nixos-configs/devices/servivi/modules/borgbackup.nix

{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.services.borgbackup;
  secrets = config.sops.secrets;
in {
  # Make this file declare default settings
  options.services.borgbackup = {
    defaults = mkOption {
      type = types.attrs;
    };
    configs = mkOption {
      type = types.attrs;
    };
  };

  config = {
    programs.ssh.knownHosts = {
      pve.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/4mrp8E4Ittwg8feRmPtDHSDR2+Pq4uZHeF5MweVcW";
    };

    services.borgbackup = {
      defaults = {
        environment = mkDefault {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";};

        repo = mkDefault "ssh://matt@pve/data/backups/borg";
        encryption = mkDefault {
          mode = "repokey";
          passCommand = let
            cat = "${pkgs.coreutils}/bin/cat";
            key = secrets.borg-repo.path;
          in "${cat} ${key}";
        };

        # Run every 3 hours
        startAt = mkDefault "00/3:00";
        compression = mkDefault "auto,lzma";
      };

      jobs = let
        tempJobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;
      in
        mapAttrs (n: v: let
          attrs = filterAttrs (n: _: n != "preHook" || n != "postHook" || n != "paths") v;
          pathPrefix = "/root/snaps";
          snapPath = "${pathPrefix}/${n}";
        in
          attrs
          // {
            paths = map (x: snapPath + x) v.paths;

            preHook =
              v.preHook
              or ""
              +
              /*
              bash
              */
              ''
                if [[ ! -d ${pathPrefix} ]]; then
                    mkdir -p ${pathPrefix}
                fi

                ${pkgs.btrfs-progs}/bin/btrfs subvolume snapshot -r / ${snapPath}
              '';

            postHook =
              /*
              bash
              */
              ''
                ${pkgs.btrfs-progs}/bin/btrfs subvolume delete ${snapPath}
              ''
              + v.postHook or "";
          })
        tempJobs;
    };
  };
}
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
refactor: make sshd module and some code refactor 2023-12-27 11:39:38 -05:00			`}:`
			`with lib; let`
			`cfg = config.services.borgbackup;`
			`secrets = config.sops.secrets;`
			`in {`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`# Make this file declare default settings`
refactor: make sshd module and some code refactor 2023-12-27 11:39:38 -05:00			`options.services.borgbackup = {`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`defaults = mkOption {`
			`type = types.attrs;`
			`};`
refactor: make sshd module and some code refactor 2023-12-27 11:39:38 -05:00			`configs = mkOption {`
			`type = types.attrs;`
			`};`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`};`

			`config = {`
			`programs.ssh.knownHosts = {`
			`pve.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/4mrp8E4Ittwg8feRmPtDHSDR2+Pq4uZHeF5MweVcW";`
			`};`

			`services.borgbackup = {`
			`defaults = {`
fix(borg): make job defaults overridable 2024-01-06 22:47:50 -05:00			`environment = mkDefault {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";};`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00
fix(borg): make job defaults overridable 2024-01-06 22:47:50 -05:00			`repo = mkDefault "ssh://matt@pve/data/backups/borg";`
			`encryption = mkDefault {`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`mode = "repokey";`
			`passCommand = let`
			`cat = "${pkgs.coreutils}/bin/cat";`
refactor: make sshd module and some code refactor 2023-12-27 11:39:38 -05:00			`key = secrets.borg-repo.path;`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`in "${cat} ${key}";`
			`};`

			`# Run every 3 hours`
fix(borg): make job defaults overridable 2024-01-06 22:47:50 -05:00			`startAt = mkDefault "00/3:00";`
			`compression = mkDefault "auto,lzma";`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`};`
refactor: make sshd module and some code refactor 2023-12-27 11:39:38 -05:00
feat(servers): make backups from snapshots so shutting down services isnt needed 2024-01-07 02:05:16 -05:00			`jobs = let`
			`tempJobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;`
			`in`
			`mapAttrs (n: v: let`
			`attrs = filterAttrs (n: _: n != "preHook" \|\| n != "postHook" \|\| n != "paths") v;`
			`pathPrefix = "/root/snaps";`
			`snapPath = "${pathPrefix}/${n}";`
			`in`
			`attrs`
			`// {`
			`paths = map (x: snapPath + x) v.paths;`

style: add lang comments for treesitter language injection 2024-01-08 11:25:18 -05:00			`preHook =`
			`v.preHook`
			`or ""`
			`+`
			`/*`
			`bash`
			`*/`
			`''`
			`if [[ ! -d ${pathPrefix} ]]; then`
			`mkdir -p ${pathPrefix}`
			`fi`
feat(servers): make backups from snapshots so shutting down services isnt needed 2024-01-07 02:05:16 -05:00
style: add lang comments for treesitter language injection 2024-01-08 11:25:18 -05:00			`${pkgs.btrfs-progs}/bin/btrfs subvolume snapshot -r / ${snapPath}`
			`'';`
feat(servers): make backups from snapshots so shutting down services isnt needed 2024-01-07 02:05:16 -05:00
style: add lang comments for treesitter language injection 2024-01-08 11:25:18 -05:00			`postHook =`
			`/*`
			`bash`
			`*/`
			`''`
			`${pkgs.btrfs-progs}/bin/btrfs subvolume delete ${snapPath}`
			`''`
			`+ v.postHook or "";`
feat(servers): make backups from snapshots so shutting down services isnt needed 2024-01-07 02:05:16 -05:00			`})`
			`tempJobs;`
feat(servers): switch to borgbackup jobs for granular control 2023-12-27 01:59:28 -05:00			`};`
			`};`
			`}`