nixos/modules/services/backup/sitecopy-backup.nix at 16.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / backup / sitecopy-backup.nix
at 16.09-beta 3.2 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3with lib;
  4
  5let
  6  inherit (pkgs) sitecopy;
  7
  8  stateDir = "/var/spool/sitecopy";
  9
 10  sitecopyCron = backup : ''
 11    ${if backup ? period then backup.period else config.services.sitecopy.period} root ${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${backup.name}.conf --update ${backup.name} >> /var/log/sitecopy.log 2>&1
 12  '';
 13in
 14
 15{
 16
 17  options = {
 18
 19    services.sitecopy = {
 20
 21      enable = mkOption {
 22        default = false;
 23        description = ''
 24          Whether to enable <command>sitecopy</command> backups of specified
 25          directories.
 26        '';
 27      };
 28
 29      period = mkOption {
 30        default = "15 04 * * *";
 31        description = ''
 32          This option defines (in the format used by <command>cron</command>)
 33          when the <command>sitecopy</command> backups are to be run.
 34          The default is to update at 04:15 (at night) every day.
 35        '';
 36      };
 37
 38      backups = mkOption {
 39        example = [
 40          { name = "test";
 41            local = "/tmp/backup";
 42            remote = "/staff-groups/ewi/st/strategoxt/backup/test";
 43            server = "webdata.tudelft.nl";
 44            protocol = "webdav";
 45            https = true ;
 46            symlinks = "maintain" ;
 47          }
 48        ];
 49        default = [];
 50        description = ''
 51           List of attribute sets describing the backups.
 52
 53           Username/password are extracted from
 54           <filename>${stateDir}/sitecopy.secrets</filename> at activation
 55           time. The secrets file lines should have the following structure:
 56           <screen>
 57             server username password
 58           </screen>
 59        '';
 60      };
 61
 62    };
 63
 64  };
 65
 66  config = mkIf config.services.sitecopy.enable {
 67    environment.systemPackages = [ sitecopy ];
 68
 69    services.cron.systemCronJobs = map sitecopyCron config.services.sitecopy.backups;
 70
 71    system.activationScripts.sitecopyBackup = stringAfter [ "stdio" "users" ]
 72      ''
 73        mkdir -m 0700 -p ${stateDir}
 74        chown root ${stateDir}
 75        touch ${stateDir}/sitecopy.secrets
 76        chown root ${stateDir}/sitecopy.secrets
 77
 78        ${lib.concatStrings (map ( b: ''
 79            unset secrets
 80            unset secret
 81            secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head -1`
 82            secret=($secrets)
 83            cat > ${stateDir}/${b.name}.conf << EOF
 84              site ${b.name}
 85              server ${b.server}
 86              protocol ${b.protocol}
 87              username ''${secret[1]}
 88              password ''${secret[2]}
 89              local ${b.local}
 90              remote ${b.remote}
 91              symlinks ${b.symlinks}
 92              ${if b.https then "http secure" else ""}
 93            EOF
 94            chmod 0600 ${stateDir}/${b.name}.conf
 95            if ! test -e ${stateDir}/${b.name} ; then
 96              echo " * Initializing sitecopy '${b.name}'"
 97              ${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
 98            else
 99              echo " * Sitecopy '${b.name}' already initialized"
100            fi
101          '' ) config.services.sitecopy.backups
102        )}
103      '';
104  };
105
106}