2024-12-12 14:41:43 +01:00
|
|
|
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
|
2024-02-21 17:18:14 +01:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
lib,
|
2024-10-09 17:04:30 +02:00
|
|
|
dgn-keys,
|
2024-02-21 17:18:14 +01:00
|
|
|
name,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
|
|
|
|
let
|
2024-12-20 23:26:28 +01:00
|
|
|
inherit (lib)
|
|
|
|
getExe'
|
|
|
|
mkEnableOption
|
|
|
|
mkOption
|
|
|
|
remove
|
|
|
|
;
|
2024-02-21 17:18:14 +01:00
|
|
|
|
|
|
|
inherit (lib.types)
|
|
|
|
attrs
|
|
|
|
attrsOf
|
|
|
|
listOf
|
|
|
|
str
|
|
|
|
submodule
|
|
|
|
;
|
|
|
|
|
|
|
|
cfg = config.dgn-backups;
|
|
|
|
|
|
|
|
homes = {
|
|
|
|
compute01 = "/data/slow/bupstash";
|
|
|
|
geo01 = "/data/bupstash";
|
|
|
|
geo02 = "/data/bupstash";
|
|
|
|
storage01 = "/data/slow/bupstash";
|
|
|
|
};
|
|
|
|
|
|
|
|
starts = {
|
2024-02-21 22:42:41 +01:00
|
|
|
compute01 = "*-*-* *:38:00";
|
|
|
|
storage01 = "*-*-* *:21:00";
|
|
|
|
web01 = "*-*-* *:47:00";
|
2024-12-20 23:26:28 +01:00
|
|
|
web03 = "*-*-* *:13:00";
|
2024-02-21 17:18:14 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
mkJobs = builtins.mapAttrs (
|
|
|
|
_:
|
|
|
|
{ to, settings }:
|
|
|
|
{
|
|
|
|
startAt = starts.${name};
|
|
|
|
key = config.age.secrets."bupstash-put_key".path;
|
2024-03-10 01:03:30 +01:00
|
|
|
repositoryCommands = lib.extra.mapSingleFuse (
|
|
|
|
host: "ssh -i /etc/ssh/ssh_host_ed25519_key bupstash-repo@${host}.dgnum"
|
|
|
|
) to;
|
2024-02-21 17:18:14 +01:00
|
|
|
}
|
|
|
|
// settings
|
|
|
|
);
|
|
|
|
in
|
|
|
|
|
|
|
|
{
|
|
|
|
options.dgn-backups = {
|
|
|
|
enable = mkEnableOption "DGNum backup service.";
|
|
|
|
|
2024-02-21 22:01:32 +01:00
|
|
|
postgresDatabases = mkOption {
|
2024-02-21 17:18:14 +01:00
|
|
|
type = listOf str;
|
|
|
|
default = [ ];
|
|
|
|
description = ''
|
|
|
|
List of postgres databases to dump into bupstash.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
jobs = mkOption {
|
2024-03-10 01:03:30 +01:00
|
|
|
type = attrsOf (submodule {
|
|
|
|
options = {
|
|
|
|
to = mkOption {
|
|
|
|
type = listOf str;
|
|
|
|
default = remove name [
|
|
|
|
"compute01"
|
|
|
|
"geo01"
|
|
|
|
"geo02"
|
|
|
|
"storage01"
|
|
|
|
];
|
|
|
|
description = "Hosts to send the backups to.";
|
|
|
|
};
|
|
|
|
|
|
|
|
settings = mkOption {
|
|
|
|
type = attrs;
|
|
|
|
default = { };
|
|
|
|
description = "Base bupstash job config.";
|
2024-02-21 17:18:14 +01:00
|
|
|
};
|
2024-03-10 01:03:30 +01:00
|
|
|
};
|
|
|
|
});
|
2024-02-21 17:18:14 +01:00
|
|
|
default = { };
|
|
|
|
description = "List of bupstash jobs.";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = {
|
2024-03-10 01:03:30 +01:00
|
|
|
dgn-backups.jobs = lib.extra.mapFuse (db: {
|
|
|
|
"${db}-db".settings = {
|
|
|
|
user = "postgres";
|
|
|
|
command = [
|
2024-12-20 23:26:28 +01:00
|
|
|
(getExe' config.services.postgresql.package "pg_dump")
|
2024-03-10 01:03:30 +01:00
|
|
|
db
|
|
|
|
];
|
|
|
|
};
|
|
|
|
}) cfg.postgresDatabases;
|
2024-02-21 22:01:32 +01:00
|
|
|
|
2024-02-21 17:18:14 +01:00
|
|
|
services.bupstash = {
|
|
|
|
repositories = {
|
|
|
|
inherit (cfg) enable;
|
|
|
|
|
|
|
|
home = homes.${name};
|
|
|
|
|
|
|
|
access = [
|
|
|
|
{
|
|
|
|
repo = "default";
|
2024-10-09 17:04:30 +02:00
|
|
|
keys = dgn-keys.getKeys [
|
|
|
|
"compute01"
|
|
|
|
"storage01"
|
|
|
|
"vault01"
|
|
|
|
"web01"
|
2024-12-20 23:26:28 +01:00
|
|
|
"web02"
|
|
|
|
"web03"
|
2024-10-09 17:04:30 +02:00
|
|
|
];
|
2024-02-21 17:18:14 +01:00
|
|
|
allowed = [ "put" ];
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
2024-02-21 22:01:32 +01:00
|
|
|
jobs = mkJobs cfg.jobs;
|
2024-02-21 17:18:14 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
programs.ssh.knownHosts =
|
2024-10-09 17:04:30 +02:00
|
|
|
lib.extra.mapFuse (host: { "${host}.dgnum".publicKey = builtins.head dgn-keys._keys.${host}; })
|
2024-02-21 17:18:14 +01:00
|
|
|
[
|
|
|
|
"compute01"
|
|
|
|
"geo01"
|
|
|
|
"geo02"
|
|
|
|
"storage01"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
}
|