modules/backup: add a module for rsync

The NAS will rsync all the backups to rsync.net. This new module creates
a systemd unit and timer to do this task.

1 files changed, 57 insertions, 0 deletions

diff --git a/modules/services/backup/rsync.nix b/modules/services/backup/rsync.nix
new file mode 100644
index 0000000..d58dfe9
--- /dev/null
+++ b/modules/services/backup/rsync.nix
@@ -0,0 +1,57 @@
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.my.services.backup.rsync;
+  secrets = config.age.secrets;
+  ssh-key-path = secrets."rsync.net/ssh-key".path;
+in
+{
+  options.my.services.backup.rsync = with lib; {
+    enable = mkEnableOption "rsync backup service";
+
+    sourceDir = mkOption {
+      type = types.path;
+      example = "/data/slow/backups";
+      description = "The directory to synchronize";
+    };
+
+    destination = mkOption {
+      type = types.str;
+      example = "de2664@de2664.rsync.net:backups/";
+      description = "The destination";
+    };
+
+    timerConfig = mkOption {
+      default = { OnCalendar = "daily"; };
+      example = {
+        OnCalendar = "00:05";
+        RandomizedDelaySec = "5h";
+      };
+      description = ''
+        When to run rsync. See man systemd.timer for details.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd = {
+      timers.rsync-backups = {
+        description = "synchronize restic repository to rsync.net";
+        wantedBy = [ "timers.target" ];
+        partOf = [ "rsync-backups.service" ];
+        timerConfig = cfg.timerConfig;
+      };
+      services.rsync-backups = {
+        description = "synchronize restic repository to rsync.net";
+        serviceConfig = {
+          Type = "oneshot";
+        };
+        script = ''
+          exec ${pkgs.rsync}/bin/rsync \
+            -azq --delete \
+            -e '${pkgs.openssh}/bin/ssh -i ${ssh-key-path}' \
+            ${cfg.sourceDir} ${cfg.destination}
+        '';
+      };
+    };
+  };
+}