nix-bitcoin/modules/backups.nix

95 lines
2.7 KiB
Nix
Raw Normal View History

2020-06-11 14:39:17 +03:00
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.backups;
2020-06-11 14:39:17 +03:00
filelist = pkgs.writeText "filelist.txt" ''
${optionalString (!cfg.with-bulk-data) "- ${config.services.bitcoind.dataDir}/blocks"}
${optionalString (!cfg.with-bulk-data) "- ${config.services.bitcoind.dataDir}/chainstate"}
${config.services.bitcoind.dataDir}
${config.services.clightning.dataDir}
${config.services.lnd.dataDir}
${optionalString (!cfg.with-bulk-data) "- ${config.services.liquidd.dataDir}/*/blocks"}
${optionalString (!cfg.with-bulk-data) "- ${config.services.liquidd.dataDir}/*/chainstate"}
${config.services.liquidd.dataDir}
${optionalString cfg.with-bulk-data "${config.services.electrs.dataDir}"}
${config.services.nbxplorer.dataDir}
${config.services.btcpayserver.dataDir}
${config.services.joinmarket.dataDir}
2020-09-22 19:40:20 +03:00
${config.services.postgresqlBackup.location}/btcpaydb.sql.gz
${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"}
2020-06-11 14:39:17 +03:00
/var/lib/tor
/var/lib/nixos
2020-06-11 14:39:17 +03:00
# Extra files
${cfg.extraFiles}
# Exclude all unspecified files and directories
- /
'';
in {
options.services.backups = {
enable = mkEnableOption "Backups service";
with-bulk-data = mkOption {
type = types.bool;
default = false;
description = ''
Whether to also backup Bitcoin blockchain and other bulk data.
'';
};
destination = mkOption {
type = types.str;
default = "file:///var/lib/localBackups";
description = ''
Where to back up to.
'';
};
frequency = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Run backup with the given frequency. If null, do not run automatically.
'';
};
extraFiles = mkOption {
type = types.lines;
default = "";
example = ''
/var/lib/nginx
'';
description = "Additional files to be appended to filelist.";
};
};
config = mkIf cfg.enable (mkMerge [
2020-09-22 19:40:20 +03:00
{
2020-06-11 14:39:17 +03:00
environment.systemPackages = [ pkgs.duplicity ];
services.duplicity = {
enable = true;
extraFlags = [
"--include-filelist" "${filelist}"
"--full-if-older-than" "1M"
];
targetUrl = cfg.destination;
2020-06-11 14:39:17 +03:00
frequency = cfg.frequency;
secretFile = "${config.nix-bitcoin.secretsDir}/backup-encryption-env";
};
nix-bitcoin.secrets.backup-encryption-env.user = "root";
2020-09-22 19:40:20 +03:00
}
(mkIf config.services.btcpayserver.enable {
services.postgresqlBackup = {
enable = true;
databases = [ "btcpaydb" ];
};
systemd.services.duplicity = rec {
wants = [ "postgresqlBackup-btcpaydb.service" ];
after = wants;
};
2020-06-11 14:39:17 +03:00
})
2020-09-22 19:40:20 +03:00
]);
2020-06-11 14:39:17 +03:00
}