diff options
author | Simon Lackerbauer <simon@lackerbauer.com> | 2018-05-03 16:18:56 +0200 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2018-05-24 04:40:45 +0200 |
commit | 1433ec60afd44fa4daa0805e0d9f689997392848 (patch) | |
tree | e652d86b08fd03ac7a55df2e74d6e77144fc0fb0 /nixos/modules/services/backup | |
parent | 400484008c4e95eac3244d7fb8fb24f25be14df9 (diff) | |
download | nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.tar nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.tar.gz nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.tar.bz2 nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.tar.lz nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.tar.xz nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.tar.zst nixpkgs-1433ec60afd44fa4daa0805e0d9f689997392848.zip |
nixos/borgbackup: let borg write to disk and see /tmp, add extraArgs
Diffstat (limited to 'nixos/modules/services/backup')
-rw-r--r-- | nixos/modules/services/backup/borgbackup.nix | 48 |
1 files changed, 42 insertions, 6 deletions
diff --git a/nixos/modules/services/backup/borgbackup.nix b/nixos/modules/services/backup/borgbackup.nix index 1b730e0c2b7..1e019827dfe 100644 --- a/nixos/modules/services/backup/borgbackup.nix +++ b/nixos/modules/services/backup/borgbackup.nix @@ -35,25 +35,26 @@ let ${cfg.preHook} '' + optionalString cfg.doInit '' # Run borg init if the repo doesn't exist yet - if ! borg list > /dev/null; then - borg init \ + if ! borg list ${cfg.extraArgs} > /dev/null; then + borg init ${cfg.extraArgs} \ --encryption ${cfg.encryption.mode} \ $extraInitArgs ${cfg.postInit} fi '' + '' - borg create \ + borg create ${cfg.extraArgs} \ --compression ${cfg.compression} \ --exclude-from ${mkExcludeFile cfg} \ $extraCreateArgs \ "::$archiveName$archiveSuffix" \ ${escapeShellArgs cfg.paths} '' + optionalString cfg.appendFailedSuffix '' - borg rename "::$archiveName$archiveSuffix" "$archiveName" + borg rename ${cfg.extraArgs} \ + "::$archiveName$archiveSuffix" "$archiveName" '' + '' ${cfg.postCreate} '' + optionalString (cfg.prune.keep != { }) '' - borg prune \ + borg prune ${cfg.extraArgs} \ ${mkKeepArgs cfg} \ --prefix ${escapeShellArg cfg.prune.prefix} \ $extraPruneArgs @@ -85,9 +86,10 @@ let ProtectSystem = "strict"; ReadWritePaths = [ "${userHome}/.config/borg" "${userHome}/.cache/borg" ] + ++ cfg.readWritePaths # Borg needs write access to repo if it is not remote ++ optional (isLocalPath cfg.repo) cfg.repo; - PrivateTmp = true; + PrivateTmp = cfg.privateTmp; }; environment = { BORG_REPO = cfg.repo; @@ -318,6 +320,30 @@ in { ]; }; + readWritePaths = mkOption { + type = with types; listOf path; + description = '' + By default, borg cannot write anywhere on the system but + <literal>$HOME/.config/borg</literal> and <literal>$HOME/.cache/borg</literal>. + If, for example, your preHook script needs to dump files + somewhere, put those directories here. + ''; + default = [ ]; + example = [ + "/var/backup/mysqldump" + ]; + }; + + privateTmp = mkOption { + type = types.bool; + description = '' + Set the <literal>PrivateTmp</literal> option for + the systemd-service. Set to false if you need sockets + or other files from global /tmp. + ''; + default = true; + }; + doInit = mkOption { type = types.bool; description = '' @@ -430,6 +456,16 @@ in { default = ""; }; + extraArgs = mkOption { + type = types.str; + description = '' + Additional arguments for all <command>borg</command> calls the + service has. Handle with care. + ''; + default = ""; + example = "--remote-path=borg1"; + }; + extraInitArgs = mkOption { type = types.str; description = '' |