feat: backup client will now only run if there are items to backup.

Closes #54
This commit is contained in:
silver 2024-02-28 14:12:05 +00:00
parent a42ac52f9d
commit 90d8a105f7
2 changed files with 47 additions and 40 deletions

View file

@ -343,6 +343,8 @@ in {
};
config = lib.mkIf cfg.server.enable {
# services.skynet_backup.normal.backups = ["/etc/skynet/dns"];
# open the firewall for this
skynet_firewall.forward = [
"ip daddr ${cfg.server.ip} tcp dport 53 counter packets 0 bytes 0 accept"

View file

@ -9,6 +9,8 @@
with lib; let
cfg = config.services.skynet_backup;
enable_client = cfg.normal.backups != null && cfg.normal.backups != [];
# since they should all have the same config we can do this
base = {
paths = cfg.normal.backups;
@ -150,49 +152,52 @@ in {
};
};
config = {
# these values are anabled for every client
config =
{
# these values are anabled for every client
environment.systemPackages = with pkgs; [
restic
];
}
// mkIf cfg.server.enable {
networking.firewall.allowedTCPPorts = [
cfg.server.port
];
environment.systemPackages = [
# for flakes
pkgs.restic
];
# A list of all login accounts. To create the password hashes, use
# nix-shell -p apacheHttpd
# htpasswd -nbB "" "password" | cut -d: -f2
age.secrets.restic.file = ../secrets/backup/restic.age;
networking.firewall.allowedTCPPorts = [
cfg.server.port
];
services.restic.backups =
ownServers
// {
# merge teh two configs together
# backblaze = base // {
# # backupos for each server are stored in a folder under their name
# repository = "b2:NixOS-Main2:/${cfg.host.name}";
# #environmentFile = config.age.secrets.backblaze.path;
# };
age.secrets.restic_pw = {
file = ../secrets/backup/restic_pw.age;
path = "${config.services.restic.server.dataDir}/.htpasswd";
symlink = false;
mode = "770";
owner = "restic";
group = "restic";
};
age.secrets.restic_pw = mkIf cfg.server.enable {
file = ../secrets/backup/restic_pw.age;
path = "${config.services.restic.server.dataDir}/.htpasswd";
symlink = false;
mode = "770";
owner = "restic";
group = "restic";
};
services.restic.server = {
enable = true;
listenAddress = "${cfg.host.ip}:${toString cfg.server.port}";
appendOnly = cfg.server.appendOnly;
privateRepos = true;
};
}
// mkIf enable_client {
# client stuff here
services.restic.server = mkIf cfg.server.enable {
enable = true;
listenAddress = "${cfg.host.ip}:${toString cfg.server.port}";
appendOnly = cfg.server.appendOnly;
privateRepos = true;
# A list of all login accounts. To create the password hashes, use
# nix-shell -p apacheHttpd
# htpasswd -nbB "" "password" | cut -d: -f2
age.secrets.restic.file = ../secrets/backup/restic.age;
services.restic.backups =
ownServers
// {
# merge teh two configs together
# backblaze = base // {
# # backupos for each server are stored in a folder under their name
# repository = "b2:NixOS-Main2:/${cfg.host.name}";
# #environmentFile = config.age.secrets.backblaze.path;
# };
};
};
};
}