opendmarc = ./opendmarc.nix;
openarc = ./openarc.nix;
- backup = ./backup;
+ duplyBackup = ./duply_backup;
naemon = ./naemon;
php-application = ./websites/php-application.nix;
in
{
options = {
- services.backup.enable = lib.mkOption {
+ services.duplyBackup.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Whether to enable remote backups.
'';
};
- services.backup.profiles = lib.mkOption {
+ services.duplyBackup.profiles = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule {
options = {
rootDir = lib.mkOption {
};
};
- config = lib.mkIf config.services.backup.enable {
+ config = lib.mkIf config.services.duplyBackup.enable {
system.activationScripts.backup = ''
install -m 0700 -o root -g root -d ${varDir} ${varDir}/caches
'';
dest = "backup/${k}/exclude";
text = v.excludeFile;
}
- ]) config.services.backup.profiles);
+ ]) config.services.duplyBackup.profiles);
services.cron = {
enable = true;
touch ${varDir}/${k}.log
${pkgs.duply}/bin/duply ${config.secrets.location}/backup/${k}/ ${action} --force >> ${varDir}/${k}.log
''
- ) config.services.backup.profiles)}
+ ) config.services.duplyBackup.profiles)}
'';
in
[
};
config = lib.mkIf config.myServices.buildbot.enable {
- services.backup.profiles.buildbot = {
+ services.duplyBackup.profiles.buildbot = {
rootDir = varDir;
};
ids.uids.buildbot = myconfig.env.buildbot.user.uid;
};
config = lib.mkIf config.myServices.certificates.enable {
- services.backup.profiles.system.excludeFile = ''
+ services.duplyBackup.profiles.system.excludeFile = ''
+ ${config.security.acme.directory}
'';
services.websites.certs = config.myServices.certificates.certConfig;
};
config = lib.mkIf config.services.pure-ftpd.enable {
- services.backup.profiles.ftp = {
+ services.duplyBackup.profiles.ftp = {
rootDir = "/var/lib/ftp";
};
security.acme.certs."ftp" = config.myServices.certificates.certConfig // {
snippet = builtins.readFile ./ldap_gitolite.sh;
dependencies = [ pkgs.gitolite ];
}];
- services.backup.profiles.gitolite = {
+ services.duplyBackup.profiles.gitolite = {
rootDir = cfg.gitoliteDir;
};
networking.firewall.allowedTCPPorts = [ 9418 ];
};
config = lib.mkIf cfg.enable {
- services.backup.profiles.irc = {
+ services.duplyBackup.profiles.irc = {
rootDir = "/var/lib/bitlbee";
};
security.acme.certs."irc" = config.myServices.ircCerts // {
mxs = map (zone: "mx-1.${zone.name}") zonesWithMx;
in builtins.listToAttrs (map (mx: lib.attrsets.nameValuePair mx null) mxs);
};
- services.backup.profiles = {
+ services.duplyBackup.profiles = {
mail = {
rootDir = "/var/lib";
excludeFile = lib.mkAfter ''
in
{
config = lib.mkIf config.myServices.mail.enable {
- services.backup.profiles.mail.excludeFile = ''
+ services.duplyBackup.profiles.mail.excludeFile = ''
+ /var/lib/dhparams
+ /var/lib/dovecot
'';
{ lib, pkgs, config, myconfig, ... }:
{
config = lib.mkIf config.myServices.mail.enable {
- services.backup.profiles.mail.excludeFile = ''
+ services.duplyBackup.profiles.mail.excludeFile = ''
+ /var/lib/postfix
'';
secrets.keys = [
'';
};
config = lib.mkIf config.myServices.mail.enable {
- services.backup.profiles.mail.excludeFile = ''
+ services.duplyBackup.profiles.mail.excludeFile = ''
+ /var/lib/rspamd
'';
services.cron.systemCronJobs = let
};
config = lib.mkIf config.myServices.monitoring.enable {
- services.backup.profiles.monitoring = {
+ services.duplyBackup.profiles.monitoring = {
rootDir = config.services.naemon.varDir;
};
security.sudo.extraRules = [
{
options.myServices.mpd.enable = lib.mkEnableOption "enable MPD";
config = lib.mkIf config.myServices.mpd.enable {
- services.backup.profiles.mpd = {
+ services.duplyBackup.profiles.mpd = {
rootDir = "/var/lib/mpd";
};
secrets.keys = [
snippet = builtins.readFile ./ldap_pub.sh;
dependencies = [ pkgs.coreutils ];
}];
- services.backup.profiles.pub = {
+ services.duplyBackup.profiles.pub = {
rootDir = "/var/lib/pub";
};
users.users.pub = let
{ pkgs, privateFiles, lib, ... }:
{
config = {
- services.backup.profiles.system = {
+ services.duplyBackup.profiles.system = {
rootDir = "/var/lib";
excludeFile = lib.mkAfter ''
+ /var/lib/nixos
myServices.websites.enable = true;
myServices.mail.enable = true;
services.pure-ftpd.enable = true;
- services.backup.enable = true;
+ services.duplyBackup.enable = true;
deployment = {
targetEnv = "hetzner";
};
config = lib.mkIf cfg.enable {
- services.backup.profiles.tasks = {
+ services.duplyBackup.profiles.tasks = {
rootDir = "/var/lib";
excludeFile = ''
+ /var/lib/taskserver
options.myServices.websites.aten.integration.enable = lib.mkEnableOption "enable Aten's website in integration";
config = lib.mkIf cfg.enable {
- services.backup.profiles.aten_dev.rootDir = app.varDir;
+ services.duplyBackup.profiles.aten_dev.rootDir = app.varDir;
services.phpApplication.apps.aten_dev = {
websiteEnv = "integration";
httpdUser = config.services.httpd.Inte.user;
options.myServices.websites.aten.production.enable = lib.mkEnableOption "enable Aten's website in production";
config = lib.mkIf cfg.enable {
- services.backup.profiles.aten_prod.rootDir = app.varDir;
+ services.duplyBackup.profiles.aten_prod.rootDir = app.varDir;
services.webstats.sites = [ { name = "aten.pro"; } ];
services.phpApplication.apps.aten_prod = {
websiteEnv = "production";
options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration";
config = lib.mkIf cfg.enable {
- services.backup.profiles.chloe_dev.rootDir = chloe.app.varDir;
+ services.duplyBackup.profiles.chloe_dev.rootDir = chloe.app.varDir;
secrets.keys = chloe.keys;
systemd.services.phpfpm-chloe_dev.after = lib.mkAfter chloe.phpFpm.serviceDeps;
systemd.services.phpfpm-chloe_dev.wants = chloe.phpFpm.serviceDeps;
options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production";
config = lib.mkIf cfg.enable {
- services.backup.profiles.chloe_prod.rootDir = chloe.app.varDir;
+ services.duplyBackup.profiles.chloe_prod.rootDir = chloe.app.varDir;
secrets.keys = chloe.keys;
services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
options.myServices.websites.connexionswing.integration.enable = lib.mkEnableOption "enable Connexionswing's website in integration";
config = lib.mkIf cfg.enable {
- services.backup.profiles.connexionswing_dev.rootDir = app.varDir;
+ services.duplyBackup.profiles.connexionswing_dev.rootDir = app.varDir;
services.phpApplication.apps.connexionswing_dev = {
websiteEnv = "integration";
httpdUser = config.services.httpd.Inte.user;
options.myServices.websites.connexionswing.production.enable = lib.mkEnableOption "enable Connexionswing's website in production";
config = lib.mkIf cfg.enable {
- services.backup.profiles.connexionswing_prod.rootDir = app.varDir;
+ services.duplyBackup.profiles.connexionswing_prod.rootDir = app.varDir;
services.webstats.sites = [ { name = "connexionswing.com"; } ];
services.phpApplication.apps.connexionswing_prod = {
websiteEnv = "production";
};
config = lib.mkIf config.myServices.websites.enable {
- services.backup.profiles.php = {
+ services.duplyBackup.profiles.php = {
rootDir = "/var/lib/php";
};
users.users.wwwrun.extraGroups = [ "keys" ];
options.myServices.websites.emilia.production.enable = lib.mkEnableOption "enable Emilia's website";
config = lib.mkIf cfg.enable {
- services.backup.profiles.emilia_prod = {
+ services.duplyBackup.profiles.emilia_prod = {
rootDir = varDir;
};
system.activationScripts.emilia = ''
options.myServices.websites.florian.app.enable = lib.mkEnableOption "enable Florian's app in integration";
config = lib.mkIf cfg.enable {
- services.backup.profiles.tellesflorian_dev.rootDir = app.varDir;
+ services.duplyBackup.profiles.tellesflorian_dev.rootDir = app.varDir;
services.phpApplication.apps.florian_dev = {
websiteEnv = "integration";
httpdUser = config.services.httpd.Inte.user;
options.myServices.websites.ludivinecassal.integration.enable = lib.mkEnableOption "enable Ludivine's website in integration";
config = lib.mkIf cfg.enable {
- services.backup.profiles.ludivinecassal_dev.rootDir = app.varDir;
+ services.duplyBackup.profiles.ludivinecassal_dev.rootDir = app.varDir;
services.phpApplication.apps.ludivinecassal_dev = {
websiteEnv = "integration";
httpdUser = config.services.httpd.Inte.user;
options.myServices.websites.ludivinecassal.production.enable = lib.mkEnableOption "enable Ludivine's website in production";
config = lib.mkIf cfg.enable {
- services.backup.profiles.ludivinecassal_prod.rootDir = app.varDir;
+ services.duplyBackup.profiles.ludivinecassal_prod.rootDir = app.varDir;
services.webstats.sites = [ { name = "ludivinecassal.com"; } ];
services.phpApplication.apps.ludivinecassal_prod = {
websiteEnv = "production";
options.myServices.websites.piedsjaloux.integration.enable = lib.mkEnableOption "enable PiedsJaloux's website in integration";
config = lib.mkIf cfg.enable {
- services.backup.profiles.piedsjaloux_dev.rootDir = app.varDir;
+ services.duplyBackup.profiles.piedsjaloux_dev.rootDir = app.varDir;
services.phpApplication.apps.piedsjaloux_dev = {
websiteEnv = "integration";
httpdUser = config.services.httpd.Inte.user;
options.myServices.websites.piedsjaloux.production.enable = lib.mkEnableOption "enable PiedsJaloux's website in production";
config = lib.mkIf cfg.enable {
- services.backup.profiles.piedsjaloux_prod.rootDir = app.varDir;
+ services.duplyBackup.profiles.piedsjaloux_prod.rootDir = app.varDir;
services.webstats.sites = [ { name = "piedsjaloux.fr"; } ];
services.phpApplication.apps.piedsjaloux_prod = {
websiteEnv = "production";
};
config = lib.mkIf cfg.enable {
- services.backup.profiles.diaspora = {
+ services.duplyBackup.profiles.diaspora = {
rootDir = dcfg.dataDir;
};
users.users.diaspora.extraGroups = [ "keys" ];
};
config = lib.mkIf cfg.enable {
- services.backup.profiles.etherpad-lite = {
+ services.duplyBackup.profiles.etherpad-lite = {
rootDir = "/var/lib/private/etherpad-lite";
};
secrets.keys = [
];
config = lib.mkIf cfg.enable {
- services.backup.profiles.mail.excludeFile = ''
+ services.duplyBackup.profiles.mail.excludeFile = ''
+ ${rainloop.varDir}
+ ${roundcubemail.varDir}
'';
};
config = lib.mkIf cfg.enable {
- services.backup.profiles.mastodon = {
+ services.duplyBackup.profiles.mastodon = {
rootDir = mcfg.dataDir;
};
secrets.keys = [{
++ wallabag.keys
++ yourls.keys;
- services.backup.profiles = {
+ services.duplyBackup.profiles = {
dokuwiki = dokuwiki.backups;
kanboard = kanboard.backups;
rompr = rompr.backups;
};
config = lib.mkIf (builtins.length cfg.sites > 0) {
- services.backup.profiles.goaccess = {
+ services.duplyBackup.profiles.goaccess = {
rootDir = cfg.dataDir;
};
users.users.root.packages = [
projects / perso / Immae / Config / Nix.git / commitdiff
