yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'WIP backups' (#557) from lassulus-backups into main

Browse Source
This commit is contained in:
clan-bot
2023-11-23 17:18:55 +00:00
parent db5af7ea67 640430075a
commit 2c048a8a74
8 changed files with 175 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
checks/borgbackup/borg_test Normal file
View File

@@ -0,0 +1,7 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACASG8CFZy8vrqA2erivzgnNUCuOkiBngt5lXPOXai2EMAAAAJAOOON0Djjj
dAAAAAtzc2gtZWQyNTUxOQAAACASG8CFZy8vrqA2erivzgnNUCuOkiBngt5lXPOXai2EMA
AAAEDTjUOWSYeU3Xu+Ol1731b9rXeEVXSdrhVOraA+7/35JBIbwIVnLy+uoDZ6uK/OCc1Q
K46SIGeC3mVc85dqLYQwAAAADGxhc3NAaWduYXZpYQE=
-----END OPENSSH PRIVATE KEY-----

1
checks/borgbackup/borg_test.pub Normal file
View File

@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIbwIVnLy+uoDZ6uK/OCc1QK46SIGeC3mVc85dqLYQw lass@ignavia

36
checks/borgbackup/default.nix Normal file
View File

@@ -0,0 +1,36 @@
(import ../lib/container-test.nix) ({ ... }: {
name = "borgbackup";
nodes.machine = { self, ... }: {
imports = [
self.clanModules.borgbackup
self.nixosModules.clanCore
{
services.openssh.enable = true;
services.borgbackup.repos.testrepo = {
authorizedKeys = [
(builtins.readFile ./borg_test.pub)
];
};
}
{
clanCore.machineName = "machine";
clanCore.clanDir = ./.;
clanCore.state."/etc/state" = { };
environment.etc.state.text = "hello world";
clan.borgbackup = {
enable = true;
destinations.test = {
repo = "borg@localhost:.";
rsh = "ssh -i ${./borg_test} -o StrictHostKeyChecking=no";
};
};
}
];
};
testScript = ''
start_all()
machine.systemctl("start --wait borgbackup-job-test.service")
assert "machine-test" in machine.succeed("BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes /run/current-system/sw/bin/borg-job-test list")
'';
})

1
checks/flake-module.nix
View File

@@ -17,6 +17,7 @@
container = import ./container nixosTestArgs; container = import ./container nixosTestArgs;
deltachat = import ./deltachat nixosTestArgs; deltachat = import ./deltachat nixosTestArgs;
meshnamed = import ./meshnamed nixosTestArgs; meshnamed = import ./meshnamed nixosTestArgs;
borgbackup = import ./borgbackup nixosTestArgs;
}; };
schemaTests = pkgs.callPackages ./schemas.nix { schemaTests = pkgs.callPackages ./schemas.nix {
inherit self; inherit self;

73
clanModules/borgbackup.nix Normal file
View File

@@ -0,0 +1,73 @@
{ config, lib, ... }:
let
cfg = config.clan.borgbackup;
in
{
options.clan.borgbackup = {
enable = lib.mkEnableOption "backups with borgbackup";
destinations = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
description = "the name of the backup job";
};
repo = lib.mkOption {
type = lib.types.str;
description = "the borgbackup repository to backup to";
};
rsh = lib.mkOption {
type = lib.types.str;
default = "";
description = "the rsh to use for the backup";
};
};
}));
description = ''
destinations where the machine should be backuped to
'';
};
};
config = lib.mkIf cfg.enable {
services.borgbackup.jobs = lib.mapAttrs
(_: dest: {
paths = map (state: state.folder) (lib.attrValues config.clanCore.state);
exclude = [
"*.pyc"
];
repo = dest.repo;
environment.BORG_RSH = dest.rsh;
encryption.mode = "none";
compression = "auto,zstd";
startAt = "*-*-* 01:00:00";
preHook = ''
set -x
'';
prune.keep = {
within = "1d"; # Keep all archives from the last day
daily = 7;
weekly = 4;
monthly = 0;
};
})
cfg.destinations;
clanCore.backups.providers.borgbackup = {
list = ''
${lib.concatMapStringsSep "\n" (dest: ''
echo listing backups for ${dest}
borg-job-${dest} list
'') cfg.destinations}
'';
start = ''
${lib.concatMapStringsSep "\n" (dest: ''
systemctl start borgbackup-job-${dest}
'') cfg.destinations}
'';
};
};
}

1
clanModules/flake-module.nix
View File

@@ -8,5 +8,6 @@
}; };
deltachat = ./deltachat.nix; deltachat = ./deltachat.nix;
xfce = ./xfce.nix; xfce = ./xfce.nix;
borgbackup = ./borgbackup.nix;
}; };
} }

55
nixosModules/clanCore/backups.nix Normal file
View File

@@ -0,0 +1,55 @@
{ lib, ... }:
{
options.clanCore.state = lib.mkOption {
default = { };
type = lib.types.attrsOf
(lib.types.submodule ({ name, ... }: {
options = {
folder = lib.mkOption {
type = lib.types.str;
default = name;
description = ''
Folder where state resides in
'';
};
};
}));
};
options.clanCore.backups = {
providers = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
description = ''
Name of the backup provider
'';
};
list = lib.mkOption {
type = lib.types.str;
description = ''
script to list backups
'';
};
delete = lib.mkOption {
type = lib.types.str;
description = ''
script to delete a backup
'';
};
start = lib.mkOption {
type = lib.types.str;
description = ''
script to start a backup
'';
};
};
}));
default = [ ];
description = ''
Configured backup providers which are used by this machine
'';
};
};
}

1
nixosModules/clanCore/flake-module.nix
View File

@@ -1,6 +1,7 @@
{ self, inputs, lib, ... }: { { self, inputs, lib, ... }: {
flake.nixosModules.clanCore = { config, pkgs, options, ... }: { flake.nixosModules.clanCore = { config, pkgs, options, ... }: {
imports = [ imports = [
./backups.nix
./clan-imports ./clan-imports
./secrets ./secrets
./zerotier ./zerotier