diff --git a/aux-etc-nixos/backupdl-module.nix b/aux-etc-nixos/backupdl-module.nix new file mode 100644 index 00000000..ad8917bd --- /dev/null +++ b/aux-etc-nixos/backupdl-module.nix @@ -0,0 +1,53 @@ +{ config, pkgs, lib, ... }: +with lib; +let + makeBackup = pkgs.writeScript "make-backupdl" '' + #!${pkgs.bash}/bin/bash + + set -e + + export PATH=${pkgs.rsync}/bin:${pkgs.openssh}/bin + + rsync --ignore-existing -av nixbld.m-labs.hk:/home/backupdl /var/lib/backupdl + ''; + + cfg = config.services.backupdl; +in +{ + options.services.backupdl = { + enable = mkOption { + type = types.bool; + default = false; + description = "Enable backups"; + }; + }; + + config = mkIf cfg.enable { + systemd.services.backupdl = { + description = "Nixbld backups download"; + serviceConfig = { + Type = "oneshot"; + User = "backupdl"; + Group = "backupdl"; + ExecStart = "${makeBackup}"; + }; + }; + + users.users.backupdl = { + name = "backupdl"; + group = "backupdl"; + description = "Nixbld backups download"; + isSystemUser = true; + createHome = true; + home = "/var/lib/backupdl"; + useDefaultShell = true; + }; + users.extraGroups.backupdl = {}; + + systemd.timers.backupdl = { + description = "Nixbld backups download"; + wantedBy = [ "timers.target" ]; + timerConfig.OnCalendar = "*-*-* 18:00:00"; + }; + }; +} diff --git a/aux-etc-nixos/configuration.nix b/aux-etc-nixos/configuration.nix index 8310f360..3e64493b 100644 --- a/aux-etc-nixos/configuration.nix +++ b/aux-etc-nixos/configuration.nix @@ -7,8 +7,9 @@ let in { imports = - [ # Include the results of the hardware scan. + [ ./hardware-configuration.nix + ./backupdl-module.nix ]; boot.loader.grub.enable = true; @@ -141,10 +142,6 @@ in ]; shell = pkgs.fish; }; - users.users.backupdl = { - isNormalUser = true; - shell = pkgs.fish; - }; documentation.enable = false; environment.systemPackages = with pkgs; [ @@ -167,6 +164,8 @@ in StreamLocalBindUnlink yes ''; + services.backupdl.enable = true; + nix.binaryCachePublicKeys = ["nixbld.m-labs.hk-1:5aSRVA5b320xbNvu30tqxVPXpld73bhtOeH6uAjRyHc="]; nix.binaryCaches = ["https://nixbld.m-labs.hk" "https://cache.nixos.org"]; nix.trustedUsers = ["sb"];