1
0
Fork 0

switch all modules to backup block (#279)

This commit is contained in:
Pierre Penninckx 2024-08-20 07:33:13 -07:00 committed by GitHub
parent 6aed5ee6a5
commit 0fa4a42be7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 264 additions and 163 deletions

View file

@ -87,6 +87,30 @@ in
readOnly = true; readOnly = true;
default = { path = "/var/lib/lldap"; }; default = { path = "/var/lib/lldap"; };
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."lldap" = {
enable = true;
# Options specific to Restic.
} // config.shb.lldap.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
"/var/lib/lldap"
];
};
};
}; };
@ -143,11 +167,5 @@ in
verbose = cfg.debug; verbose = cfg.debug;
}; };
}; };
shb.backup.instances.lldap = {
sourceDirectories = [
"/var/lib/lldap"
];
};
}; };
} }

View file

@ -34,7 +34,7 @@ Then, to actually backup the service, one would write:
shb.<backup_impl>.instances."<service>" = shb.<service>.backup // { shb.<backup_impl>.instances."<service>" = shb.<service>.backup // {
enable = true; enable = true;
// Options specific to backup_impl # Options specific to backup_impl
}; };
``` ```
@ -44,7 +44,7 @@ Then, for extra caution, a second backup could be made using another module `shb
shb.<backup_impl_2>.instances."<service>" = shb.<service>.backup // { shb.<backup_impl_2>.instances."<service>" = shb.<service>.backup // {
enable = true; enable = true;
// Options specific to backup_impl_2 # Options specific to backup_impl_2
}; };
``` ```

View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: { config, options, pkgs, lib, ... }:
let let
cfg = config.shb.arr; cfg = config.shb.arr;
@ -329,13 +329,28 @@ let
example = "https://authelia.example.com"; example = "https://authelia.example.com";
}; };
backupCfg = lib.mkOption { backup = lib.mkOption {
type = lib.types.anything; type = contracts.backup;
description = "Backup configuration for ${name}."; description = ''
default = {}; Backup configuration. This is an output option.
example = {
backend = "restic"; Use it to initialize a block implementing the "backup" contract.
repositories = []; For example, with the restic block:
```
shb.restic.instances."${name}" = {
enable = true;
# Options specific to Restic.
} // config.shb.${name}.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
cfg.${name}.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
}; };
}; };
} // (c.moreOptions or {}); } // (c.moreOptions or {});
@ -370,13 +385,6 @@ in
}; };
shb.nginx.vhosts = [ (vhosts {} cfg') ]; shb.nginx.vhosts = [ (vhosts {} cfg') ];
shb.backup.instances.radarr = cfg'.backupCfg // {
sourceDirectories = [
cfg'.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
};
})) }))
(lib.mkIf cfg.radarr.enable (backup "radarr")) (lib.mkIf cfg.radarr.enable (backup "radarr"))
@ -407,13 +415,6 @@ in
}; };
shb.nginx.vhosts = [ (vhosts {} cfg') ]; shb.nginx.vhosts = [ (vhosts {} cfg') ];
shb.backup.instances.sonarr = cfg'.backupCfg // {
sourceDirectories = [
cfg'.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
};
})) }))
(lib.mkIf cfg.sonarr.enable (backup "sonarr")) (lib.mkIf cfg.sonarr.enable (backup "sonarr"))
@ -441,13 +442,6 @@ in
}; };
shb.nginx.vhosts = [ (vhosts {} cfg') ]; shb.nginx.vhosts = [ (vhosts {} cfg') ];
shb.backup.instances.bazarr = cfg'.backupCfg // {
sourceDirectories = [
cfg'.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
};
})) }))
(lib.mkIf cfg.bazarr.enable (backup "bazarr")) (lib.mkIf cfg.bazarr.enable (backup "bazarr"))
@ -470,13 +464,6 @@ in
}; };
shb.nginx.vhosts = [ (vhosts {} cfg') ]; shb.nginx.vhosts = [ (vhosts {} cfg') ];
shb.backup.instances.readarr = cfg'.backupCfg // {
sourceDirectories = [
cfg'.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
};
})) }))
(lib.mkIf cfg.readarr.enable (backup "readarr")) (lib.mkIf cfg.readarr.enable (backup "readarr"))
@ -504,13 +491,6 @@ in
}; };
shb.nginx.vhosts = [ (vhosts {} cfg') ]; shb.nginx.vhosts = [ (vhosts {} cfg') ];
shb.backup.instances.lidarr = cfg'.backupCfg // {
sourceDirectories = [
cfg'.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
};
})) }))
(lib.mkIf cfg.lidarr.enable (backup "lidarr")) (lib.mkIf cfg.lidarr.enable (backup "lidarr"))
@ -535,13 +515,6 @@ in
shb.nginx.vhosts = [ (vhosts { shb.nginx.vhosts = [ (vhosts {
extraBypassResources = [ "^/dl.*" ]; extraBypassResources = [ "^/dl.*" ];
} cfg') ]; } cfg') ];
shb.backup.instances.jackett = cfg'.backupCfg // {
sourceDirectories = [
cfg'.dataDir
];
excludePatterns = [".db-shm" ".db-wal" ".mono"];
};
})) }))
(lib.mkIf cfg.jackett.enable (backup "jackett")) (lib.mkIf cfg.jackett.enable (backup "jackett"))
]; ];

View file

@ -82,6 +82,30 @@ in
description = "File containing the SSO shared secret."; description = "File containing the SSO shared secret.";
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."audiobookshelf" = {
enable = true;
# Options specific to Restic.
} // config.shb.audiobookshelf.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
"/var/lib/audiobookshelf"
];
};
};
logLevel = lib.mkOption { logLevel = lib.mkOption {
type = lib.types.nullOr (lib.types.enum ["critical" "error" "warning" "info" "debug"]); type = lib.types.nullOr (lib.types.enum ["critical" "error" "warning" "info" "debug"]);
description = "Enable logging."; description = "Enable logging.";
@ -149,11 +173,6 @@ in
# We backup the whole audiobookshelf directory and set permissions for the backup user accordingly. # We backup the whole audiobookshelf directory and set permissions for the backup user accordingly.
users.groups.audiobookshelf.members = [ "backup" ]; users.groups.audiobookshelf.members = [ "backup" ];
users.groups.media.members = [ "backup" ]; users.groups.media.members = [ "backup" ];
shb.backup.instances.audiobookshelf = {
sourceDirectories = [
/var/lib/${config.services.audiobookshelf.dataDir}
];
};
} { } {
systemd.services.audiobookshelfd.serviceConfig = cfg.extraServiceConfig; systemd.services.audiobookshelfd.serviceConfig = cfg.extraServiceConfig;
}]); }]);

View file

@ -39,6 +39,12 @@ in
default = null; default = null;
}; };
dataDir = lib.mkOption {
type = lib.types.str;
description = "Path where all configuration and state is stored.";
default = "/var/lib/deluge";
};
daemonPort = lib.mkOption { daemonPort = lib.mkOption {
type = lib.types.int; type = lib.types.int;
description = "Deluge daemon port"; description = "Deluge daemon port";
@ -227,6 +233,30 @@ in
''; '';
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."vaultwarden" = {
enable = true;
# Options specific to Restic.
} // config.shb.vaultwarden.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
cfg.dataDir
];
};
};
logLevel = lib.mkOption { logLevel = lib.mkOption {
type = lib.types.nullOr (lib.types.enum ["critical" "error" "warning" "info" "debug"]); type = lib.types.nullOr (lib.types.enum ["critical" "error" "warning" "info" "debug"]);
description = "Enable logging."; description = "Enable logging.";
@ -240,6 +270,8 @@ in
enable = true; enable = true;
declarative = true; declarative = true;
openFirewall = true; openFirewall = true;
inherit (cfg) dataDir;
config = { config = {
download_location = cfg.settings.downloadLocation; download_location = cfg.settings.downloadLocation;
allow_remote = true; allow_remote = true;
@ -285,7 +317,7 @@ in
new_release_check = false; new_release_check = false;
}; };
authFile = "${config.services.deluge.dataDir}/.config/deluge/authTemplate"; authFile = "${cfg.dataDir}/.config/deluge/authTemplate";
web.enable = true; web.enable = true;
web.port = cfg.webPort; web.port = cfg.webPort;
@ -297,14 +329,14 @@ in
} // (lib.optionalAttrs (config.shb.deluge.prometheusScraperPasswordFile != null) { } // (lib.optionalAttrs (config.shb.deluge.prometheusScraperPasswordFile != null) {
prometheus_scraper.password.source = config.shb.deluge.prometheusScraperPasswordFile; prometheus_scraper.password.source = config.shb.deluge.prometheusScraperPasswordFile;
}); });
resultPath = "${config.services.deluge.dataDir}/.config/deluge/authTemplate"; resultPath = "${cfg.dataDir}/.config/deluge/authTemplate";
generator = name: value: pkgs.writeText "delugeAuth" (authGenerator value); generator = name: value: pkgs.writeText "delugeAuth" (authGenerator value);
}); });
systemd.services.deluged.serviceConfig.ExecStart = lib.mkForce (lib.concatStringsSep " \\\n " ([ systemd.services.deluged.serviceConfig.ExecStart = lib.mkForce (lib.concatStringsSep " \\\n " ([
"${config.services.deluge.package}/bin/deluged" "${config.services.deluge.package}/bin/deluged"
"--do-not-daemonize" "--do-not-daemonize"
"--config ${config.services.deluge.dataDir}/.config/deluge" "--config ${cfg.dataDir}/.config/deluge"
] ++ (lib.optional (!(isNull cfg.logLevel)) "-L ${cfg.logLevel}") ] ++ (lib.optional (!(isNull cfg.logLevel)) "-L ${cfg.logLevel}")
)); ));
@ -316,7 +348,7 @@ in
}; };
in in
[ [
"L+ ${config.services.deluge.dataDir}/.config/deluge/plugins - - - - ${plugins}" "L+ ${cfg.dataDir}/.config/deluge/plugins - - - - ${plugins}"
]; ];
shb.nginx.vhosts = [ shb.nginx.vhosts = [
@ -352,11 +384,6 @@ in
# We backup the whole deluge directory and set permissions for the backup user accordingly. # We backup the whole deluge directory and set permissions for the backup user accordingly.
users.groups.deluge.members = [ "backup" ]; users.groups.deluge.members = [ "backup" ];
users.groups.media.members = [ "backup" ]; users.groups.media.members = [ "backup" ];
shb.backup.instances.deluge = {
sourceDirectories = [
config.services.deluge.dataDir
];
};
} { } {
systemd.services.deluged.serviceConfig = cfg.extraServiceConfig; systemd.services.deluged.serviceConfig = cfg.extraServiceConfig;
} (lib.mkIf (config.shb.deluge.prometheusScraperPasswordFile != null) { } (lib.mkIf (config.shb.deluge.prometheusScraperPasswordFile != null) {

View file

@ -62,6 +62,30 @@ in
''; '';
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."grocy" = {
enable = true;
# Options specific to Restic.
} // config.shb.grocy.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
cfg.dataDir
];
};
};
logLevel = lib.mkOption { logLevel = lib.mkOption {
type = lib.types.nullOr (lib.types.enum ["critical" "error" "warning" "info" "debug"]); type = lib.types.nullOr (lib.types.enum ["critical" "error" "warning" "info" "debug"]);
description = "Enable logging."; description = "Enable logging.";
@ -95,11 +119,6 @@ in
# We backup the whole grocy directory and set permissions for the backup user accordingly. # We backup the whole grocy directory and set permissions for the backup user accordingly.
users.groups.grocy.members = [ "backup" ]; users.groups.grocy.members = [ "backup" ];
users.groups.media.members = [ "backup" ]; users.groups.media.members = [ "backup" ];
shb.backup.instances.grocy = {
sourceDirectories = [
config.services.grocy.dataDir
];
};
} { } {
systemd.services.grocyd.serviceConfig = cfg.extraServiceConfig; systemd.services.grocyd.serviceConfig = cfg.extraServiceConfig;
}]); }]);

View file

@ -23,6 +23,12 @@ in
example = "mydomain.com"; example = "mydomain.com";
}; };
dataDir = lib.mkOption {
description = "Folder where Hledger will store all its data.";
type = lib.types.str;
default = "/var/lib/hledger";
};
ssl = lib.mkOption { ssl = lib.mkOption {
description = "Path to SSL files"; description = "Path to SSL files";
type = lib.types.nullOr contracts.ssl.certs; type = lib.types.nullOr contracts.ssl.certs;
@ -47,6 +53,30 @@ in
description = "OIDC endpoint for SSO"; description = "OIDC endpoint for SSO";
example = "https://authelia.example.com"; example = "https://authelia.example.com";
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."hledger" = {
enable = true;
# Options specific to Restic.
} // config.shb.hledger.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
cfg.dataDir
];
};
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -55,7 +85,7 @@ in
# Must be empty otherwise it repeats the fqdn, we get something like https://${fqdn}/${fqdn}/ # Must be empty otherwise it repeats the fqdn, we get something like https://${fqdn}/${fqdn}/
baseUrl = ""; baseUrl = "";
stateDir = "/var/lib/hledger"; stateDir = cfg.dataDir;
journalFiles = ["hledger.journal"]; journalFiles = ["hledger.journal"];
host = "127.0.0.1"; host = "127.0.0.1";
@ -89,11 +119,5 @@ in
}]; }];
} }
]; ];
shb.backup.instances.hledger = {
sourceDirectories = [
config.services.hledger-web.stateDir
];
};
}; };
} }

View file

@ -136,13 +136,28 @@ in
}; };
}; };
backupCfg = lib.mkOption { backup = lib.mkOption {
type = lib.types.anything; type = contracts.backup;
description = "Backup configuration for home-assistant"; description = ''
default = {}; Backup configuration. This is an output option.
example = {
backend = "restic"; Use it to initialize a block implementing the "backup" contract.
repositories = []; For example, with the restic block:
```
shb.restic.instances."home-assistant" = {
enable = true;
# Options specific to Restic.
} // config.shb.home-assistant.backup;
```
'';
readOnly = true;
default = {
# No need for backup hooks as we use an hourly automation job in home assistant directly with a cron job.
sourceDirectories = [
"/var/lib/hass/backups"
];
}; };
}; };
}; };
@ -308,17 +323,6 @@ in
"f ${config.services.home-assistant.configDir}/scripts.yaml 0755 hass hass" "f ${config.services.home-assistant.configDir}/scripts.yaml 0755 hass hass"
]; ];
shb.backup.instances.home-assistant = lib.mkIf (cfg.backupCfg != {}) (
cfg.backupCfg
// {
sourceDirectories = [
"${config.services.home-assistant.configDir}/backups"
];
# No need for backup hooks as we use an hourly automation job in home assistant directly with a cron job.
}
);
# Adds the "backup" user to the "hass" group. # Adds the "backup" user to the "hass" group.
users.groups.hass = { users.groups.hass = {
members = [ "backup" ]; members = [ "backup" ];

View file

@ -119,6 +119,30 @@ in
}; };
}; };
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."jellyfin" = {
enable = true;
# Options specific to Restic.
} // config.shb.jellyfin.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
"/var/lib/jellyfin"
];
};
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -250,12 +274,6 @@ in
''; '';
}; };
shb.backup.instances.jellyfin = {
sourceDirectories = [
"/var/lib/jellyfin"
];
};
services.prometheus.scrapeConfigs = [{ services.prometheus.scrapeConfigs = [{
job_name = "jellyfin"; job_name = "jellyfin";
static_configs = [ static_configs = [

View file

@ -1,7 +1,8 @@
{ config, pkgs, lib, ... }: { config, options, pkgs, lib, ... }:
let let
cfg = config.shb.nextcloud; cfg = config.shb.nextcloud;
opt = options.shb.nextcloud;
fqdn = "${cfg.subdomain}.${cfg.domain}"; fqdn = "${cfg.subdomain}.${cfg.domain}";
fqdnWithPort = if isNull cfg.port then fqdn else "${fqdn}:${toString cfg.port}"; fqdnWithPort = if isNull cfg.port then fqdn else "${fqdn}:${toString cfg.port}";
@ -496,6 +497,32 @@ in
''; '';
}; };
backup = lib.mkOption {
type = contracts.backup;
description = ''
Backup configuration. This is an output option.
Use it to initialize a block implementing the "backup" contract.
For example, with the restic block:
```
shb.restic.instances."nextcloud" = {
enable = true;
# Options specific to Restic.
} // config.shb.nextcloud.backup;
```
'';
readOnly = true;
default = {
sourceDirectories = [
cfg.dataDir
];
excludePatterns = [".rnd"];
};
};
debug = lib.mkOption { debug = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
description = "Enable more verbose logging."; description = "Enable more verbose logging.";
@ -542,11 +569,11 @@ in
}; };
}; };
users.groups = { # users.groups = {
nextcloud = { # nextcloud = {
members = [ "backup" ]; # members = [ "backup" ];
}; # };
}; # };
# LDAP is manually configured through # LDAP is manually configured through
# https://github.com/lldap/lldap/blob/main/example_configs/nextcloud.md, see also # https://github.com/lldap/lldap/blob/main/example_configs/nextcloud.md, see also
@ -700,14 +727,6 @@ in
systemd.services.nextcloud-setup.requires = cfg.mountPointServices; systemd.services.nextcloud-setup.requires = cfg.mountPointServices;
systemd.services.nextcloud-setup.after = cfg.mountPointServices; systemd.services.nextcloud-setup.after = cfg.mountPointServices;
# Sets up backup for Nextcloud.
shb.backup.instances.nextcloud = {
sourceDirectories = [
cfg.dataDir
];
excludePatterns = [".rnd"];
};
}) })
(lib.mkIf cfg.apps.onlyoffice.enable { (lib.mkIf cfg.apps.onlyoffice.enable {

View file

@ -124,7 +124,9 @@ in
``` ```
shb.restic.instances."vaultwarden" = { shb.restic.instances."vaultwarden" = {
poolName = "root"; enable = true;
# Options specific to Restic.
} // config.shb.vaultwarden.backup; } // config.shb.vaultwarden.backup;
``` ```
''; '';

View file

@ -9,7 +9,7 @@ This NixOS module is a service that sets up a [Vaultwarden Server](https://githu
- Access through subdomain using reverse proxy. - Access through subdomain using reverse proxy.
- Access through HTTPS using reverse proxy. - Access through HTTPS using reverse proxy.
- Automatic setup of Redis database for caching. - Automatic setup of Redis database for caching.
- Backup of the data directory through the [backup block](./blocks-backup.html). - Backup of the data directory through the [backup contract](./contracts-backup.html).
- [Integration Tests](@REPO@/test/services/vaultwarden.nix) - [Integration Tests](@REPO@/test/services/vaultwarden.nix)
- Tests /admin can only be accessed when authenticated with SSO. - Tests /admin can only be accessed when authenticated with SSO.
- Access to advanced options not exposed here thanks to how NixOS modules work. - Access to advanced options not exposed here thanks to how NixOS modules work.
@ -92,13 +92,27 @@ shb.zfs.datasets."vaultwarden" = config.shb.vaultwarden.mount;
shb.zfs.datasets."postgresql".path = "/var/lib/postgresql"; shb.zfs.datasets."postgresql".path = "/var/lib/postgresql";
``` ```
### Backup {#services-vaultwarden-backup}
Backing up Vaultwarden using the [Restic block](blocks-restic.html) is done like so:
```nix
shb.restic.instances."vaultwarden" = config.shb.vaultwarden.backup // {
enable = true;
};
```
The name `"vaultwarden"` in the `instances` can be anything.
The `config.shb.vaultwarden.backup` option provides what directories to backup.
You can define any number of Restic instances to backup Vaultwarden multiple times.
## Maintenance {#services-vaultwarden-maintenance} ## Maintenance {#services-vaultwarden-maintenance}
No command-line tool is provided to administer Vaultwarden. No command-line tool is provided to administer Vaultwarden.
Instead, the admin section can be found at the `/admin` endpoint. Instead, the admin section can be found at the `/admin` endpoint.
## Debug {#services-backup-debug} ## Debug {#services-vaultwarden-debug}
In case of an issue, check the logs of the `vaultwarden.service` systemd service. In case of an issue, check the logs of the `vaultwarden.service` systemd service.

View file

@ -12,11 +12,6 @@ in
imports = [ imports = [
(pkgs'.path + "/nixos/modules/profiles/headless.nix") (pkgs'.path + "/nixos/modules/profiles/headless.nix")
(pkgs'.path + "/nixos/modules/profiles/qemu-guest.nix") (pkgs'.path + "/nixos/modules/profiles/qemu-guest.nix")
{
options = {
shb.backup = lib.mkOption { type = lib.types.anything; };
};
}
../../modules/blocks/authelia.nix ../../modules/blocks/authelia.nix
../../modules/blocks/ldap.nix ../../modules/blocks/ldap.nix
../../modules/blocks/postgresql.nix ../../modules/blocks/postgresql.nix

View file

@ -13,7 +13,6 @@ in
{ {
options = { options = {
shb.ssl.enable = lib.mkEnableOption "ssl"; shb.ssl.enable = lib.mkEnableOption "ssl";
shb.backup = lib.mkOption { type = lib.types.anything; };
}; };
} }
../../modules/blocks/ldap.nix ../../modules/blocks/ldap.nix

View file

@ -104,12 +104,6 @@ in
imports = imports =
( baseImports pkgs ) ( baseImports pkgs )
++ [ ++ [
# TODO: replace this option by the backup contract
{
options = {
shb.backup = lib.mkOption { type = lib.types.anything; };
};
}
# TODO: replace postgresql.nix and authelia.nix by the sso contract # TODO: replace postgresql.nix and authelia.nix by the sso contract
../modules/blocks/postgresql.nix ../modules/blocks/postgresql.nix
../modules/blocks/authelia.nix ../modules/blocks/authelia.nix

View file

@ -13,7 +13,6 @@ let
{ {
options = { options = {
systemd = anyOpt {}; systemd = anyOpt {};
shb.backup = anyOpt {};
shb.nginx = anyOpt {}; shb.nginx = anyOpt {};
users = anyOpt {}; users = anyOpt {};
services.nginx = anyOpt {}; services.nginx = anyOpt {};
@ -34,14 +33,13 @@ let
in { in {
inherit (cfg) services users; inherit (cfg) services users;
systemd = systemdRedacted; systemd = systemdRedacted;
shb = { inherit (cfg.shb) backup nginx; }; shb = { inherit (cfg.shb) nginx; };
}; };
in in
{ {
testArrNoOptions = { testArrNoOptions = {
expected = { expected = {
systemd = {}; systemd = {};
shb.backup = {};
shb.nginx = {}; shb.nginx = {};
users = {}; users = {};
services.nginx = {}; services.nginx = {};
@ -67,16 +65,6 @@ in
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '/var/lib/radarr' 0750 radarr radarr - -" "d '/var/lib/radarr' 0750 radarr radarr - -"
]; ];
shb.backup.instances.radarr = {
excludePatterns = [
".db-shm"
".db-wal"
".mono"
];
sourceDirectories = [
"/var/lib/radarr"
];
};
shb.nginx.vhosts = [ shb.nginx.vhosts = [
{ {
autheliaRules = [ autheliaRules = [
@ -143,13 +131,6 @@ in
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '/var/lib/radarr' 0750 radarr radarr - -" "d '/var/lib/radarr' 0750 radarr radarr - -"
]; ];
shb.backup.instances = {
radarr = {
enable = true;
sourceDirectories = [ "/var/lib/radarr" ];
excludePatterns = [ ".db-shm" ".db-wal" ".mono" ];
};
};
shb.nginx.vhosts = [ shb.nginx.vhosts = [
{ {
autheliaRules = [ autheliaRules = [
@ -201,9 +182,6 @@ in
settings = { settings = {
ApiKey.source = pkgs.writeText "key" "/run/radarr/apikey"; ApiKey.source = pkgs.writeText "key" "/run/radarr/apikey";
}; };
backupCfg = {
enable = true;
};
}; };
}; };
}; };

View file

@ -17,7 +17,6 @@ let
security = anyOpt {}; security = anyOpt {};
services = anyOpt {}; services = anyOpt {};
shb.authelia = anyOpt {}; shb.authelia = anyOpt {};
shb.backup = anyOpt {};
systemd = anyOpt {}; systemd = anyOpt {};
users = anyOpt {}; users = anyOpt {};
}; };
@ -29,13 +28,12 @@ let
}).config; }).config;
in lib.attrsets.filterAttrsRecursive (n: v: n != "extraConfig") { in lib.attrsets.filterAttrsRecursive (n: v: n != "extraConfig") {
inherit (cfg) services; inherit (cfg) services;
shb = { inherit (cfg.shb) backup nginx; }; shb = { inherit (cfg.shb) nginx; };
}; };
in in
{ {
testNoOptions = { testNoOptions = {
expected = { expected = {
shb.backup = {};
shb.nginx = { shb.nginx = {
accessLog = false; accessLog = false;
vhosts = []; vhosts = [];