nixpkgs-suyu/nixos/modules/services/backup/sitecopy-backup.nix
Eelco Dolstra 29027fd1e1 Rewrite ‘with pkgs.lib’ -> ‘with lib’
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
2014-04-14 16:26:48 +02:00

104 lines
3 KiB
Nix

{ config, lib, pkgs, ... }:
with lib;
let
inherit (pkgs) sitecopy;
stateDir = "/var/spool/sitecopy";
sitecopyCron = backup : ''
${if backup ? period then backup.period else config.services.sitecopy.period} root ${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${backup.name}.conf --update ${backup.name} >> /var/log/sitecopy.log 2>&1
'';
in
{
options = {
services.sitecopy = {
enable = mkOption {
default = false;
description = ''
Whether to enable sitecopy backups of specified directories.
'';
};
period = mkOption {
default = "15 04 * * *";
description = ''
This option defines (in the format used by cron) when the
sitecopy backup are being run.
The default is to update at 04:15 (at night) every day.
'';
};
backups = mkOption {
example = [
{ name = "test";
local = "/tmp/backup";
remote = "/staff-groups/ewi/st/strategoxt/backup/test";
server = "webdata.tudelft.nl";
protocol = "webdav";
https = true ;
symlinks = "maintain" ;
}
];
default = [];
description = ''
List of attributesets describing the backups.
Username/password are extracted from <filename>${stateDir}/sitecopy.secrets</filename> at activation
time. The secrets file lines should have the following structure:
<screen>
server username password
</screen>
'';
};
};
};
config = mkIf config.services.sitecopy.enable {
environment.systemPackages = [ sitecopy ];
services.cron.systemCronJobs = map sitecopyCron config.services.sitecopy.backups;
system.activationScripts.sitecopyBackup = stringAfter [ "stdio" "users" ]
''
mkdir -m 0700 -p ${stateDir}
chown root ${stateDir}
touch ${stateDir}/sitecopy.secrets
chown root ${stateDir}/sitecopy.secrets
${pkgs.lib.concatStrings (map ( b: ''
unset secrets
unset secret
secrets=`grep '^${b.server}' ${stateDir}/sitecopy.secrets | head -1`
secret=($secrets)
cat > ${stateDir}/${b.name}.conf << EOF
site ${b.name}
server ${b.server}
protocol ${b.protocol}
username ''${secret[1]}
password ''${secret[2]}
local ${b.local}
remote ${b.remote}
symlinks ${b.symlinks}
${if b.https then "http secure" else ""}
EOF
chmod 0600 ${stateDir}/${b.name}.conf
if ! test -e ${stateDir}/${b.name} ; then
echo " * Initializing sitecopy '${b.name}'"
${sitecopy}/bin/sitecopy --storepath=${stateDir} --rcfile=${stateDir}/${b.name}.conf --initialize ${b.name}
else
echo " * Sitecopy '${b.name}' already initialized"
fi
'' ) config.services.sitecopy.backups
)}
'';
};
}