Add opendmarc flake

[perso/Immae/Config/Nix.git] / modules / rsync_backup / default.nix

diff --git a/modules/rsync_backup/default.nix b/modules/rsync_backup/default.nix
index dadf5e7cd6ed8375f96816f183df0d9f7680fbcc..f0df5a142d53bed4bb7f40fb5d8c21af53d8771b 100644 (file)
--- a/modules/rsync_backup/default.nix
+++ b/modules/rsync_backup/default.nix
@@ -41,6 +41,13 @@ let
           Number of backups to keep
           '';
       };
+      check_command = lib.mkOption {
+        type = lib.types.str;
+        default = "backup";
+        description = ''
+          command to check if backup needs to be done
+        '';
+      };
       login = lib.mkOption {
         type = lib.types.str;
         description = ''
@@ -84,19 +91,16 @@ let
 
   ssh_key = config.secrets.fullPaths."rsync_backup/identity";
 
-  backup_head = mailto: ''
+  backup_head = ''
     #!${pkgs.stdenv.shell}
     EXCL_FROM=`mktemp`
     FILES_FROM=`mktemp`
     TMP_STDERR=`mktemp`
 
     on_exit() {
-    ${lib.optionalString (mailto != null) ''
-      MAILTO="${mailto}"
       if [ -s "$TMP_STDERR" ]; then
-        cat "$TMP_STDERR" | ${pkgs.mailutils}/bin/mail -s "save_distant rsync error" "$MAILTO"
+        cat "$TMP_STDERR"
       fi
-    ''}
       rm -f $TMP_STDERR $EXCL_FROM $FILES_FROM
     }
 
@@ -131,7 +135,7 @@ let
           -o CheckHostIP=no \
           -p $PORT \
           -i ${ssh_key} \
-          $DEST backup; then
+          $DEST ${profile.check_command}; then
         echo "Fichier de verrouillage backup sur $DEST ou impossible de se connecter" >&2
         skip=$DEST
       fi
@@ -171,7 +175,7 @@ let
       EOF
 
       OUT=$RSYNC_OUTPUT/$LOCAL
-      ${pkgs.rsync}/bin/rsync -XAavbrz --fake-super -e "ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -i ${ssh_key} -p $PORT" --numeric-ids --delete \
+      ${pkgs.rsync}/bin/rsync --new-compress -XAavbr --fake-super -e "ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -i ${ssh_key} -p $PORT" --numeric-ids --delete \
         --backup-dir=$BAK_BASE/$LOCAL \${
         lib.optionalString (part.args != null) "\n  ${part.args} \\"}${
         lib.optionalString (builtins.length part.exclude_from > 0) "\n  --exclude-from=$EXCL_FROM \\"}${
@@ -186,11 +190,6 @@ in
       type = lib.types.path;
       description = "Path to the base folder for backups";
     };
-    mailto = lib.mkOption {
-      type = lib.types.nullOr lib.types.str;
-      default = null;
-      description = "E-mail to send the report to";
-    };
     profiles = lib.mkOption {
       type = lib.types.attrsOf profileModule;
       default = {};
@@ -209,7 +208,6 @@ in
   };
 
   config = lib.mkIf (builtins.length (builtins.attrNames cfg.profiles) > 0) {
-    # FIXME: monitoring to check that backup is less than 14h old
     users.users.backup = {
       isSystemUser = true;
       uid = config.ids.uids.backup;
@@ -223,7 +221,7 @@ in
 
     services.cron.systemCronJobs = let
       backup = pkgs.writeScript "backup.sh" (builtins.concatStringsSep "\n" ([
-        (backup_head cfg.mailto)
+        backup_head
       ] ++ lib.mapAttrsToList backup_profile cfg.profiles));
     in [
       ''