JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #78886 from Mic92/restic-fixes

Browse Source 
Restic fixes: pruning, process substitution (take 2)
This commit is contained in:
Jörg Thalheim 2020-02-07 14:14:16 +00:00 committed by GitHub
commit 341241b1c8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 117 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
nixos/modules/services/backup/restic.nix
View File

@ -103,6 +103,34 @@ in
Create the repository if it doesn't exist.
'';
};
pruneOpts = mkOption {
type = types.listOf types.str;
default = [];
description = ''
A list of options (--keep-* et al.) for 'restic forget
--prune', to automatically prune old snapshots. The
'forget' command is run *after* the 'backup' command, so
keep that in mind when constructing the --keep-* options.
'';
example = [
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
"--keep-yearly 75"
];
};
dynamicFilesFrom = mkOption {
type = with types; nullOr str;
default = null;
description = ''
A script that produces a list of files to back up. The
results of this command are given to the '--files-from'
option.
'';
example = "find /home/matt/git -type d -name .git";
};
};
}));
default = {};
@ -134,25 +162,41 @@ in
let
extraOptions = concatMapStrings (arg: " -o ${arg}") backup.extraOptions;
resticCmd = "${pkgs.restic}/bin/restic${extraOptions}";
filesFromTmpFile = "/run/restic-backups-${name}/includes";
backupPaths = if (backup.dynamicFilesFrom == null)
then concatStringsSep " " backup.paths
else "--files-from ${filesFromTmpFile}";
pruneCmd = optionals (builtins.length backup.pruneOpts > 0) [
( resticCmd + " forget --prune " + (concatStringsSep " " backup.pruneOpts) )
( resticCmd + " check" )
];
in nameValuePair "restic-backups-${name}" ({
environment = {
RESTIC_PASSWORD_FILE = backup.passwordFile;
RESTIC_REPOSITORY = backup.repository;
};
path = with pkgs; [
openssh
];
path = [ pkgs.openssh ];
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
ExecStart = "${resticCmd} backup ${concatStringsSep " " backup.extraBackupArgs} ${concatStringsSep " " backup.paths}";
ExecStart = [ "${resticCmd} backup ${concatStringsSep " " backup.extraBackupArgs} ${backupPaths}" ] ++ pruneCmd;
User = backup.user;
RuntimeDirectory = "restic-backups-${name}";
} // optionalAttrs (backup.s3CredentialsFile != null) {
EnvironmentFile = backup.s3CredentialsFile;
};
} // optionalAttrs backup.initialize {
} // optionalAttrs (backup.initialize || backup.dynamicFilesFrom != null) {
preStart = ''
${resticCmd} snapshots || ${resticCmd} init
${optionalString (backup.initialize) ''
${resticCmd} snapshots || ${resticCmd} init
''}
${optionalString (backup.dynamicFilesFrom != null) ''
${pkgs.writeScript "dynamicFilesFromScript" backup.dynamicFilesFrom} > ${filesFromTmpFile}
''}
'';
} // optionalAttrs (backup.dynamicFilesFrom != null) {
postStart = ''
rm ${filesFromTmpFile}
'';
})
) config.services.restic.backups;

1
nixos/tests/all-tests.nix
View File

@ -248,6 +248,7 @@ in
radicale = handleTest ./radicale.nix {};
redis = handleTest ./redis.nix {};
redmine = handleTest ./redmine.nix {};
restic = handleTest ./restic.nix {};
roundcube = handleTest ./roundcube.nix {};
rspamd = handleTest ./rspamd.nix {};
rss2email = handleTest ./rss2email.nix {};

63
nixos/tests/restic.nix Normal file
View File

@ -0,0 +1,63 @@
import ./make-test-python.nix (
{ pkgs, ... }:
let
password = "some_password";
repository = "/tmp/restic-backup";
passwordFile = pkgs.writeText "password" "correcthorsebatterystaple";
in
{
name = "restic";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ bbigras ];
};
nodes = {
server =
{ ... }:
{
services.restic.backups = {
remotebackup = {
inherit repository;
passwordFile = "${passwordFile}";
initialize = true;
paths = [ "/opt" ];
pruneOpts = [
"--keep-daily 2"
"--keep-weekly 1"
"--keep-monthly 1"
"--keep-yearly 99"
];
};
};
};
};
testScript = ''
server.start()
server.wait_for_unit("dbus.socket")
server.fail(
"${pkgs.restic}/bin/restic -r ${repository} -p ${passwordFile} snapshots"
)
server.succeed(
"mkdir -p /opt",
"touch /opt/some_file",
"timedatectl set-time '2016-12-13 13:45'",
"systemctl start restic-backups-remotebackup.service",
'${pkgs.restic}/bin/restic -r ${repository} -p ${passwordFile} snapshots -c | grep -e "^1 snapshot"',
"timedatectl set-time '2017-12-13 13:45'",
"systemctl start restic-backups-remotebackup.service",
"timedatectl set-time '2018-12-13 13:45'",
"systemctl start restic-backups-remotebackup.service",
"timedatectl set-time '2018-12-14 13:45'",
"systemctl start restic-backups-remotebackup.service",
"timedatectl set-time '2018-12-15 13:45'",
"systemctl start restic-backups-remotebackup.service",
"timedatectl set-time '2018-12-16 13:45'",
"systemctl start restic-backups-remotebackup.service",
'${pkgs.restic}/bin/restic -r ${repository} -p ${passwordFile} snapshots -c | grep -e "^4 snapshot"',
)
'';
}
)

4
pkgs/tools/backup/restic/default.nix
View File

@ -1,4 +1,4 @@
{ lib, buildGoPackage, fetchFromGitHub }:
{ lib, buildGoPackage, fetchFromGitHub, nixosTests }:
buildGoPackage rec {
pname = "restic";
@ -18,6 +18,8 @@ buildGoPackage rec {
go run build.go
'';
passthru.tests.restic = nixosTests.restic;
installPhase = ''
mkdir -p \
$bin/bin \