diff options
| author | Nick Cao <nickcao@nichi.co> | 2023-01-22 16:23:04 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-22 16:23:04 +0800 |
| commit | 99f9998309826651c9e5d6815c8c7239d8438f94 (patch) | |
| tree | 9487ddf2fc5ca3f332d5ec6c16dc323797dcf561 /nixos/modules/services/backup | |
| parent | a0ea430baddf72b7933678c41fe1f76f51b94e5b (diff) | |
| parent | 9dbdb059245ccdb8e7e8161c6a37301a5397ef6d (diff) | |
| download | nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.tar nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.tar.gz nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.tar.bz2 nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.tar.lz nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.tar.xz nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.tar.zst nixlib-99f9998309826651c9e5d6815c8c7239d8438f94.zip | |
Merge pull request #204386 from robryk/resticassert
nixos/restic: small enhancements
Diffstat (limited to 'nixos/modules/services/backup')
| -rw-r--r-- | nixos/modules/services/backup/restic.nix | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/nixos/modules/services/backup/restic.nix b/nixos/modules/services/backup/restic.nix index 0d21b1e8d66a..bc24e13aa050 100644 --- a/nixos/modules/services/backup/restic.nix +++ b/nixos/modules/services/backup/restic.nix @@ -126,6 +126,21 @@ in ]; }; + exclude = mkOption { + type = types.listOf types.str; + default = [ ]; + description = lib.mdDoc '' + Patterns to exclude when backing up. See + https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files for + details on syntax. + ''; + example = [ + "/var/cache" + "/home/*/.cache" + ".git" + ]; + }; + timerConfig = mkOption { type = types.attrsOf unitOption; default = { @@ -249,6 +264,7 @@ in example = { localbackup = { paths = [ "/home" ]; + exclude = [ "/home/*/.cache" ]; repository = "/mnt/backup-hdd"; passwordFile = "/etc/nixos/secrets/restic-password"; initialize = true; @@ -270,12 +286,17 @@ in config = { warnings = mapAttrsToList (n: v: "services.restic.backups.${n}.s3CredentialsFile is deprecated, please use services.restic.backups.${n}.environmentFile instead.") (filterAttrs (n: v: v.s3CredentialsFile != null) config.services.restic.backups); + assertions = mapAttrsToList (n: v: { + assertion = (v.repository == null) != (v.repositoryFile == null); + message = "services.restic.backups.${n}: exactly one of repository or repositoryFile should be set"; + }) config.services.restic.backups; systemd.services = mapAttrs' (name: backup: let extraOptions = concatMapStrings (arg: " -o ${arg}") backup.extraOptions; resticCmd = "${backup.package}/bin/restic${extraOptions}"; + excludeFlags = if (backup.exclude != []) then ["--exclude-file=${pkgs.writeText "exclude-patterns" (concatStringsSep "\n" backup.exclude)}"] else []; filesFromTmpFile = "/run/restic-backups-${name}/includes"; backupPaths = if (backup.dynamicFilesFrom == null) @@ -311,7 +332,7 @@ in restartIfChanged = false; serviceConfig = { Type = "oneshot"; - ExecStart = (optionals (backupPaths != "") [ "${resticCmd} backup --cache-dir=%C/restic-backups-${name} ${concatStringsSep " " backup.extraBackupArgs} ${backupPaths}" ]) + ExecStart = (optionals (backupPaths != "") [ "${resticCmd} backup --cache-dir=%C/restic-backups-${name} ${concatStringsSep " " (backup.extraBackupArgs ++ excludeFlags)} ${backupPaths}" ]) ++ pruneCmd; User = backup.user; RuntimeDirectory = "restic-backups-${name}"; |