${extra}
'';
@ -188,19 +186,19 @@ in
ProtectSystem = "strict";
ProtectHome = "read-only";
StateDirectory = baseNameOf stateDirectory;
} // optionalAttrs (localTarget != null) {
} // lib.optionalAttrs (localTarget != null) {
ReadWritePaths = localTarget;
} // optionalAttrs (cfg.secretFile != null) {
} // lib.optionalAttrs (cfg.secretFile != null) {
EnvironmentFile = cfg.secretFile;
};
} // optionalAttrs (cfg.frequency != null) {
} // lib.optionalAttrs (cfg.frequency != null) {
startAt = cfg.frequency;
};
tmpfiles.rules = optional (localTarget != null) "d ${localTarget} 0700 root root -";
tmpfiles.rules = lib.optional (localTarget != null) "d ${localTarget} 0700 root root -";
};
assertions = singleton {
assertions = lib.singleton {
# Duplicity will fail if the last file selection option is an include. It
# is not always possible to detect but this simple case can be caught.
assertion = cfg.include != [ ] -> cfg.exclude != [ ] || cfg.extraFlags != [ ];