Add backup module

24 files changed, 57 insertions, 0 deletions

diff --git a/modules/private/websites/aten/integration.nix b/modules/private/websites/aten/integration.nix
index 6768f80..0c92818 100644
--- a/modules/private/websites/aten/integration.nix
+++ b/modules/private/websites/aten/integration.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.aten.integration.enable = lib.mkEnableOption "enable Aten's website in integration";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.aten_dev.rootDir = app.varDir;
     services.phpApplication.apps.aten_dev = {
       websiteEnv = "integration";
       httpdUser = config.services.httpd.Inte.user;
diff --git a/modules/private/websites/aten/production.nix b/modules/private/websites/aten/production.nix
index 97f4a08..2ffcef3 100644
--- a/modules/private/websites/aten/production.nix
+++ b/modules/private/websites/aten/production.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.aten.production.enable = lib.mkEnableOption "enable Aten's website in production";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.aten_prod.rootDir = app.varDir;
     services.webstats.sites = [ { name = "aten.pro"; } ];
     services.phpApplication.apps.aten_prod = {
       websiteEnv = "production";
diff --git a/modules/private/websites/chloe/integration.nix b/modules/private/websites/chloe/integration.nix
index 1f7ac31..75e25af 100644
--- a/modules/private/websites/chloe/integration.nix
+++ b/modules/private/websites/chloe/integration.nix
@@ -12,6 +12,7 @@ in {
   options.myServices.websites.chloe.integration.enable = lib.mkEnableOption "enable Chloe's website in integration";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.chloe_dev.rootDir = chloe.app.varDir;
     secrets.keys = chloe.keys;
     systemd.services.phpfpm-chloe_dev.after = lib.mkAfter chloe.phpFpm.serviceDeps;
     systemd.services.phpfpm-chloe_dev.wants = chloe.phpFpm.serviceDeps;
diff --git a/modules/private/websites/chloe/production.nix b/modules/private/websites/chloe/production.nix
index 6cfdb7f..7c59806 100644
--- a/modules/private/websites/chloe/production.nix
+++ b/modules/private/websites/chloe/production.nix
@@ -12,6 +12,7 @@ in {
   options.myServices.websites.chloe.production.enable = lib.mkEnableOption "enable Chloe's website in production";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.chloe_prod.rootDir = chloe.app.varDir;
     secrets.keys = chloe.keys;
     services.webstats.sites = [ { name = "osteopathe-cc.fr"; } ];
 
diff --git a/modules/private/websites/connexionswing/integration.nix b/modules/private/websites/connexionswing/integration.nix
index 2ceaffa..fee8e4f 100644
--- a/modules/private/websites/connexionswing/integration.nix
+++ b/modules/private/websites/connexionswing/integration.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.connexionswing.integration.enable = lib.mkEnableOption "enable Connexionswing's website in integration";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.connexionswing_dev.rootDir = app.varDir;
     services.phpApplication.apps.connexionswing_dev = {
       websiteEnv = "integration";
       httpdUser = config.services.httpd.Inte.user;
diff --git a/modules/private/websites/connexionswing/production.nix b/modules/private/websites/connexionswing/production.nix
index 1427c8d..79e672a 100644
--- a/modules/private/websites/connexionswing/production.nix
+++ b/modules/private/websites/connexionswing/production.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.connexionswing.production.enable = lib.mkEnableOption "enable Connexionswing's website in production";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.connexionswing_prod.rootDir = app.varDir;
     services.webstats.sites = [ { name = "connexionswing.com"; } ];
     services.phpApplication.apps.connexionswing_prod = {
       websiteEnv = "production";
diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix
index f55f7e3..e2bcef5 100644
--- a/modules/private/websites/default.nix
+++ b/modules/private/websites/default.nix
@@ -73,6 +73,9 @@ in
   };
 
   config = {
+    services.backup.profiles.php = {
+      rootDir = "/var/lib/php";
+    };
     users.users.wwwrun.extraGroups = [ "keys" ];
     networking.firewall.allowedTCPPorts = [ 80 443 ];
 
diff --git a/modules/private/websites/emilia/production.nix b/modules/private/websites/emilia/production.nix
index 422bfd4..0dab316 100644
--- a/modules/private/websites/emilia/production.nix
+++ b/modules/private/websites/emilia/production.nix
@@ -43,6 +43,9 @@ in {
   options.myServices.websites.emilia.production.enable = lib.mkEnableOption "enable Emilia's website";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.emilia_prod = {
+      rootDir = varDir;
+    };
     system.activationScripts.emilia = ''
       install -m 0755 -o wwwrun -g wwwrun -d ${varDir}
       '';
diff --git a/modules/private/websites/florian/app.nix b/modules/private/websites/florian/app.nix
index 3f44ec4..7e2c333 100644
--- a/modules/private/websites/florian/app.nix
+++ b/modules/private/websites/florian/app.nix
@@ -9,6 +9,7 @@ in {
   options.myServices.websites.florian.app.enable = lib.mkEnableOption "enable Florian's app in integration";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.tellesflorian_dev.rootDir = app.varDir;
     services.phpApplication.apps.florian_dev = {
       websiteEnv = "integration";
       httpdUser = config.services.httpd.Inte.user;
diff --git a/modules/private/websites/ludivinecassal/integration.nix b/modules/private/websites/ludivinecassal/integration.nix
index 55f2432..d1b8f9b 100644
--- a/modules/private/websites/ludivinecassal/integration.nix
+++ b/modules/private/websites/ludivinecassal/integration.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.ludivinecassal.integration.enable = lib.mkEnableOption "enable Ludivine's website in integration";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.ludivinecassal_dev.rootDir = app.varDir;
     services.phpApplication.apps.ludivinecassal_dev = {
       websiteEnv = "integration";
       httpdUser = config.services.httpd.Inte.user;
diff --git a/modules/private/websites/ludivinecassal/production.nix b/modules/private/websites/ludivinecassal/production.nix
index 82f6899..341fd6d 100644
--- a/modules/private/websites/ludivinecassal/production.nix
+++ b/modules/private/websites/ludivinecassal/production.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.ludivinecassal.production.enable = lib.mkEnableOption "enable Ludivine's website in production";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.ludivinecassal_prod.rootDir = app.varDir;
     services.webstats.sites = [ { name = "ludivinecassal.com"; } ];
     services.phpApplication.apps.ludivinecassal_prod = {
       websiteEnv = "production";
diff --git a/modules/private/websites/piedsjaloux/integration.nix b/modules/private/websites/piedsjaloux/integration.nix
index 0a33bc0..853fcff 100644
--- a/modules/private/websites/piedsjaloux/integration.nix
+++ b/modules/private/websites/piedsjaloux/integration.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.piedsjaloux.integration.enable = lib.mkEnableOption "enable PiedsJaloux's website in integration";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.piedsjaloux_dev.rootDir = app.varDir;
     services.phpApplication.apps.piedsjaloux_dev = {
       websiteEnv = "integration";
       httpdUser = config.services.httpd.Inte.user;
diff --git a/modules/private/websites/piedsjaloux/production.nix b/modules/private/websites/piedsjaloux/production.nix
index 9007f19..9e64fca 100644
--- a/modules/private/websites/piedsjaloux/production.nix
+++ b/modules/private/websites/piedsjaloux/production.nix
@@ -8,6 +8,7 @@ in {
   options.myServices.websites.piedsjaloux.production.enable = lib.mkEnableOption "enable PiedsJaloux's website in production";
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.piedsjaloux_prod.rootDir = app.varDir;
     services.webstats.sites = [ { name = "piedsjaloux.fr"; } ];
     services.phpApplication.apps.piedsjaloux_prod = {
       websiteEnv = "production";
diff --git a/modules/private/websites/tools/diaspora/default.nix b/modules/private/websites/tools/diaspora/default.nix
index 17a6a09..24d3d51 100644
--- a/modules/private/websites/tools/diaspora/default.nix
+++ b/modules/private/websites/tools/diaspora/default.nix
@@ -10,6 +10,9 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.diaspora = {
+      rootDir = dcfg.dataDir;
+    };
     users.users.diaspora.extraGroups = [ "keys" ];
 
     secrets.keys = [
diff --git a/modules/private/websites/tools/ether/default.nix b/modules/private/websites/tools/ether/default.nix
index c038528..600254b 100644
--- a/modules/private/websites/tools/ether/default.nix
+++ b/modules/private/websites/tools/ether/default.nix
@@ -12,6 +12,9 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.etherpad-lite = {
+      rootDir = "/var/lib/private/etherpad-lite";
+    };
     secrets.keys = [
       {
         dest = "webapps/tools-etherpad-apikey";
diff --git a/modules/private/websites/tools/mail/default.nix b/modules/private/websites/tools/mail/default.nix
index ea0a27f..35711af 100644
--- a/modules/private/websites/tools/mail/default.nix
+++ b/modules/private/websites/tools/mail/default.nix
@@ -17,6 +17,10 @@ in
   ];
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.mail.excludeFile = ''
+      + ${rainloop.varDir}
+      + ${roundcubemail.varDir}
+      '';
     secrets.keys = roundcubemail.keys;
 
     services.websites.env.tools.modules =
diff --git a/modules/private/websites/tools/mastodon/default.nix b/modules/private/websites/tools/mastodon/default.nix
index d67ae2b..2236bd5 100644
--- a/modules/private/websites/tools/mastodon/default.nix
+++ b/modules/private/websites/tools/mastodon/default.nix
@@ -10,6 +10,9 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    services.backup.profiles.mastodon = {
+      rootDir = mcfg.dataDir;
+    };
     secrets.keys = [{
       dest = "webapps/tools-mastodon";
       user = "mastodon";
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index e17c708..6f27b0b 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -51,6 +51,15 @@ in {
       ++ wallabag.keys
       ++ yourls.keys;
 
+    services.backup.profiles = {
+      dokuwiki = dokuwiki.backups;
+      kanboard = kanboard.backups;
+      rompr = rompr.backups;
+      shaarli = shaarli.backups;
+      ttrss = ttrss.backups;
+      wallabag = wallabag.backups;
+    };
+
     services.websites.env.tools.modules =
       [ "proxy_fcgi" ]
       ++ adminer.apache.modules
diff --git a/modules/private/websites/tools/tools/dokuwiki.nix b/modules/private/websites/tools/tools/dokuwiki.nix
index c61d15f..e40d671 100644
--- a/modules/private/websites/tools/tools/dokuwiki.nix
+++ b/modules/private/websites/tools/tools/dokuwiki.nix
@@ -1,5 +1,8 @@
 { lib, stdenv, dokuwiki, dokuwiki-plugins }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/dokuwiki";
   activationScript = {
     deps = [ "wrappers" ];
diff --git a/modules/private/websites/tools/tools/kanboard.nix b/modules/private/websites/tools/tools/kanboard.nix
index 68f92b8..68c3a10 100644
--- a/modules/private/websites/tools/tools/kanboard.nix
+++ b/modules/private/websites/tools/tools/kanboard.nix
@@ -1,5 +1,8 @@
 { env, kanboard }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/kanboard";
   activationScript = {
     deps = [ "wrappers" ];
diff --git a/modules/private/websites/tools/tools/rompr.nix b/modules/private/websites/tools/tools/rompr.nix
index fea59fc..74034f0 100644
--- a/modules/private/websites/tools/tools/rompr.nix
+++ b/modules/private/websites/tools/tools/rompr.nix
@@ -1,5 +1,8 @@
 { lib, env, rompr }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/rompr";
   activationScript = ''
     install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
diff --git a/modules/private/websites/tools/tools/shaarli.nix b/modules/private/websites/tools/tools/shaarli.nix
index 2e89a47..28041ba 100644
--- a/modules/private/websites/tools/tools/shaarli.nix
+++ b/modules/private/websites/tools/tools/shaarli.nix
@@ -2,6 +2,9 @@
 let
   varDir = "/var/lib/shaarli";
 in rec {
+  backups = {
+    rootDir = varDir;
+  };
   activationScript = ''
     install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
       ${varDir}/cache ${varDir}/pagecache ${varDir}/tmp ${varDir}/data \
diff --git a/modules/private/websites/tools/tools/ttrss.nix b/modules/private/websites/tools/tools/ttrss.nix
index 05c8cab..598cc3a 100644
--- a/modules/private/websites/tools/tools/ttrss.nix
+++ b/modules/private/websites/tools/tools/ttrss.nix
@@ -1,5 +1,8 @@
 { php, env, ttrss, ttrss-plugins }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/ttrss";
   activationScript = {
     deps = [ "wrappers" ];
diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix
index 2912b2c..8572d64 100644
--- a/modules/private/websites/tools/tools/wallabag.nix
+++ b/modules/private/websites/tools/tools/wallabag.nix
@@ -1,5 +1,8 @@
 { env, wallabag, mylibs }:
 rec {
+  backups = {
+    rootDir = varDir;
+  };
   varDir = "/var/lib/wallabag";
   keys = [{
     dest = "webapps/tools-wallabag";