diff options
author | Elis Hirwing <elis@hirwing.se> | 2021-07-25 10:00:37 +0200 |
---|---|---|
committer | Elis Hirwing <elis@hirwing.se> | 2021-07-25 10:13:17 +0200 |
commit | bb35e7c4044432111ab9fec5ef9c4260ae651582 (patch) | |
tree | 0db65f79e723a4dde252a81c48223138eec05df2 /nixos/modules | |
parent | 70862830f0a1415acd6c9fb7fc74ab59530f41dc (diff) | |
download | nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.tar nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.tar.gz nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.tar.bz2 nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.tar.lz nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.tar.xz nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.tar.zst nixpkgs-bb35e7c4044432111ab9fec5ef9c4260ae651582.zip |
nixos/sanoid: Extract datasets rather than pools
When making new snapshots we only need to delegate permissions to the specific dataset rather than the entire pool.
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/backup/sanoid.nix | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/nixos/modules/services/backup/sanoid.nix b/nixos/modules/services/backup/sanoid.nix index abc4def1c61..9713581165b 100644 --- a/nixos/modules/services/backup/sanoid.nix +++ b/nixos/modules/services/backup/sanoid.nix @@ -70,8 +70,8 @@ let processChildrenOnly = process_children_only; }; - # Extract pool names from configured datasets - pools = unique (map (d: head (builtins.match "([^/]+).*" d)) (attrNames cfg.datasets)); + # Extract unique dataset names + datasets = unique (attrNames cfg.datasets); configFile = let mkValueString = v: @@ -156,18 +156,18 @@ in { systemd.services.sanoid = { description = "Sanoid snapshot service"; serviceConfig = { - ExecStartPre = map (pool: lib.escapeShellArgs [ + ExecStartPre = map (dataset: lib.escapeShellArgs [ "+/run/booted-system/sw/bin/zfs" "allow" - "sanoid" "snapshot,mount,destroy" pool - ]) pools; + "sanoid" "snapshot,mount,destroy" dataset + ]) datasets; ExecStart = lib.escapeShellArgs ([ "${pkgs.sanoid}/bin/sanoid" "--cron" "--configdir" (pkgs.writeTextDir "sanoid.conf" configFile) ] ++ cfg.extraArgs); - ExecStopPost = map (pool: lib.escapeShellArgs [ - "+/run/booted-system/sw/bin/zfs" "unallow" "sanoid" pool - ]) pools; + ExecStopPost = map (dataset: lib.escapeShellArgs [ + "+/run/booted-system/sw/bin/zfs" "unallow" "sanoid" dataset + ]) datasets; User = "sanoid"; Group = "sanoid"; DynamicUser = true; |