{ config, lib, name, ... }: let inherit (lib) mkEnableOption mkOption remove; inherit (lib.types) attrs attrsOf listOf str submodule ; cfg = config.dgn-backups; homes = { compute01 = "/data/slow/bupstash"; geo01 = "/data/bupstash"; geo02 = "/data/bupstash"; storage01 = "/data/slow/bupstash"; }; starts = { compute01 = "*-*-* *:38:00"; storage01 = "*-*-* *:21:00"; web01 = "*-*-* *:47:00"; }; mkJobs = builtins.mapAttrs ( _: { to, settings }: { startAt = starts.${name}; key = config.age.secrets."bupstash-put_key".path; repositoryCommands = lib.extra.mapSingleFuse (host: "ssh -i /etc/ssh/ssh_host_ed25519_key bupstash-repo@${host}.dgnum") to; } // settings ); in { options.dgn-backups = { enable = mkEnableOption "DGNum backup service."; postgresDatabases = mkOption { type = listOf str; default = [ ]; description = '' List of postgres databases to dump into bupstash. ''; }; jobs = mkOption { type = attrsOf ( submodule { options = { to = mkOption { type = listOf str; default = remove name [ "compute01" "geo01" "geo02" "storage01" ]; description = "Hosts to send the backups to."; }; settings = mkOption { type = attrs; default = { }; description = "Base bupstash job config."; }; }; } ); default = { }; description = "List of bupstash jobs."; }; }; config = { dgn-backups.jobs = lib.extra.mapFuse (db: { "${db}-db".settings = { user = "postgres"; command = [ "${lib.getExe' config.services.postgresql.package "pg_dump"}" db ]; }; }) cfg.postgresDatabases; services.bupstash = { repositories = { inherit (cfg) enable; home = homes.${name}; access = [ { repo = "default"; keys = lib.extra.getAllKeys ( # Nodes allowed to create backups builtins.map (host: "machines/${host}") [ "compute01" "storage01" "vault01" "web01" ] ); allowed = [ "put" ]; } ]; }; jobs = mkJobs cfg.jobs; }; programs.ssh.knownHosts = lib.extra.mapFuse (host: { "${host}.dgnum".publicKey = builtins.head (lib.extra.getKeys "machines/${host}"); }) [ "compute01" "geo01" "geo02" "storage01" ]; }; }