hosts/oignon/backup.nix

   1 { pkgs, lib, config, hostName, ... }:
   2 with builtins;
   3 {
   4 services.sanoid = {
   5   enable = true;
   6   extraArgs = [ "--verbose" ];
   7   datasets = {
   8     "${hostName}/home" = {
   9       autosnap = true;
  10       autoprune = true;
  11       hourly = 12;
  12       daily = 7;
  13       monthly = 0;
  14       yearly = 0;
  15       recursive = true;
  16     };
  17     "${hostName}/var" = {
  18       autosnap = true;
  19       autoprune = true;
  20       hourly = 12;
  21       daily = 7;
  22       monthly = 0;
  23       yearly = 0;
  24       recursive = true;
  25     };
  26   };
  27 };
  28 # Tigger backups when disks are plugged
  29 services.udev.extraRules = ''
  30   ACTION=="add", SUBSYSTEM=="block", KERNEL=="sd*", ATTRS{size}=="1953525168", ENV{SYSTEMD_WANTS}+="zfs-usb-backup@WD10JPVT.service"
  31 '';
  32 systemd.services."zfs-usb@" = {
  33   description = "ZFS over USB: %I";
  34   unitConfig = {
  35     #ConditionPathExists = [ "/dev/disk/by-label/%I" ];
  36   };
  37   serviceConfig = {
  38     Type = "oneshot";
  39     RemainAfterExit = true;
  40     PrivateTmp = true;
  41     ExecStartPre = [
  42       # Scan the zpools, using stable paths
  43       "/run/booted-system/sw/bin/zpool import -d /dev/disk/by-id/"
  44     ];
  45     ExecStart =
  46       # Import the zpool
  47       "/bin/sh -xc '/run/booted-system/sw/bin/zpool import -lFd /dev/disk/by-id/ %I || /run/booted-system/sw/bin/zpool reopen %I || /run/booted-system/sw/bin/zpool clear -nFX %I'";
  48   };
  49 };
  50 systemd.services."zfs-usb-backup@" = {
  51   description = "ZFS backup over USB: %I";
  52   after = [ "zfs-usb@%i.service" ];
  53   wants = [ "zfs-usb@%i.service" ];
  54   serviceConfig = rec {
  55     Type = "oneshot";
  56     RemainAfterExit = true;
  57     PrivateTmp = true;
  58     CacheDirectory = [ "zfs-usb-backup-%I" ];
  59     RuntimeDirectory = [ "zfs-usb-backup-%I" ];
  60     User = "julm";
  61     Group = "users";
  62     ExecStartPre = [
  63       "+/run/booted-system/sw/bin/zfs allow ${User} bookmark,hold,mount,send ${hostName}/home"
  64       "+/run/booted-system/sw/bin/zfs allow ${User} bookmark,hold,mount,send ${hostName}/var"
  65       "+/run/booted-system/sw/bin/zfs allow ${User} bookmark,create,destroy,load-key,mount,mountpoint,receive,rollback,snapshot %I/${User}"
  66     ];
  67     ExecStart = pkgs.writeShellScript "zfs-usb-backup" ''
  68       set -eu
  69       DESTPOOL=$1
  70       install -D -m 444 /dev/stdin /tmp/sanoid/sanoid.conf <<EOF
  71         [template_remote]
  72         autoprune=true
  73         autosnap=false
  74         monthly=3
  75         process_children_only=false
  76
  77         [$DESTPOOL/${User}/backup/${hostName}/home/work]
  78         daily=31
  79         recursive=false
  80         use_template=remote
  81       EOF
  82       set -x
  83       ${pkgs.sanoid}/bin/sanoid \
  84         --cache-dir /var/cache/zfs-usb-backup-"$DESTPOOL" \
  85         --configdir /tmp/sanoid \
  86         --prune-snapshots \
  87         --run-dir /run/zfs-usb-backup-"$DESTPOOL" \
  88         --verbose
  89
  90       for dataset in ${hostName}/home; do
  91         ${pkgs.sanoid}/bin/syncoid \
  92           --create-bookmark \
  93           --exclude "home/room" \
  94           --force-delete \
  95           --no-privilege-elevation \
  96           --no-sync-snap \
  97           --recursive \
  98           --recvoptions "" \
  99           --sendoptions raw  \
 100           --skip-parent \
 101           "$dataset" \
 102           "$DESTPOOL"/${User}/backup/"$dataset"
 103       done
 104     '' + " %I";
 105     # Scrub the zpool (in the background)
 106     ExecStartPost = "+/run/booted-system/sw/bin/zpool scrub %I";
 107   };
 108 };
 109 }