about summary refs log tree commit diff
path: root/modules/services
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-04-29 17:11:31 -0700
committerFranck Cuny <franck@fcuny.net>2023-04-30 14:38:36 -0700
commit73490df322f7272068e752715b1747939d115b6e (patch)
tree54d0d0874254df74414f83a5a066e7e53407fce4 /modules/services
parentmodules/security: add ssh key for rsync.net to known hosts (diff)
downloadworld-73490df322f7272068e752715b1747939d115b6e.tar.gz
modules/backup: add a module for rsync
The NAS will rsync all the backups to rsync.net. This new module creates
a systemd unit and timer to do this task.
Diffstat (limited to 'modules/services')
-rw-r--r--modules/services/backup/default.nix2
-rw-r--r--modules/services/backup/rsync.nix57
2 files changed, 59 insertions, 0 deletions
diff --git a/modules/services/backup/default.nix b/modules/services/backup/default.nix
index 3481f3f..c9cce53 100644
--- a/modules/services/backup/default.nix
+++ b/modules/services/backup/default.nix
@@ -7,6 +7,8 @@ let
     + (writeText "excludes.txt" (concatStringsSep "\n" cfg.exclude));
 in
 {
+  imports = [ ./rsync.nix ];
+
   options.my.services.backup = with lib; {
     enable = mkEnableOption "Enable backups for this host";
 
diff --git a/modules/services/backup/rsync.nix b/modules/services/backup/rsync.nix
new file mode 100644
index 0000000..d58dfe9
--- /dev/null
+++ b/modules/services/backup/rsync.nix
@@ -0,0 +1,57 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.my.services.backup.rsync;
+  secrets = config.age.secrets;
+  ssh-key-path = secrets."rsync.net/ssh-key".path;
+in
+{
+  options.my.services.backup.rsync = with lib; {
+    enable = mkEnableOption "rsync backup service";
+
+    sourceDir = mkOption {
+      type = types.path;
+      example = "/data/slow/backups";
+      description = "The directory to synchronize";
+    };
+
+    destination = mkOption {
+      type = types.str;
+      example = "de2664@de2664.rsync.net:backups/";
+      description = "The destination";
+    };
+
+    timerConfig = mkOption {
+      default = { OnCalendar = "daily"; };
+      example = {
+        OnCalendar = "00:05";
+        RandomizedDelaySec = "5h";
+      };
+      description = ''
+        When to run rsync. See man systemd.timer for details.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd = {
+      timers.rsync-backups = {
+        description = "synchronize restic repository to rsync.net";
+        wantedBy = [ "timers.target" ];
+        partOf = [ "rsync-backups.service" ];
+        timerConfig = cfg.timerConfig;
+      };
+      services.rsync-backups = {
+        description = "synchronize restic repository to rsync.net";
+        serviceConfig = {
+          Type = "oneshot";
+        };
+        script = ''
+          exec ${pkgs.rsync}/bin/rsync \
+            -azq --delete \
+            -e '${pkgs.openssh}/bin/ssh -i ${ssh-key-path}' \
+            ${cfg.sourceDir} ${cfg.destination}
+        '';
+      };
+    };
+  };
+}