hosts/oignon/backup.nix

   1 { pkgs, lib, config, hostName, ... }:
   2 with builtins;
   3 {
   4 # Take regular snapshots, and prune old ones
   5 services.sanoid = {
   6   enable = true;
   7   extraArgs = [ "--verbose" ];
   8   datasets = {
   9     "${hostName}/home" = {
  10       autosnap = true;
  11       autoprune = true;
  12       hourly = 12;
  13       daily = 7;
  14       monthly = 0;
  15       yearly = 0;
  16       recursive = true;
  17     };
  18     "${hostName}/var" = {
  19       autosnap = true;
  20       autoprune = true;
  21       hourly = 12;
  22       daily = 7;
  23       monthly = 0;
  24       yearly = 0;
  25       recursive = true;
  26     };
  27   };
  28 };
  29 # Tigger backups when disks are plugged
  30 services.udev.extraRules = ''
  31   ACTION=="add", SUBSYSTEM=="block", KERNEL=="sd*", ATTRS{size}=="1953525168", ENV{SYSTEMD_WANTS}+="zfs-local-backup-home@WD10JPVT.service"
  32 '';
  33 # Force zpool import, even if the disk has not been exported, or has been imported on another computer
  34 systemd.services."zfs-force-import@" = {
  35   description = "ZFS force import: %I";
  36   serviceConfig = {
  37     Type = "oneshot";
  38     RemainAfterExit = true;
  39     PrivateTmp = true;
  40     ExecStartPre = [
  41       # Scan the zpools, using stable paths
  42       "/run/booted-system/sw/bin/zpool import -d /dev/disk/by-id/"
  43     ];
  44     ExecStart = ''
  45       /bin/sh -xc '/run/booted-system/sw/bin/zpool import -lFd /dev/disk/by-id/ %I || \
  46       /run/booted-system/sw/bin/zpool reopen %I || \
  47       /run/booted-system/sw/bin/zpool clear -nFX %I'
  48     '';
  49   };
  50 };
  51 # Run the backup
  52 systemd.services."zfs-local-backup-home@" = {
  53   description = "ZFS backup home, on: %I";
  54   after = [ "zfs-force-import@%i.service" ];
  55   wants = [ "zfs-force-import@%i.service" ];
  56   serviceConfig = rec {
  57     Type = "oneshot";
  58     RemainAfterExit = true;
  59     PrivateTmp = true;
  60     CacheDirectory = [ "zfs-usb-backup-%I" ];
  61     RuntimeDirectory = [ "zfs-usb-backup-%I" ];
  62     User = "julm";
  63     Group = "users";
  64     ExecStartPre = [
  65       "+/run/booted-system/sw/bin/zfs allow ${User} bookmark,hold,mount,send ${hostName}/home"
  66       "+/run/booted-system/sw/bin/zfs allow ${User} bookmark,create,destroy,load-key,mount,mountpoint,receive,rollback,snapshot %I/${User}"
  67     ];
  68     ExecStart = pkgs.writeShellScript "zfs-local-backup-home" ''
  69       set -eu
  70       DESTPOOL=$1
  71       install -D -m 400 /dev/stdin /tmp/sanoid/sanoid.conf <<EOF
  72         [template_remote]
  73         autoprune=true
  74         autosnap=false
  75         process_children_only=false
  76
  77         [$DESTPOOL/${User}/backup/${hostName}/home]
  78         daily=31
  79         monthly=0
  80         recursive=true
  81         use_template=remote
  82       EOF
  83       set -x
  84       ${pkgs.sanoid}/bin/sanoid \
  85         --cache-dir /var/cache/zfs-usb-backup-"$DESTPOOL" \
  86         --configdir /tmp/sanoid \
  87         --prune-snapshots \
  88         --run-dir /run/zfs-usb-backup-"$DESTPOOL" \
  89         --verbose
  90
  91       for dataset in ${hostName}/home; do
  92         ${pkgs.sanoid}/bin/syncoid \
  93           --create-bookmark \
  94           --exclude "home/room" \
  95           --force-delete \
  96           --no-privilege-elevation \
  97           --no-sync-snap \
  98           --recursive \
  99           --recvoptions "" \
 100           --sendoptions raw  \
 101           --skip-parent \
 102           "$dataset" \
 103           "$DESTPOOL"/${User}/backup/"$dataset"
 104       done
 105     '' + " %I";
 106     # Scrub the zpool (in the background)
 107     ExecStartPost = "+/run/booted-system/sw/bin/zpool scrub %I";
 108   };
 109 };
 110 }