blob: cf5aebdecd281e063a716823f9991714ca60ce9c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.duplicati;
in
{
options = {
services.duplicati = {
enable = mkEnableOption "Duplicati";
port = mkOption {
default = 8200;
type = types.int;
description = ''
Port serving the web interface
'';
};
interface = mkOption {
default = "127.0.0.1";
type = types.str;
description = ''
Listening interface for the web UI
Set it to "any" to listen on all available interfaces
'';
};
user = mkOption {
default = "duplicati";
type = types.str;
description = ''
Duplicati runs as it's own user. It will only be able to backup world-readable files.
Run as root with special care.
'';
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.duplicati ];
systemd.services.duplicati = {
description = "Duplicati backup";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = cfg.user;
Group = "duplicati";
StateDirectory = "duplicati";
ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=${cfg.interface} --webservice-port=${toString cfg.port} --server-datafolder=/var/lib/duplicati";
Restart = "on-failure";
};
};
users.users = lib.optionalAttrs (cfg.user == "duplicati") {
duplicati = {
uid = config.ids.uids.duplicati;
home = "/var/lib/duplicati";
createHome = true;
group = "duplicati";
};
};
users.groups.duplicati.gid = config.ids.gids.duplicati;
};
}
|