1 { pkgs, config, lib, ... }:
3 cfg = config.myServices.databasesReplication.redis;
6 options.myServices.databasesReplication.redis = {
7 enable = lib.mkEnableOption "Enable redis replication";
11 Base path to put the replications
14 hosts = lib.mkOption {
19 type = lib.types.attrsOf (lib.types.submodule {
21 package = lib.mkOption {
22 type = lib.types.package;
25 Redis package for this host
40 password = lib.mkOption {
41 type = lib.types.nullOr lib.types.str;
52 config = lib.mkIf cfg.enable {
54 description = "Redis database user";
56 uid = config.ids.uids.redis;
57 extraGroups = [ "keys" ];
59 users.groups.redis.gid = config.ids.gids.redis;
61 services.spiped = { # sync from eldiron
65 source = "127.0.0.1:16379";
66 target = "${config.myEnv.servers.eldiron.ips.main.ip4}:16379";
67 keyfile = "${config.secrets.location}/redis/spiped_eldiron_keyfile";
71 secrets.keys = lib.flatten (lib.mapAttrsToList (name: hcfg: [
73 dest = "redis_replication/${name}/config";
78 pidfile ${cfg.base}/${name}/redis/redis.pid
80 unixsocket /run/redis_${name}/redis.sock
89 dir ${cfg.base}/${name}/redis/
90 slaveof ${hcfg.host} ${hcfg.port}
91 ${if hcfg.password != null then "masterauth ${hcfg.password}" else ""}
94 slowlog-log-slower-than 10000
102 dest = "redis/spiped_eldiron_keyfile";
105 permissions = "0400";
106 text = config.myEnv.databases.redis.spiped_key;
112 systemCronJobs = lib.flatten (lib.mapAttrsToList (name: hcfg:
114 dataDir = "${cfg.base}/${name}/redis";
115 backupDir = "${cfg.base}/${name}/redis_backup";
116 backup_script = pkgs.writeScript "backup_redis_${name}" ''
117 #!${pkgs.stdenv.shell}
119 ${pkgs.coreutils}/bin/cp ${cfg.base}/${name}/redis/dump.rdb \
120 ${backupDir}/$(${pkgs.coreutils}/bin/date -Iminutes).rdb
122 u = pkgs.callPackage ./utils.nix {};
123 cleanup_script = pkgs.writeScript "cleanup_redis_${name}" (u.exponentialDumps "rdb" backupDir);
125 "0 22,4,10,16 * * * root ${backup_script}"
126 "0 3 * * * root ${cleanup_script}"
130 system.activationScripts = lib.attrsets.mapAttrs' (name: hcfg:
131 lib.attrsets.nameValuePair "redis_replication_${name}" {
132 deps = [ "users" "groups" ];
134 install -m 0700 -o redis -g redis -d ${cfg.base}/${name}/redis
135 install -m 0700 -o redis -g redis -d ${cfg.base}/${name}/redis_backup
140 spiped_redis = { # For eldiron
141 description = "Secure pipe 'redis'";
142 after = [ "network.target" ];
143 wantedBy = [ "multi-user.target" ];
148 PermissionsStartOnly = true;
149 SupplementaryGroups = "keys";
152 script = "exec ${pkgs.spiped}/bin/spiped -F `cat /etc/spiped/redis.spec`";
154 } // lib.attrsets.mapAttrs' (name: hcfg:
156 dataDir = "${cfg.base}/${name}/redis";
158 lib.attrsets.nameValuePair "redis_backup_${name}" {
159 description = "Redis replication for ${name}";
160 wantedBy = [ "multi-user.target" ];
161 after = [ "network.target" ];
162 unitConfig.RequiresMountsFor = dataDir;
165 ExecStart = "${hcfg.package}/bin/redis-server ${config.secrets.location}/redis_replication/${name}/config";
167 RuntimeDirectory = "redis_${name}";