diff options
| author | Maximilian Bosch <maximilian@mbosch.me> | 2019-09-30 17:35:13 +0200 |
|---|---|---|
| committer | Maximilian Bosch <maximilian@mbosch.me> | 2019-10-14 17:28:44 +0200 |
| commit | 2dfc67517a4d33d602b5c4a599470eaa3ddabac6 (patch) | |
| tree | 656b195c37cf6d9fb9f934a56c3a076fb85d61f5 /nixos/modules/services/backup/borgbackup.nix | |
| parent | 593867effb2806e9d2f28f326bbab75d53159ac5 (diff) | |
| download | nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.tar nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.tar.gz nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.tar.bz2 nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.tar.lz nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.tar.xz nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.tar.zst nixpkgs-2dfc67517a4d33d602b5c4a599470eaa3ddabac6.zip | |
nixos/borgbackup: add option to allow removable devices
When having backup jobs that persist to a removable device like an external HDD, the directory shouldn't be created by an activation script as this might confuse auto-mounting tools such as udiskie(8). In this case the job will simply fail, with the former approach udiskie ran into some issues as the path `/run/media/ma27/backup` was already there and owned by root.
Diffstat (limited to 'nixos/modules/services/backup/borgbackup.nix')
| -rw-r--r-- | nixos/modules/services/backup/borgbackup.nix | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/nixos/modules/services/backup/borgbackup.nix b/nixos/modules/services/backup/borgbackup.nix index 2ad116a7872..10d42325a6b 100644 --- a/nixos/modules/services/backup/borgbackup.nix +++ b/nixos/modules/services/backup/borgbackup.nix @@ -8,7 +8,7 @@ let builtins.substring 0 1 x == "/" # absolute path || builtins.substring 0 1 x == "." # relative path || builtins.match "[.*:.*]" == null; # not machine:path - + mkExcludeFile = cfg: # Write each exclude pattern to a new line pkgs.writeText "excludefile" (concatStringsSep "\n" cfg.exclude); @@ -104,12 +104,12 @@ let install = "install -o ${cfg.user} -g ${cfg.group}"; in nameValuePair "borgbackup-job-${name}" (stringAfter [ "users" ] ('' - # Eensure that the home directory already exists + # Ensure that the home directory already exists # We can't assert createHome == true because that's not the case for root - cd "${config.users.users.${cfg.user}.home}" + cd "${config.users.users.${cfg.user}.home}" ${install} -d .config/borg ${install} -d .cache/borg - '' + optionalString (isLocalPath cfg.repo) '' + '' + optionalString (isLocalPath cfg.repo && !cfg.removableDevice) '' ${install} -d ${escapeShellArg cfg.repo} '')); @@ -163,6 +163,13 @@ let + " without at least one public key"; }; + mkRemovableDeviceAssertions = name: cfg: { + assertion = !(isLocalPath cfg.repo) -> !cfg.removableDevice; + message = '' + borgbackup.repos.${name}: repo isn't a local path, thus it can't be a removable device! + ''; + }; + in { meta.maintainers = with maintainers; [ dotlambda ]; @@ -202,6 +209,12 @@ in { example = "user@machine:/path/to/repo"; }; + removableDevice = mkOption { + type = types.bool; + default = false; + description = "Whether the repo (which must be local) is a removable device."; + }; + archiveBaseName = mkOption { type = types.strMatching "[^/{}]+"; default = "${globalConfig.networking.hostName}-${name}"; @@ -511,7 +524,6 @@ in { type = types.attrsOf (types.submodule ( { ... }: { options = { - path = mkOption { type = types.path; description = '' @@ -598,7 +610,8 @@ in { (with config.services.borgbackup; { assertions = mapAttrsToList mkPassAssertion jobs - ++ mapAttrsToList mkKeysAssertion repos; + ++ mapAttrsToList mkKeysAssertion repos + ++ mapAttrsToList mkRemovableDeviceAssertions jobs; system.activationScripts = mapAttrs' mkActivationScript jobs; |