dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

expose the path to the backup passphrase as an option

Browse source
This commit is contained in:
Tim Schubert 2022-07-17 20:40:12 +02:00
parent c0202bbdef
commit fa2ff2bd39
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
4 changed files with 29 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

5
nixos/gorgon/configuration.nix
View file

@ -46,9 +46,8 @@ in
vpnExtension = "3"; vpnExtension = "3";
}; };
backupClient = { backupClient = {
enable = true; bs.enable = true;
bs = true; gs.enable = false;
gs = false;
}; };
}; };

33
nixos/modules/backup.nix
View file

@ -24,14 +24,30 @@ in
{ {
options = { options = {
dadada.backupClient = { dadada.backupClient = {
enable = mkEnableOption "Enable backup client"; gs = {
gs = mkEnableOption "Enable backup to GS location"; enable = mkEnableOption "Enable backup to GS location";
bs = mkEnableOption "Enable backup to BS location"; passphrasePath = mkOption {
type = with types; nullOr str;
description = ''
The path to the passphrase file.
'';
default = "/var/lib/borgbackup/gs/passphrase";
};
};
bs = {
enable = mkEnableOption "Enable backup to BS location";
passphrasePath = mkOption {
type = with types; nullOr str;
description = ''
The path to the passphrase file.
'';
default = "/var/lib/borgbackup/bs/passphrase";
};
};
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.gs.enable {
fileSystems = mkIf cfg.gs { fileSystems = mkIf cfg.gs {
"/backup" = { "/backup" = {
device = "/dev/disk/by-uuid/0fdab735-cc3e-493a-b4ec-cbf6a77d48d5"; device = "/dev/disk/by-uuid/0fdab735-cc3e-493a-b4ec-cbf6a77d48d5";
@ -47,7 +63,7 @@ in
doInit = false; doInit = false;
encryption = { encryption = {
mode = "repokey"; mode = "repokey";
passCommand = "cat /var/lib/borgbackup/gs/passphrase"; passCommand = "cat ${cfg.gs.passphrasePath}";
}; };
compression = "auto,lz4"; compression = "auto,lz4";
prune.keep = { prune.keep = {
@ -58,7 +74,7 @@ in
yearly = -1; # Keep at least one archive for each year yearly = -1; # Keep at least one archive for each year
}; };
startAt = "monthly"; startAt = "monthly";
}; } // mkIf cfg.bs.enable {
services.borgbackup.jobs.bs = mkIf cfg.bs { services.borgbackup.jobs.bs = mkIf cfg.bs {
paths = "/"; paths = "/";
@ -70,7 +86,7 @@ in
}; };
encryption = { encryption = {
mode = "repokey"; mode = "repokey";
passCommand = "cat /var/lib/borgbackup/bs/passphrase"; passCommand = "cat ${cfg.bs.passphrasePath}";
}; };
compression = "auto,lz4"; compression = "auto,lz4";
startAt = "daily"; startAt = "daily";
@ -79,4 +95,5 @@ in
}; };
}; };
}; };
};
} }

3
nixos/pruflas/configuration.nix
View file

@ -42,8 +42,7 @@ in {
dadada.admin.enable = true; dadada.admin.enable = true;
dadada.backupClient = { dadada.backupClient = {
enable = true; bs.enable = true;
bs = true;
}; };
networking.useDHCP = false; networking.useDHCP = false;

3
nixos/surgat/configuration.nix
View file

@ -49,8 +49,7 @@ in
dadada.homePage.enable = true; dadada.homePage.enable = true;
dadada.share.enable = true; dadada.share.enable = true;
dadada.backupClient = { dadada.backupClient = {
enable = true; bs.enable = true;
bs = true;
}; };
networking.useDHCP = false; networking.useDHCP = false;