-{ lib, pkgs, config, ... }:
+{ lib, pkgs, config, name, ... }:
let
cfg = config.myEnv.backup;
varDir = "/var/lib/duply";
- duplyProfile = profile: prefix: ''
+ duplyProfile = profile: remote: prefix: ''
GPG_PW="${cfg.password}"
- TARGET="${cfg.remote}${prefix}"
- export AWS_ACCESS_KEY_ID="${cfg.accessKeyId}"
- export AWS_SECRET_ACCESS_KEY="${cfg.secretAccessKey}"
+ TARGET="${cfg.remotes.${remote}.remote profile.bucket}${prefix}"
+ export AWS_ACCESS_KEY_ID="${cfg.remotes.${remote}.accessKeyId}"
+ export AWS_SECRET_ACCESS_KEY="${cfg.remotes.${remote}.secretAccessKey}"
SOURCE="${profile.rootDir}"
FILENAME=".duplicity-ignore"
DUPL_PARAMS="$DUPL_PARAMS --exclude-if-present '$FILENAME'"
MAX_FULLS_WITH_INCRS=2
'';
action = "bkp_purge_purgeFull_purgeIncr";
+ varName = k: remoteName:
+ if remoteName == "eriomem" then k else remoteName + "_" + k;
in
{
options = {
Path to backup
'';
};
+ bucket = lib.mkOption {
+ type = lib.types.str;
+ default = "immae-${name}";
+ description = ''
+ Bucket to use
+ '';
+ };
+ remotes = lib.mkOption {
+ type = lib.types.listOf lib.types.str;
+ default = ["eriomem"];
+ description = ''
+ Remotes to use for backup
+ '';
+ };
excludeFile = lib.mkOption {
type = lib.types.lines;
default = "";
system.activationScripts.backup = ''
install -m 0700 -o root -g root -d ${varDir} ${varDir}/caches
'';
- secrets.keys = lib.flatten (lib.mapAttrsToList (k: v: [
- {
- permissions = "0400";
- dest = "backup/${k}/conf";
- text = duplyProfile v "${k}/";
- }
- {
- permissions = "0400";
- dest = "backup/${k}/exclude";
- text = v.excludeFile;
- }
- ]) config.services.duplyBackup.profiles);
+ secrets.keys = lib.flatten (lib.mapAttrsToList (k: v:
+ map (remote: [
+ {
+ permissions = "0400";
+ dest = "backup/${varName k remote}/conf";
+ text = duplyProfile v remote "${k}/";
+ }
+ {
+ permissions = "0400";
+ dest = "backup/${varName k remote}/exclude";
+ text = v.excludeFile;
+ }
+ ]) v.remotes) config.services.duplyBackup.profiles);
services.cron = {
enable = true;
backups = pkgs.writeScript "backups" ''
#!${pkgs.stdenv.shell}
- ${builtins.concatStringsSep "\n" (lib.mapAttrsToList (k: v:
+ ${builtins.concatStringsSep "\n" (lib.flatten (lib.mapAttrsToList (k: v:
+ map (remote: [
''
- touch ${varDir}/${k}.log
- ${pkgs.duply}/bin/duply ${config.secrets.location}/backup/${k}/ ${action} --force >> ${varDir}/${k}.log
- [[ $? = 0 ]] || echo -e "Error when doing backup for ${k}, see above\n---------------------------------------" >&2
+ touch ${varDir}/${varName k remote}.log
+ ${pkgs.duply}/bin/duply ${config.secrets.location}/backup/${varName k remote}/ ${action} --force >> ${varDir}/${varName k remote}.log
+ [[ $? = 0 ]] || echo -e "Error when doing backup for ${varName k remote}, see above\n---------------------------------------" >&2
''
- ) config.services.duplyBackup.profiles)}
+ ]) v.remotes
+ ) config.services.duplyBackup.profiles))}
'';
in
[
projects / perso / Immae / Config / Nix.git / blobdiff