modules/backup: Migrate automatic backups to clerie-backup backend
This commit is contained in:
parent
d17c2855ac
commit
61a7d64452
@ -21,18 +21,11 @@ let
|
|||||||
) cfg.jobs
|
) cfg.jobs
|
||||||
);
|
);
|
||||||
|
|
||||||
backupServiceUnits = listToAttrs (map ({jobName, jobOptions, targetName, targetOptions}: let
|
backupServiceUnits = listToAttrs (map ({jobName, jobOptions, targetName, targetOptions}:
|
||||||
jobPasswordFile = if jobOptions.passwordFile != null then jobOptions.passwordFile else
|
|
||||||
config.sops.secrets."clerie-backup-job-${jobName}".path;
|
|
||||||
repoPath = if jobOptions.repoPath == null then "/${config.networking.hostName}/${jobName}" else jobOptions.repoPath;
|
|
||||||
targetPasswordFile = if targetOptions.passwordFile != null then targetOptions.passwordFile else
|
|
||||||
config.sops.secrets."clerie-backup-target-${targetName}".path;
|
|
||||||
targetUsername = if targetOptions.username == null then config.networking.hostName else targetOptions.username;
|
|
||||||
in
|
|
||||||
nameValuePair "clerie-backup-${jobName}-${targetName}" {
|
nameValuePair "clerie-backup-${jobName}-${targetName}" {
|
||||||
requires = [ "network.target" "local-fs.target" ];
|
requires = [ "network.target" "local-fs.target" ];
|
||||||
after = [ "network.target" "local-fs.target" ];
|
after = [ "network.target" "local-fs.target" ];
|
||||||
path = [ pkgs.restic ];
|
path = [ pkgs.clerie-backup ];
|
||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
@ -41,14 +34,7 @@ let
|
|||||||
script = ''
|
script = ''
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
export RESTIC_PASSWORD_FILE=${jobPasswordFile}
|
clerie-backup "${jobName}-${targetName}" backup
|
||||||
export RESTIC_REPOSITORY="rest:https://${targetUsername}:$(cat ${targetPasswordFile})@${targetOptions.serverName}${repoPath}"
|
|
||||||
export RESTIC_PROGRESS_FPS=0.1
|
|
||||||
export RESTIC_CACHE_DIR=/var/cache/restic
|
|
||||||
|
|
||||||
restic snapshots --latest 1 || restic init
|
|
||||||
|
|
||||||
restic backup ${optionalString (jobOptions.exclude != []) "--exclude-file ${pkgs.writeText "clerie-backup-${jobName}-${targetName}-excludes" (concatStringsSep "\n" jobOptions.exclude)}"} ${escapeShellArgs jobOptions.paths}
|
|
||||||
|
|
||||||
${optionalString (config.clerie.monitoring.enable) ''
|
${optionalString (config.clerie.monitoring.enable) ''
|
||||||
echo "clerie_backup_last_successful_run_time{backup_job=\"${jobName}\", backup_target=\"${targetName}\"} $(date +%s)" > /var/lib/prometheus-node-exporter/textfiles/clerie-backup-${jobName}-${targetName}.prom
|
echo "clerie_backup_last_successful_run_time{backup_job=\"${jobName}\", backup_target=\"${targetName}\"} $(date +%s)" > /var/lib/prometheus-node-exporter/textfiles/clerie-backup-${jobName}-${targetName}.prom
|
||||||
@ -69,32 +55,22 @@ let
|
|||||||
}
|
}
|
||||||
) jobTargetPairs);
|
) jobTargetPairs);
|
||||||
|
|
||||||
backupCommands = map ({jobName, jobOptions, targetName, targetOptions}: let
|
backupConfigs = mergeAttrsList (map ({jobName, jobOptions, targetName, targetOptions}: let
|
||||||
jobPasswordFile = if jobOptions.passwordFile != null then jobOptions.passwordFile else
|
jobPasswordFile = if jobOptions.passwordFile != null then jobOptions.passwordFile else
|
||||||
config.sops.secrets."clerie-backup-job-${jobName}".path;
|
config.sops.secrets."clerie-backup-job-${jobName}".path;
|
||||||
repoPath = if jobOptions.repoPath == null then "/${config.networking.hostName}/${jobName}" else jobOptions.repoPath;
|
repoPath = if jobOptions.repoPath == null then "/${config.networking.hostName}/${jobName}" else jobOptions.repoPath;
|
||||||
targetPasswordFile = if targetOptions.passwordFile != null then targetOptions.passwordFile else
|
targetPasswordFile = if targetOptions.passwordFile != null then targetOptions.passwordFile else
|
||||||
config.sops.secrets."clerie-backup-target-${targetName}".path;
|
config.sops.secrets."clerie-backup-target-${targetName}".path;
|
||||||
targetUsername = if targetOptions.username == null then config.networking.hostName else targetOptions.username;
|
targetUsername = if targetOptions.username == null then config.networking.hostName else targetOptions.username;
|
||||||
in pkgs.writeShellApplication {
|
in {
|
||||||
name = "clerie-backup-${jobName}-${targetName}";
|
"clerie-backup/${jobName}-${targetName}/repo_password".source = jobPasswordFile;
|
||||||
|
"clerie-backup/${jobName}-${targetName}/repo_url".text = "https://${targetOptions.serverName}${repoPath}";
|
||||||
runtimeInputs = [ pkgs.restic ];
|
"clerie-backup/${jobName}-${targetName}/auth_username".text = targetUsername;
|
||||||
|
"clerie-backup/${jobName}-${targetName}/auth_password".source = targetPasswordFile;
|
||||||
text = ''
|
"clerie-backup/${jobName}-${targetName}/files".text = concatStringsSep "\n" jobOptions.paths;
|
||||||
set -euo pipefail
|
"clerie-backup/${jobName}-${targetName}/excludes".text = concatStringsSep "\n" jobOptions.exclude;
|
||||||
|
|
||||||
export RESTIC_PASSWORD_FILE=${jobPasswordFile}
|
|
||||||
export RESTIC_REPOSITORY="rest:https://${targetUsername}:$(cat ${targetPasswordFile})@${targetOptions.serverName}${repoPath}"
|
|
||||||
export RESTIC_PROGRESS_FPS=0.1
|
|
||||||
export RESTIC_CACHE_DIR=/var/cache/restic
|
|
||||||
|
|
||||||
restic "$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
checkPhase = "";
|
|
||||||
}
|
}
|
||||||
) jobTargetPairs;
|
) jobTargetPairs);
|
||||||
|
|
||||||
targetOptions = { ... }: {
|
targetOptions = { ... }: {
|
||||||
options = {
|
options = {
|
||||||
@ -158,6 +134,7 @@ in
|
|||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
"d /var/cache/restic - - - - -"
|
"d /var/cache/restic - - - - -"
|
||||||
];
|
];
|
||||||
environment.systemPackages = backupCommands;
|
environment.systemPackages = [ pkgs.clerie-backup ];
|
||||||
|
environment.etc = backupConfigs;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user