118 lines
3.1 KiB
Nix
118 lines
3.1 KiB
Nix
{ instances ? [ ]
|
|
}:
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
let
|
|
btrbkPrimary = { subvolumes ? [ ] }: {
|
|
snapshot_dir = "@snapshots";
|
|
subvolume = builtins.foldl'
|
|
(acc: subvol: acc // {
|
|
${subvol} = { };
|
|
})
|
|
{ }
|
|
subvolumes;
|
|
};
|
|
|
|
btrbkSecondary = { targetDir, subvolumes ? [ ] }: {
|
|
target = "send-receive ${targetDir}";
|
|
subvolume = builtins.foldl'
|
|
(acc: subvol: acc // {
|
|
${subvol} = {
|
|
snapshot_dir = "@snapshots";
|
|
snapshot_preserve_min = "all";
|
|
snapshot_create = "no";
|
|
};
|
|
})
|
|
{ }
|
|
subvolumes;
|
|
};
|
|
|
|
primary = mountDir: subvolumes: {
|
|
snapshot_preserve_min = "2d";
|
|
snapshot_preserve = "7d 5w";
|
|
transaction_log = "/var/log/btrbk.log";
|
|
volume = {
|
|
"${mountDir}" = btrbkPrimary {
|
|
inherit subvolumes;
|
|
};
|
|
};
|
|
};
|
|
|
|
secondary = primaryIp: mountDir: subvolumes: {
|
|
backend_remote = "btrfs-progs-sudo";
|
|
ssh_identity = config.sops.secrets.private_key.path;
|
|
ssh_user = "btrbk";
|
|
stream_buffer = "512m";
|
|
target_preserve = "24h 7d";
|
|
target_preserve_min = "24h";
|
|
transaction_log = "/var/log/btrbk.log";
|
|
volume = {
|
|
"ssh://${primaryIp}${mountDir}" = btrbkSecondary {
|
|
targetDir = "${mountDir}/@snapshots";
|
|
inherit subvolumes;
|
|
};
|
|
};
|
|
};
|
|
|
|
backup = primaryIp: remoteMountDir: localMountDir: subvolumes: {
|
|
backend_remote = "btrfs-progs-sudo";
|
|
ssh_identity = config.sops.secrets.private_key.path;
|
|
ssh_user = "btrbk";
|
|
stream_buffer = "512m";
|
|
target_preserve = "2h 2d 10w *m";
|
|
target_preserve_min = "24h";
|
|
transaction_log = "/var/log/btrbk.log";
|
|
volume = {
|
|
"ssh://${primaryIp}${remoteMountDir}" = btrbkSecondary {
|
|
targetDir = "${localMountDir}/@snapshots";
|
|
inherit subvolumes;
|
|
};
|
|
};
|
|
};
|
|
in
|
|
{
|
|
sops.secrets.private_key = {
|
|
format = "yaml";
|
|
sopsFile = ../../secrets/btrbk.yaml;
|
|
owner = config.users.users.btrbk.name;
|
|
group = config.users.users.btrbk.group;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
btrbk
|
|
btrfs-progs
|
|
(writeShellScriptBin "restore-snapshot" (builtins.readFile ./restore-snapshot))
|
|
(writeShellScriptBin "restore-all-snapshots" (builtins.readFile ./restore-all-snapshots))
|
|
];
|
|
|
|
services.btrbk = {
|
|
sshAccess = [
|
|
{
|
|
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTqU3EvTgY5/e9m6YyQWypQPK58t9iPmPnPYAvnODGB asonix@lionheart";
|
|
roles = [ "source" "info" "send" ];
|
|
}
|
|
];
|
|
extraPackages = with pkgs; [ gzip ];
|
|
instances = (builtins.foldl'
|
|
(acc: { primaryIp ? null, mountDir, localMountDir ? null, subvolumes, name ? "btrbk" }:
|
|
let
|
|
selected =
|
|
if primaryIp == null && localMountDir == null then
|
|
(primary mountDir subvolumes)
|
|
else if localMountDir == null then
|
|
(secondary primaryIp mountDir subvolumes)
|
|
else
|
|
(backup primaryIp mountDir localMountDir subvolumes);
|
|
in
|
|
acc //
|
|
{
|
|
${name} = {
|
|
onCalendar = "hourly";
|
|
settings = selected;
|
|
};
|
|
})
|
|
{ }
|
|
instances);
|
|
};
|
|
}
|