matt1432/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(borg): support specifying different hosts for repos
All checks were successful
Discord / discord commits (push) Has been skipped
Details

Browse source
This commit is contained in:
matt1432 2024-09-13 01:58:00 -04:00
parent 65061bac48
commit 27e5b1671d
2 changed files with 20 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
nixosModules/borgbackup/default.nix
View file

@ -5,6 +5,7 @@
existingRepos = [ existingRepos = [
{ {
name = "docker"; name = "docker";
host = "nos";
authorizedKeys = [ authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi"
]; ];
@ -12,6 +13,7 @@
{ {
name = "mc"; name = "mc";
host = "nos";
authorizedKeys = [ authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi"
]; ];
@ -19,6 +21,7 @@
{ {
name = "seven-days"; name = "seven-days";
host = "nos";
authorizedKeys = [ authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPijoxuSwH9IrS4poewzHHwe64UoX4QY7Qix5VhEdqKR root@servivi"
]; ];

27
nixosModules/borgbackup/module.nix
View file

@ -4,8 +4,8 @@
pkgs, pkgs,
... ...
}: let }: let
inherit (lib) all any attrValues length mapAttrs mkIf mkOption types; inherit (lib) all any attrValues findSingle length mapAttrs mkIf mkOption types;
inherit (builtins) listToAttrs removeAttrs; inherit (builtins) filter hasAttr listToAttrs removeAttrs;
inherit (config.sops) secrets; inherit (config.sops) secrets;
inherit (config.vars) hostName; inherit (config.vars) hostName;
@ -182,6 +182,9 @@ in {
name = mkOption { name = mkOption {
type = types.str; type = types.str;
}; };
host = mkOption {
type = types.str;
};
authorizedKeys = mkOption { authorizedKeys = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
@ -206,20 +209,24 @@ in {
]; ];
services.borgbackup = let services.borgbackup = let
backupDir = "/data/borgbackups"; backupDir = {
nos = "/data/borgbackups";
servivi = "/home/backups";
};
in { in {
repos = repos =
mkIf (hostName == "nos" && length cfg.existingRepos > 0) mkIf (length cfg.existingRepos > 0)
(listToAttrs (map (r: { (listToAttrs (map (r: {
inherit (r) name; inherit (r) name;
value = { value = {
authorizedKeysAppendOnly = r.authorizedKeys; authorizedKeysAppendOnly = r.authorizedKeys;
path = "${backupDir}/${r.name}"; path = "${backupDir.${hostName}}/${r.name}";
}; };
}) })
cfg.existingRepos)); (filter (x: x.host == hostName) cfg.existingRepos)));
jobs = mapAttrs (n: v: let jobs = mapAttrs (n: v: let
existingRepo = findSingle (x: x.name == v.repo) null null cfg.existingRepos;
otherAttrs = removeAttrs v [ otherAttrs = removeAttrs v [
"environment" "environment"
"paths" "paths"
@ -233,7 +240,7 @@ in {
{ {
environment = environment =
v.environment v.environment
// (mkIf (hostName != "nos") { // (mkIf (hasAttr "borg-ssh" secrets) {
BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i ${secrets.borg-ssh.path}"; BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i ${secrets.borg-ssh.path}";
}); });
@ -256,9 +263,9 @@ in {
''; '';
repo = repo =
if (hostName != "nos") if (hostName != existingRepo.host)
then "ssh://borg@nos${backupDir}/${v.repo}" then "ssh://borg@${existingRepo.host}${backupDir.${existingRepo.host}}/${v.repo}"
else "${backupDir}/${v.repo}"; else "${backupDir.${existingRepo.host}}/${v.repo}";
} }
// otherAttrs) // otherAttrs)
cfg.configs; cfg.configs;