feat: backup client will now only run if there are items to backup.
Closes #54
This commit is contained in:
parent
a42ac52f9d
commit
90d8a105f7
2 changed files with 47 additions and 40 deletions
|
@ -343,6 +343,8 @@ in {
|
|||
};
|
||||
|
||||
config = lib.mkIf cfg.server.enable {
|
||||
# services.skynet_backup.normal.backups = ["/etc/skynet/dns"];
|
||||
|
||||
# open the firewall for this
|
||||
skynet_firewall.forward = [
|
||||
"ip daddr ${cfg.server.ip} tcp dport 53 counter packets 0 bytes 0 accept"
|
||||
|
|
|
@ -9,6 +9,8 @@
|
|||
with lib; let
|
||||
cfg = config.services.skynet_backup;
|
||||
|
||||
enable_client = cfg.normal.backups != null && cfg.normal.backups != [];
|
||||
|
||||
# since they should all have the same config we can do this
|
||||
base = {
|
||||
paths = cfg.normal.backups;
|
||||
|
@ -150,13 +152,36 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
config =
|
||||
{
|
||||
# these values are anabled for every client
|
||||
|
||||
environment.systemPackages = [
|
||||
# for flakes
|
||||
pkgs.restic
|
||||
environment.systemPackages = with pkgs; [
|
||||
restic
|
||||
];
|
||||
}
|
||||
// mkIf cfg.server.enable {
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
cfg.server.port
|
||||
];
|
||||
|
||||
age.secrets.restic_pw = {
|
||||
file = ../secrets/backup/restic_pw.age;
|
||||
path = "${config.services.restic.server.dataDir}/.htpasswd";
|
||||
symlink = false;
|
||||
mode = "770";
|
||||
owner = "restic";
|
||||
group = "restic";
|
||||
};
|
||||
|
||||
services.restic.server = {
|
||||
enable = true;
|
||||
listenAddress = "${cfg.host.ip}:${toString cfg.server.port}";
|
||||
appendOnly = cfg.server.appendOnly;
|
||||
privateRepos = true;
|
||||
};
|
||||
}
|
||||
// mkIf enable_client {
|
||||
# client stuff here
|
||||
|
||||
# A list of all login accounts. To create the password hashes, use
|
||||
# nix-shell -p apacheHttpd
|
||||
|
@ -164,10 +189,6 @@ in {
|
|||
|
||||
age.secrets.restic.file = ../secrets/backup/restic.age;
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
cfg.server.port
|
||||
];
|
||||
|
||||
services.restic.backups =
|
||||
ownServers
|
||||
// {
|
||||
|
@ -178,21 +199,5 @@ in {
|
|||
# #environmentFile = config.age.secrets.backblaze.path;
|
||||
# };
|
||||
};
|
||||
|
||||
age.secrets.restic_pw = mkIf cfg.server.enable {
|
||||
file = ../secrets/backup/restic_pw.age;
|
||||
path = "${config.services.restic.server.dataDir}/.htpasswd";
|
||||
symlink = false;
|
||||
mode = "770";
|
||||
owner = "restic";
|
||||
group = "restic";
|
||||
};
|
||||
|
||||
services.restic.server = mkIf cfg.server.enable {
|
||||
enable = true;
|
||||
listenAddress = "${cfg.host.ip}:${toString cfg.server.port}";
|
||||
appendOnly = cfg.server.appendOnly;
|
||||
privateRepos = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue