pyrox.dev
1{ config, pkgs, lib, ... }:
2
3with lib;
4
5let
6 cfg = config.services.duplicati;
7in
8{
9 options = {
10 services.duplicati = {
11 enable = mkEnableOption "Duplicati";
12
13 port = mkOption {
14 default = 8200;
15 type = types.int;
16 description = ''
17 Port serving the web interface
18 '';
19 };
20
21 interface = mkOption {
22 default = "127.0.0.1";
23 type = types.str;
24 description = ''
25 Listening interface for the web UI
26 Set it to "any" to listen on all available interfaces
27 '';
28 };
29
30 user = mkOption {
31 default = "duplicati";
32 type = types.str;
33 description = ''
34 Duplicati runs as it's own user. It will only be able to backup world-readable files.
35 Run as root with special care.
36 '';
37 };
38 };
39 };
40
41 config = mkIf cfg.enable {
42 environment.systemPackages = [ pkgs.duplicati ];
43
44 systemd.services.duplicati = {
45 description = "Duplicati backup";
46 after = [ "network.target" ];
47 wantedBy = [ "multi-user.target" ];
48 serviceConfig = {
49 User = cfg.user;
50 Group = "duplicati";
51 StateDirectory = "duplicati";
52 ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=${cfg.interface} --webservice-port=${toString cfg.port} --server-datafolder=/var/lib/duplicati";
53 Restart = "on-failure";
54 };
55 };
56
57 users.users = lib.optionalAttrs (cfg.user == "duplicati") {
58 duplicati = {
59 uid = config.ids.uids.duplicati;
60 home = "/var/lib/duplicati";
61 createHome = true;
62 group = "duplicati";
63 };
64 };
65 users.groups.duplicati.gid = config.ids.gids.duplicati;
66
67 };
68}
69