feat: backup client will now only run if there are items to backup.

Closes #54
2024-02-28 14:12:05 +00:00 · 2024-02-28 14:12:05 +00:00 · 90d8a105f7
commit 90d8a105f7
parent a42ac52f9d
2 changed files with 47 additions and 40 deletions
--- a/applications/dns.nix
+++ b/applications/dns.nix
@ -343,6 +343,8 @@ in {
  };

  config = lib.mkIf cfg.server.enable {
+    # services.skynet_backup.normal.backups = ["/etc/skynet/dns"];
+
    # open the firewall for this
    skynet_firewall.forward = [
      "ip daddr ${cfg.server.ip} tcp dport 53 counter packets 0 bytes 0 accept"
--- a/applications/restic.nix
+++ b/applications/restic.nix
@ -9,6 +9,8 @@
 with lib; let
  cfg = config.services.skynet_backup;

+  enable_client = cfg.normal.backups != null && cfg.normal.backups != [];
+
  # since they should all have the same config we can do this
  base = {
    paths = cfg.normal.backups;
@ -150,49 +152,52 @@ in {
    };
  };

-  config = {
-    # these values are anabled for every client
+  config =
+    {
+      # these values are anabled for every client
+      environment.systemPackages = with pkgs; [
+        restic
+      ];
+    }
+    // mkIf cfg.server.enable {
+      networking.firewall.allowedTCPPorts = [
+        cfg.server.port
+      ];

-    environment.systemPackages = [
-      # for flakes
-      pkgs.restic
-    ];
-
-    # A list of all login accounts. To create the password hashes, use
-    # nix-shell -p apacheHttpd
-    # htpasswd -nbB "" "password" | cut -d: -f2
-
-    age.secrets.restic.file = ../secrets/backup/restic.age;
-
-    networking.firewall.allowedTCPPorts = [
-      cfg.server.port
-    ];
-
-    services.restic.backups =
-      ownServers
-      // {
-        # merge teh two configs together
-        #      backblaze = base // {
-        #        # backupos for each server are stored in a folder under their name
-        #        repository = "b2:NixOS-Main2:/${cfg.host.name}";
-        #        #environmentFile = config.age.secrets.backblaze.path;
-        #      };
+      age.secrets.restic_pw = {
+        file = ../secrets/backup/restic_pw.age;
+        path = "${config.services.restic.server.dataDir}/.htpasswd";
+        symlink = false;
+        mode = "770";
+        owner = "restic";
+        group = "restic";
      };

-    age.secrets.restic_pw = mkIf cfg.server.enable {
-      file = ../secrets/backup/restic_pw.age;
-      path = "${config.services.restic.server.dataDir}/.htpasswd";
-      symlink = false;
-      mode = "770";
-      owner = "restic";
-      group = "restic";
-    };
+      services.restic.server = {
+        enable = true;
+        listenAddress = "${cfg.host.ip}:${toString cfg.server.port}";
+        appendOnly = cfg.server.appendOnly;
+        privateRepos = true;
+      };
+    }
+    // mkIf enable_client {
+      # client stuff here

-    services.restic.server = mkIf cfg.server.enable {
-      enable = true;
-      listenAddress = "${cfg.host.ip}:${toString cfg.server.port}";
-      appendOnly = cfg.server.appendOnly;
-      privateRepos = true;
+      # A list of all login accounts. To create the password hashes, use
+      # nix-shell -p apacheHttpd
+      # htpasswd -nbB "" "password" | cut -d: -f2
+
+      age.secrets.restic.file = ../secrets/backup/restic.age;
+
+      services.restic.backups =
+        ownServers
+        // {
+          # merge teh two configs together
+          #      backblaze = base // {
+          #        # backupos for each server are stored in a folder under their name
+          #        repository = "b2:NixOS-Main2:/${cfg.host.name}";
+          #        #environmentFile = config.age.secrets.backblaze.path;
+          #      };
+        };
    };
-  };
 }