From 63e0ca56cb865c5b4e2992da93664c31f902f027 Mon Sep 17 00:00:00 2001
From: matt1432 <matt@nelim.org>
Date: Sun, 7 Jan 2024 02:05:16 -0500
Subject: [PATCH] feat(servers): make backups from snapshots so shutting down
 services isnt needed

---
 devices/servivi/modules/arion/default.nix | 15 ++++++---
 devices/servivi/modules/borgbackup.nix    | 37 +++++++++++++++--------
 2 files changed, 36 insertions(+), 16 deletions(-)

diff --git a/devices/servivi/modules/arion/default.nix b/devices/servivi/modules/arion/default.nix
index c118e7b..04dce27 100644
--- a/devices/servivi/modules/arion/default.nix
+++ b/devices/servivi/modules/arion/default.nix
@@ -7,12 +7,18 @@
 with lib;
 with builtins; let
   user = config.vars.user;
+  configPath = "/var/lib/arion";
 in {
   imports = [arion.nixosModules.arion];
 
   users.extraUsers.${user}.extraGroups = ["podman"];
   home-manager.users.${user}.programs.bash.shellAliases = {
-    podman = "sudo podman ";
+    podman = "sudo podman";
+  };
+
+  services.borgbackup.configs.arion = {
+    paths = [configPath];
+    exclude = ["**/lineageos*"];
   };
 
   virtualisation = {
@@ -26,8 +32,6 @@ in {
       backend = "podman-socket";
 
       projects = let
-        configPath = "/var/lib/arion";
-
         composeFiles =
           filter (n: hasSuffix "compose.nix" (toString n))
           (filesystem.listFilesRecursive ./.);
@@ -37,7 +41,10 @@ in {
 
             value = import p (inputs
               // {
-                rwPath = configPath + "/" + elemAt (match "[^-]*-(.*)" "${dirOf p}") 0;
+                rwPath =
+                  configPath
+                  + "/"
+                  + elemAt (match "[^-]*-(.*)" "${dirOf p}") 0;
               });
           })
           composeFiles));
diff --git a/devices/servivi/modules/borgbackup.nix b/devices/servivi/modules/borgbackup.nix
index 7dd58ad..5a07f26 100644
--- a/devices/servivi/modules/borgbackup.nix
+++ b/devices/servivi/modules/borgbackup.nix
@@ -19,23 +19,12 @@ in {
   };
 
   config = {
-    users.groups.borg = {};
-    users.users.borg = {
-      isSystemUser = true;
-      # https://mynixos.com/nixpkgs/option/services.borgbackup.jobs.%3Cname%3E.readWritePaths
-      createHome = true;
-      home = "/var/lib/borg";
-      group = "borg";
-      extraGroups = ["mc"];
-    };
-
     programs.ssh.knownHosts = {
       pve.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG/4mrp8E4Ittwg8feRmPtDHSDR2+Pq4uZHeF5MweVcW";
     };
 
     services.borgbackup = {
       defaults = {
-        user = mkDefault "borg";
         environment = mkDefault {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";};
 
         repo = mkDefault "ssh://matt@pve/data/backups/borg";
@@ -52,7 +41,31 @@ in {
         compression = mkDefault "auto,lzma";
       };
 
-      jobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;
+      jobs = let
+        tempJobs = mapAttrs (_: v: cfg.defaults // v) cfg.configs;
+      in
+        mapAttrs (n: v: let
+          attrs = filterAttrs (n: _: n != "preHook" || n != "postHook" || n != "paths") v;
+          pathPrefix = "/root/snaps";
+          snapPath = "${pathPrefix}/${n}";
+        in
+          attrs
+          // {
+            paths = map (x: snapPath + x) v.paths;
+
+            preHook = v.preHook or "" + ''
+              if [[ ! -d ${pathPrefix} ]]; then
+                mkdir -p ${pathPrefix}
+              fi
+
+              ${pkgs.btrfs-progs}/bin/btrfs subvolume snapshot -r / ${snapPath}
+            '';
+
+            postHook = ''
+              ${pkgs.btrfs-progs}/bin/btrfs subvolume delete ${snapPath}
+            '' + v.postHook or "";
+          })
+        tempJobs;
     };
   };
 }