···
1
-
{ config, lib, pkgs, ...}:
1
+
{ config, lib, pkgs, ... }:
cfg = config.services.duplicity;
stateDirectory = "/var/lib/duplicity";
10
-
localTarget = if hasPrefix "file://" cfg.targetUrl
10
+
if hasPrefix "file://" cfg.targetUrl
then removePrefix "file://" cfg.targetUrl else null;
options.services.duplicity = {
enable = mkEnableOption "backups with duplicity";
···
type = types.listOf types.str;
List of paths to include into the backups. See the FILE SELECTION
···
type = types.listOf types.str;
List of paths to exclude from backups. See the FILE SELECTION section in
<citerefentry><refentrytitle>duplicity</refentrytitle>
···
type = types.listOf types.str;
86
-
example = [ "--full-if-older-than" "1M" ];
87
+
example = [ "--backend-retry-delay" "100" ];
Extra command-line flags passed to duplicity. See
<citerefentry><refentrytitle>duplicity</refentrytitle>
<manvolnum>1</manvolnum></citerefentry>.
95
+
fullIfOlderThan = mkOption {
100
+
If <literal>"never"</literal> (the default) always do incremental
101
+
backups (the first backup will be a full backup, of course). If
102
+
<literal>"always"</literal> always do full backups. Otherwise, this
103
+
must be a string representing a duration. Full backups will be made
104
+
when the latest full backup is older than this duration. If this is not
105
+
the case, an incremental backup is performed.
110
+
maxAge = mkOption {
111
+
type = types.nullOr types.str;
115
+
If non-null, delete all backup sets older than the given time. Old backup sets
116
+
will not be deleted if backup sets newer than time depend on them.
119
+
maxFull = mkOption {
120
+
type = types.nullOr types.int;
124
+
If non-null, delete all backups sets that are older than the count:th last full
125
+
backup (in other words, keep the last count full backups and
126
+
associated incremental sets).
129
+
maxIncr = mkOption {
130
+
type = types.nullOr types.int;
134
+
If non-null, delete incremental sets of all backups sets that are
135
+
older than the count:th last full backup (in other words, keep only
136
+
old full backups and not their increments).
config = mkIf cfg.enable {
···
environment.HOME = stateDirectory;
104
-
${pkgs.duplicity}/bin/duplicity ${escapeShellArgs (
108
-
"--archive-dir" stateDirectory
151
+
target = escapeShellArg cfg.targetUrl;
152
+
extra = escapeShellArgs ([ "--archive-dir" stateDirectory ] ++ cfg.extraFlags);
153
+
dup = "${pkgs.duplicity}/bin/duplicity";
157
+
${dup} cleanup ${target} --force ${extra}
158
+
${lib.optionalString (cfg.cleanup.maxAge != null) "${dup} remove-older-than ${lib.escapeShellArg cfg.cleanup.maxAge} ${target} --force ${extra}"}
159
+
${lib.optionalString (cfg.cleanup.maxFull != null) "${dup} remove-all-but-n-full ${toString cfg.cleanup.maxFull} ${target} --force ${extra}"}
160
+
${lib.optionalString (cfg.cleanup.maxIncr != null) "${dup} remove-all-incr-but-n-full ${toString cfg.cleanup.maxIncr} ${target} --force ${extra}"}
161
+
exec ${dup} ${if cfg.fullIfOlderThan == "always" then "full" else "incr"} ${lib.escapeShellArgs (
162
+
[ cfg.root cfg.targetUrl ]
++ concatMap (p: [ "--include" p ]) cfg.include
++ concatMap (p: [ "--exclude" p ]) cfg.exclude
112
-
++ cfg.extraFlags)}
165
+
++ (lib.optionals (cfg.fullIfOlderThan != "never" && cfg.fullIfOlderThan != "always") [ "--full-if-older-than" cfg.fullIfOlderThan ])
ProtectSystem = "strict";
ProtectHome = "read-only";
···
# Duplicity will fail if the last file selection option is an include. It
# is not always possible to detect but this simple case can be caught.
133
-
assertion = cfg.include != [] -> cfg.exclude != [] || cfg.extraFlags != [];
188
+
assertion = cfg.include != [ ] -> cfg.exclude != [ ] || cfg.extraFlags != [ ];
Duplicity will fail if you only specify included paths ("Because the
default is to include all files, the expression is redundant. Exiting
pyrox.dev