diff options
author | Franck Cuny <franck@fcuny.net> | 2023-04-29 17:11:31 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2023-04-30 14:38:36 -0700 |
commit | 73490df322f7272068e752715b1747939d115b6e (patch) | |
tree | 54d0d0874254df74414f83a5a066e7e53407fce4 | |
parent | modules/security: add ssh key for rsync.net to known hosts (diff) | |
download | world-73490df322f7272068e752715b1747939d115b6e.tar.gz |
modules/backup: add a module for rsync
The NAS will rsync all the backups to rsync.net. This new module creates a systemd unit and timer to do this task.
-rw-r--r-- | modules/services/backup/default.nix | 2 | ||||
-rw-r--r-- | modules/services/backup/rsync.nix | 57 |
2 files changed, 59 insertions, 0 deletions
diff --git a/modules/services/backup/default.nix b/modules/services/backup/default.nix index 3481f3f..c9cce53 100644 --- a/modules/services/backup/default.nix +++ b/modules/services/backup/default.nix @@ -7,6 +7,8 @@ let + (writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude)); in { + imports = [ ./rsync.nix ]; + options.my.services.backup = with lib; { enable = mkEnableOption "Enable backups for this host"; diff --git a/modules/services/backup/rsync.nix b/modules/services/backup/rsync.nix new file mode 100644 index 0000000..d58dfe9 --- /dev/null +++ b/modules/services/backup/rsync.nix @@ -0,0 +1,57 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.my.services.backup.rsync; + secrets = config.age.secrets; + ssh-key-path = secrets."rsync.net/ssh-key".path; +in +{ + options.my.services.backup.rsync = with lib; { + enable = mkEnableOption "rsync backup service"; + + sourceDir = mkOption { + type = types.path; + example = "/data/slow/backups"; + description = "The directory to synchronize"; + }; + + destination = mkOption { + type = types.str; + example = "de2664@de2664.rsync.net:backups/"; + description = "The destination"; + }; + + timerConfig = mkOption { + default = { OnCalendar = "daily"; }; + example = { + OnCalendar = "00:05"; + RandomizedDelaySec = "5h"; + }; + description = '' + When to run rsync. See man systemd.timer for details. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + systemd = { + timers.rsync-backups = { + description = "synchronize restic repository to rsync.net"; + wantedBy = [ "timers.target" ]; + partOf = [ "rsync-backups.service" ]; + timerConfig = cfg.timerConfig; + }; + services.rsync-backups = { + description = "synchronize restic repository to rsync.net"; + serviceConfig = { + Type = "oneshot"; + }; + script = '' + exec ${pkgs.rsync}/bin/rsync \ + -azq --delete \ + -e '${pkgs.openssh}/bin/ssh -i ${ssh-key-path}' \ + ${cfg.sourceDir} ${cfg.destination} + ''; + }; + }; + }; +} |