blob: 5c7f7ffae5b3274c9d6d85b6f821cc9c213bb590 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
{ config, pkgs, ... }:
with pkgs.lib;
let
inherit (pkgs) sitecopy;
stateDir = "/var/spool/sitecopy";
sitecopyCron = backup : ''
${if backup ? period then backup.period else config.services.sitecopy.period} root ${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${backup.name}.conf --update ${backup.name} >> /var/log/sitecopy.log 2>&1
'';
in
{
options = {
services.sitecopy = {
enable = mkOption {
default = false;
description = ''
Whether to enable sitecopy backups of specified directories.
'';
};
period = mkOption {
default = "15 04 * * *";
description = ''
This option defines (in the format used by cron) when the
sitecopy backup are being run.
The default is to update at 04:15 (at night) every day.
'';
};
backups = mkOption {
example = [
{ name = "test";
local = "/tmp/backup";
remote = "/staff-groups/ewi/st/strategoxt/backup/test";
server = "webdata.tudelft.nl";
protocol = "webdav";
https = true ;
symlinks = "maintain" ;
}
];
default = [];
description = ''
List of attributesets describing the backups.
Username/password are extracted from <filename>${stateDir}/sitecopy.secrets</filename> at activation
time. The secrets file lines should have the following structure:
<screen>
server username password
</screen>
'';
};
};
};
config = mkIf config.services.sitecopy.enable {
environment.systemPackages = [ sitecopy ];
services.cron.systemCronJobs = map sitecopyCron config.services.sitecopy.backups;
system.activationScripts.sitecopyBackup = stringAfter [ "stdio" "users" ]
''
mkdir -m 0700 -p ${stateDir}
chown root ${stateDir}
touch ${stateDir}/sitecopy.secrets
chown root ${stateDir}/sitecopy.secrets
${pkgs.lib.concatStrings (map ( b: ''
unset secrets
unset secret
secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head -1`
secret=($secrets)
cat > ${stateDir}/${b.name}.conf << EOF
site ${b.name}
server ${b.server}
protocol ${b.protocol}
username ''${secret[1]}
password ''${secret[2]}
local ${b.local}
remote ${b.remote}
symlinks ${b.symlinks}
${if b.https then "http secure" else ""}
EOF
chmod 0600 ${stateDir}/${b.name}.conf
if ! test -e ${stateDir}/${b.name} ; then
echo " * Initializing sitecopy '${b.name}'"
${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
else
echo " * Sitecopy '${b.name}' already initialized"
fi
'' ) config.services.sitecopy.backups
)}
'';
};
}
|