From 29746aec06b7d42d3c87245f6f14f048234251e4 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 6 Feb 2016 18:54:01 +0100 Subject: krebs.{backup.plans,hosts,users}.*.name: add default value --- krebs/3modules/backup.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index a1f33590..17d8a3c9 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -12,7 +12,7 @@ let enable = mkEnableOption "krebs.backup" // { default = true; }; plans = mkOption { default = {}; - type = types.attrsOf (types.submodule ({ + type = types.attrsOf (types.submodule ({ config, ... }: { # TODO enable = mkEnableOption "TODO" // { default = true; }; options = { method = mkOption { @@ -20,6 +20,7 @@ let }; name = mkOption { type = types.str; + default = config._module.args.name; }; src = mkOption { type = types.krebs.file-location; -- cgit v1.2.3 From 01dbc54c3207b44e4adaaae92fffc8a34bda6f18 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 05:09:56 +0100 Subject: krebs.backup: determine fastest address --- krebs/3modules/backup.nix | 43 +++++++++++++++++++++++++++++++++---------- 1 file changed, 33 insertions(+), 10 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 17d8a3c9..0f85b487 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -145,9 +145,11 @@ let set -efu identity=${shell.escape plan.src.host.ssh.privkey.path} src=${shell.escape plan.src.path} - dst_target=${shell.escape "root@${getFQDN plan.dst.host}"} + dst_user=root + dst_host=$(${fastest-address plan.dst.host}) + dst_port=$(${network-ssh-port plan.dst.host "$dst_host"}) dst_path=${shell.escape plan.dst.path} - dst=$dst_target:$dst_path + dst=$dst_user@$dst_host:$dst_path # Export NOW so runtime of rsync doesn't influence snapshot naming. export NOW @@ -156,7 +158,7 @@ let echo >&2 "update snapshot: current; $src -> $dst" rsync >&2 \ -aAXF --delete \ - -e "ssh -F /dev/null -i $identity" \ + -e "ssh -F /dev/null -i $identity ''${dst_port:+-p $dst_port}" \ --rsync-path ${shell.escape "mkdir -m 0700 -p ${shell.escape plan.dst.path} && rsync"} \ --link-dest="$dst_path/current" \ @@ -165,10 +167,10 @@ let exec ssh -F /dev/null \ -i "$identity" \ - "$dst_target" \ + ''${dst_port:+-p $dst_port} \ + "$dst_user@$dst_host" \ -T \ env NOW="$NOW" /bin/sh < ${remote-snapshot} - EOF ''; remote-snapshot = writeDash "backup.${plan.name}.push.remote-snapshot" '' @@ -205,7 +207,11 @@ let # TODO check if there is a previous set -efu identity=${shell.escape plan.dst.host.ssh.privkey.path} - src=${shell.escape "root@${getFQDN plan.src.host}:${plan.src.path}"} + src_user=root + src_host=$(${fastest-address plan.src.host}) + src_port=$(${network-ssh-port plan.src.host "$src_host"}) + src_path=${shell.escape plan.src.path} + src=$src_user@$src_host:$src_path dst=${shell.escape plan.dst.path} # Export NOW so runtime of rsync doesn't influence snapshot naming. @@ -216,7 +222,7 @@ let mkdir -m 0700 -p ${shell.escape plan.dst.path} rsync >&2 \ -aAXF --delete \ - -e "ssh -F /dev/null -i $identity" \ + -e "ssh -F /dev/null -i $identity ''${src_port:+-p $src_port}" \ --link-dest="$dst/current" \ "$src/" \ "$dst/.partial" @@ -274,9 +280,6 @@ let plan.snapshots)} ''; - # TODO getFQDN: admit hosts in other domains - getFQDN = host: "${host.name}.${config.krebs.search-domain}"; - writeDash = name: text: pkgs.writeScript name '' #! ${pkgs.dash}/bin/dash ${text} @@ -292,6 +295,26 @@ let ''; }; + # XXX Is one ping enough to determine fastest address? + # Note that we're using net.addrs4 instead of net.aliases because we define + # ports only for addresses. See krebs/3modules/default.nix + fastest-address = host: '' + { ${pkgs.fping}/bin/fping Date: Sun, 7 Feb 2016 05:32:03 +0100 Subject: krebs.backup writeDash* -> pkgs --- krebs/3modules/backup.nix | 35 ++++++++++------------------------- 1 file changed, 10 insertions(+), 25 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 0f85b487..ae766fa9 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -128,11 +128,11 @@ let }; push = plan: let - # We use writeDashBin and return the absolute path so systemd will produce - # nice names in the log, i.e. without the Nix store hash. + # We use pkgs.writeDashBin and return the absolute path so systemd will + # produce nice names in the log, i.e. without the Nix store hash. out = "${main}/bin/${main.name}"; - main = writeDashBin "backup.${plan.name}.push" '' + main = pkgs.writeDashBin "backup.${plan.name}.push" '' set -efu dst=${shell.escape plan.dst.path} @@ -140,7 +140,7 @@ let exec flock -n "$dst" ${critical-section} ''; - critical-section = writeDash "backup.${plan.name}.push.critical-section" '' + critical-section = pkgs.writeDash "backup.${plan.name}.push.critical-section" '' # TODO check if there is a previous set -efu identity=${shell.escape plan.src.host.ssh.privkey.path} @@ -173,7 +173,7 @@ let env NOW="$NOW" /bin/sh < ${remote-snapshot} ''; - remote-snapshot = writeDash "backup.${plan.name}.push.remote-snapshot" '' + remote-snapshot = pkgs.writeDash "backup.${plan.name}.push.remote-snapshot" '' set -efu dst=${shell.escape plan.dst.path} @@ -191,11 +191,11 @@ let # TODO admit plan.dst.user and its ssh identity pull = plan: let - # We use writeDashBin and return the absolute path so systemd will produce - # nice names in the log, i.e. without the Nix store hash. + # We use pkgs.writeDashBin and return the absolute path so systemd will + # produce nice names in the log, i.e. without the Nix store hash. out = "${main}/bin/${main.name}"; - main = writeDashBin "backup.${plan.name}.pull" '' + main = pkgs.writeDashBin "backup.${plan.name}.pull" '' set -efu dst=${shell.escape plan.dst.path} @@ -203,7 +203,7 @@ let exec flock -n "$dst" ${critical-section} ''; - critical-section = writeDash "backup.${plan.name}.pull.critical-section" '' + critical-section = pkgs.writeDash "backup.${plan.name}.pull.critical-section" '' # TODO check if there is a previous set -efu identity=${shell.escape plan.dst.host.ssh.privkey.path} @@ -235,7 +235,7 @@ let ''; in out; - take-snapshots = plan: writeDash "backup.${plan.name}.take-snapshots" '' + take-snapshots = plan: pkgs.writeDash "backup.${plan.name}.take-snapshots" '' set -efu NOW=''${NOW-$(date +%s)} dst=${shell.escape plan.dst.path} @@ -280,21 +280,6 @@ let plan.snapshots)} ''; - writeDash = name: text: pkgs.writeScript name '' - #! ${pkgs.dash}/bin/dash - ${text} - ''; - - writeDashBin = name: text: pkgs.writeTextFile { - executable = true; - destination = "/bin/${name}"; - name = name; - text = '' - #! ${pkgs.dash}/bin/dash - ${text} - ''; - }; - # XXX Is one ping enough to determine fastest address? # Note that we're using net.addrs4 instead of net.aliases because we define # ports only for addresses. See krebs/3modules/default.nix -- cgit v1.2.3 From b746dd09361b0cfb14abd3995afe10536c8fcad8 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 06:22:56 +0100 Subject: krebs.backup: ensure link dest exists --- krebs/3modules/backup.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index ae766fa9..d5062807 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -160,7 +160,7 @@ let -aAXF --delete \ -e "ssh -F /dev/null -i $identity ''${dst_port:+-p $dst_port}" \ --rsync-path ${shell.escape - "mkdir -m 0700 -p ${shell.escape plan.dst.path} && rsync"} \ + "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current && rsync"} \ --link-dest="$dst_path/current" \ "$src/" \ "$dst/.partial" -- cgit v1.2.3 From 00525dc0ef2b73e6d883eb6e7358a616b8c15b69 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 16:08:07 +0100 Subject: krebs.backup.plans.*.startAt: null disables timer --- krebs/3modules/backup.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index d5062807..881e126f 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -30,7 +30,7 @@ let }; startAt = mkOption { default = "hourly"; - type = types.str; # TODO systemd.time(7)'s calendar event + type = with types; nullOr str; # TODO systemd.time(7)'s calendar event }; snapshots = mkOption { default = { @@ -115,7 +115,8 @@ let ExecStart = push plan; Type = "oneshot"; }; - startAt = plan.startAt; + } // optionalAttrs (plan.startAt != null) { + inherit (plan) startAt; }; makePullService = plan: assert isPullDst plan; { @@ -124,7 +125,8 @@ let ExecStart = pull plan; Type = "oneshot"; }; - startAt = plan.startAt; + } // optionalAttrs (plan.startAt != null) { + inherit (plan) startAt; }; push = plan: let -- cgit v1.2.3 From d01c6f9dbcd2d1d7ccccff5fc8c41ffb53d04a42 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 16:09:46 +0100 Subject: krebs.backup: don't append .{pull,push} to service name --- krebs/3modules/backup.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 881e126f..935370d9 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -72,12 +72,12 @@ let ; systemd.services = flip mapAttrs' (filterAttrs (_:isPullDst) cfg.plans) (name: plan: { - name = "backup.${name}.pull"; + name = "backup.${name}"; value = makePullService plan; }) // flip mapAttrs' (filterAttrs (_:isPushSrc) cfg.plans) (name: plan: { - name = "backup.${name}.push"; + name = "backup.${name}"; value = makePushService plan; }) ; -- cgit v1.2.3 From 071194c3946b325103311f5c6528fba30580f125 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 16:21:58 +0100 Subject: krebs.backup: DRY up push and pull --- krebs/3modules/backup.nix | 333 +++++++++++++++++----------------------------- 1 file changed, 125 insertions(+), 208 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 935370d9..fa5b0cfd 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -58,228 +58,145 @@ let }; imp = { - users.groups.backup.gid = genid "backup"; - users.users = {} - // { - root.openssh.authorizedKeys.keys = - map (plan: plan.dst.host.ssh.pubkey) - (filter isPullSrc (attrValues cfg.plans)) - ++ - map (plan: plan.src.host.ssh.pubkey) - (filter isPushDst (attrValues cfg.plans)) - ; - } - ; systemd.services = - flip mapAttrs' (filterAttrs (_:isPullDst) cfg.plans) (name: plan: { - name = "backup.${name}"; - value = makePullService plan; - }) - // - flip mapAttrs' (filterAttrs (_:isPushSrc) cfg.plans) (name: plan: { - name = "backup.${name}"; - value = makePushService plan; - }) - ; - }; - - isPushSrc = plan: - plan.method == "push" && - plan.src.host.name == config.krebs.build.host.name; - - isPullSrc = plan: - plan.method == "pull" && - plan.src.host.name == config.krebs.build.host.name; - - isPushDst = plan: - plan.method == "push" && - plan.dst.host.name == config.krebs.build.host.name; - - isPullDst = plan: - plan.method == "pull" && - plan.dst.host.name == config.krebs.build.host.name; - - # TODO push destination needs this in the dst.user's PATH - service-path = [ - pkgs.coreutils - pkgs.gnused - pkgs.openssh - pkgs.rsync - pkgs.utillinux - ]; - - # TODO if there is plan.user, then use its privkey - makePushService = plan: assert isPushSrc plan; { - path = service-path; - serviceConfig = { - ExecStart = push plan; - Type = "oneshot"; - }; - } // optionalAttrs (plan.startAt != null) { - inherit (plan) startAt; - }; + listToAttrs (map (plan: nameValuePair "backup.${plan.name}" { + # TODO if there is plan.user, then use its privkey + # TODO push destination users need a similar path + path = with pkgs; [ + coreutils + gnused + openssh + rsync + utillinux + ]; + serviceConfig = rec { + ExecStart = start plan; + SyslogIdentifier = ExecStart.name; + Type = "oneshot"; + }; + } // optionalAttrs (plan.startAt != null) { + inherit (plan) startAt; + }) (filter (plan: build-host-is "pull" "dst" plan || + build-host-is "push" "src" plan) + (attrValues cfg.plans))); - makePullService = plan: assert isPullDst plan; { - path = service-path; - serviceConfig = { - ExecStart = pull plan; - Type = "oneshot"; - }; - } // optionalAttrs (plan.startAt != null) { - inherit (plan) startAt; + users.groups.backup.gid = genid "backup"; + users.users.root.openssh.authorizedKeys.keys = + map (plan: getAttr plan.method { + push = plan.src.host.ssh.pubkey; + pull = plan.dst.host.ssh.pubkey; + }) (filter (plan: build-host-is "pull" "src" plan || + build-host-is "push" "dst" plan) + (attrValues cfg.plans)); }; - push = plan: let - # We use pkgs.writeDashBin and return the absolute path so systemd will - # produce nice names in the log, i.e. without the Nix store hash. - out = "${main}/bin/${main.name}"; - - main = pkgs.writeDashBin "backup.${plan.name}.push" '' - set -efu - dst=${shell.escape plan.dst.path} - - mkdir -m 0700 -p "$dst" - exec flock -n "$dst" ${critical-section} - ''; - - critical-section = pkgs.writeDash "backup.${plan.name}.push.critical-section" '' - # TODO check if there is a previous - set -efu - identity=${shell.escape plan.src.host.ssh.privkey.path} - src=${shell.escape plan.src.path} - dst_user=root - dst_host=$(${fastest-address plan.dst.host}) - dst_port=$(${network-ssh-port plan.dst.host "$dst_host"}) - dst_path=${shell.escape plan.dst.path} - dst=$dst_user@$dst_host:$dst_path - - # Export NOW so runtime of rsync doesn't influence snapshot naming. - export NOW - NOW=$(date +%s) - - echo >&2 "update snapshot: current; $src -> $dst" - rsync >&2 \ - -aAXF --delete \ - -e "ssh -F /dev/null -i $identity ''${dst_port:+-p $dst_port}" \ - --rsync-path ${shell.escape - "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current && rsync"} \ - --link-dest="$dst_path/current" \ - "$src/" \ - "$dst/.partial" + build-host-is = method: side: plan: + plan.method == method && + config.krebs.build.host.name == plan.${side}.host.name; - exec ssh -F /dev/null \ - -i "$identity" \ - ''${dst_port:+-p $dst_port} \ - "$dst_user@$dst_host" \ - -T \ - env NOW="$NOW" /bin/sh < ${remote-snapshot} - ''; - - remote-snapshot = pkgs.writeDash "backup.${plan.name}.push.remote-snapshot" '' - set -efu - dst=${shell.escape plan.dst.path} - - if test -e "$dst/current"; then - mv "$dst/current" "$dst/.previous" - fi - mv "$dst/.partial" "$dst/current" - rm -fR "$dst/.previous" - echo >&2 - - (${(take-snapshots plan).text}) - ''; - - in out; - - # TODO admit plan.dst.user and its ssh identity - pull = plan: let - # We use pkgs.writeDashBin and return the absolute path so systemd will - # produce nice names in the log, i.e. without the Nix store hash. - out = "${main}/bin/${main.name}"; - - main = pkgs.writeDashBin "backup.${plan.name}.pull" '' + start = plan: pkgs.writeDash "backup.${plan.name}" '' + set -efu + ${getAttr plan.method { + push = '' + identity=${shell.escape plan.src.host.ssh.privkey.path} + src_path=${shell.escape plan.src.path} + src=$src_path + dst_user=root + dst_host=$(${fastest-address plan.dst.host}) + dst_port=$(${network-ssh-port plan.dst.host "$dst_host"}) + dst_path=${shell.escape plan.dst.path} + dst=$dst_user@$dst_host:$dst_path + echo "update snapshot: current; $src -> $dst" >&2 + dst_shell() { + exec ssh -F /dev/null \ + -i "$identity" \ + ''${dst_port:+-p $dst_port} \ + "$dst_user@$dst_host" \ + -T "$with_dst_path_lock_script" + } + ''; + pull = '' + identity=${shell.escape plan.dst.host.ssh.privkey.path} + src_user=root + src_host=$(${fastest-address plan.src.host}) + src_port=$(${network-ssh-port plan.src.host "$src_host"}) + src_path=${shell.escape plan.src.path} + src=$src_user@$src_host:$src_path + dst_path=${shell.escape plan.dst.path} + dst=$dst_path + echo "update snapshot: current; $dst <- $src" >&2 + dst_shell() { + eval "$with_dst_path_lock_script" + } + ''; + }} + # Note that this only works because we trust date +%s to produce output + # that doesn't need quoting when used to generate a command string. + # TODO relax this requirement by selectively allowing to inject variables + # e.g.: ''${shell.quote "exec env NOW=''${shell.unquote "$NOW"} ..."} + with_dst_path_lock_script="exec env start_date=$(date +%s) "${shell.escape + "flock -n ${shell.escape plan.dst.path} /bin/sh" + } + rsync >&2 \ + -aAXF --delete \ + -e "ssh -F /dev/null -i $identity ''${dst_port:+-p $dst_port}" \ + --rsync-path ${shell.escape (concatStringsSep " && " [ + "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current" + "exec flock -n ${shell.escape plan.dst.path} rsync" + ])} \ + --link-dest="$dst_path/current" \ + "$src/" \ + "$dst/.partial" + dst_shell < ${toFile "backup.${plan.name}.take-snapshots" '' set -efu - dst=${shell.escape plan.dst.path} + : $start_date - mkdir -m 0700 -p "$dst" - exec flock -n "$dst" ${critical-section} - ''; - - critical-section = pkgs.writeDash "backup.${plan.name}.pull.critical-section" '' - # TODO check if there is a previous - set -efu - identity=${shell.escape plan.dst.host.ssh.privkey.path} - src_user=root - src_host=$(${fastest-address plan.src.host}) - src_port=$(${network-ssh-port plan.src.host "$src_host"}) - src_path=${shell.escape plan.src.path} - src=$src_user@$src_host:$src_path dst=${shell.escape plan.dst.path} - # Export NOW so runtime of rsync doesn't influence snapshot naming. - export NOW - NOW=$(date +%s) - - echo >&2 "update snapshot: current; $dst <- $src" - mkdir -m 0700 -p ${shell.escape plan.dst.path} - rsync >&2 \ - -aAXF --delete \ - -e "ssh -F /dev/null -i $identity ''${src_port:+-p $src_port}" \ - --link-dest="$dst/current" \ - "$src/" \ - "$dst/.partial" mv "$dst/current" "$dst/.previous" mv "$dst/.partial" "$dst/current" rm -fR "$dst/.previous" echo >&2 - exec ${take-snapshots plan} - ''; - in out; - - take-snapshots = plan: pkgs.writeDash "backup.${plan.name}.take-snapshots" '' - set -efu - NOW=''${NOW-$(date +%s)} - dst=${shell.escape plan.dst.path} - - snapshot() {( - : $ns $format $retain - name=$(date --date="@$NOW" +"$format") - if ! test -e "$dst/$ns/$name"; then - echo >&2 "create snapshot: $ns/$name" - mkdir -m 0700 -p "$dst/$ns" - rsync >&2 \ - -aAXF --delete \ - --link-dest="$dst/current" \ - "$dst/current/" \ - "$dst/$ns/.partial.$name" - mv "$dst/$ns/.partial.$name" "$dst/$ns/$name" - echo >&2 - fi - case $retain in - ([0-9]*) - delete_from=$(($retain + 1)) - ls -r "$dst/$ns" \ - | sed -n "$delete_from,\$p" \ - | while read old_name; do - echo >&2 "delete snapshot: $ns/$old_name" - rm -fR "$dst/$ns/$old_name" - done - ;; - (ALL) - : - ;; - esac - )} - - ${concatStringsSep "\n" (mapAttrsToList (ns: { format, retain ? null, ... }: - toString (map shell.escape [ - "ns=${ns}" - "format=${format}" - "retain=${if retain == null then "ALL" else toString retain}" - "snapshot" - ])) - plan.snapshots)} + snapshot() {( + : $ns $format $retain + name=$(date --date="@$start_date" +"$format") + if ! test -e "$dst/$ns/$name"; then + echo >&2 "create snapshot: $ns/$name" + mkdir -m 0700 -p "$dst/$ns" + rsync >&2 \ + -aAXF --delete \ + --link-dest="$dst/current" \ + "$dst/current/" \ + "$dst/$ns/.partial.$name" + mv "$dst/$ns/.partial.$name" "$dst/$ns/$name" + echo >&2 + fi + case $retain in + ([0-9]*) + delete_from=$(($retain + 1)) + ls -r "$dst/$ns" \ + | sed -n "$delete_from,\$p" \ + | while read old_name; do + echo >&2 "delete snapshot: $ns/$old_name" + rm -fR "$dst/$ns/$old_name" + done + ;; + (ALL) + : + ;; + esac + )} + + ${concatStringsSep "\n" (mapAttrsToList (ns: { format, retain, ... }: + toString (map shell.escape [ + "ns=${ns}" + "format=${format}" + "retain=${if retain == null then "ALL" else toString retain}" + "snapshot" + ])) + plan.snapshots)} + ''} ''; # XXX Is one ping enough to determine fastest address? -- cgit v1.2.3 From 8a1ddc5e9b8012b141c3b5e997d44acb70e1f17f Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 23:48:34 +0100 Subject: krebs.backup.plans.*.enable.default = true --- krebs/3modules/backup.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index fa5b0cfd..6e9e9813 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -13,8 +13,10 @@ let plans = mkOption { default = {}; type = types.attrsOf (types.submodule ({ config, ... }: { - # TODO enable = mkEnableOption "TODO" // { default = true; }; options = { + enable = mkEnableOption "krebs.backup.${config.name}" // { + default = true; + }; method = mkOption { type = types.enum ["pull" "push"]; }; @@ -78,7 +80,7 @@ let inherit (plan) startAt; }) (filter (plan: build-host-is "pull" "dst" plan || build-host-is "push" "src" plan) - (attrValues cfg.plans))); + enabled-plans)); users.groups.backup.gid = genid "backup"; users.users.root.openssh.authorizedKeys.keys = @@ -87,9 +89,11 @@ let pull = plan.dst.host.ssh.pubkey; }) (filter (plan: build-host-is "pull" "src" plan || build-host-is "push" "dst" plan) - (attrValues cfg.plans)); + enabled-plans); }; + enabled-plans = filter (getAttr "enable") (attrValues cfg.plans); + build-host-is = method: side: plan: plan.method == method && config.krebs.build.host.name == plan.${side}.host.name; -- cgit v1.2.3 From 14afbfef1251178b1599caaf9046c6aeeb97fb19 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 8 Feb 2016 00:31:26 +0100 Subject: krebs.backup: use aliases instead of addrs4 --- krebs/3modules/backup.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 6e9e9813..86e2e72e 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -204,12 +204,10 @@ let ''; # XXX Is one ping enough to determine fastest address? - # Note that we're using net.addrs4 instead of net.aliases because we define - # ports only for addresses. See krebs/3modules/default.nix fastest-address = host: '' { ${pkgs.fping}/bin/fping Date: Mon, 8 Feb 2016 12:13:28 +0100 Subject: krebs.backup: admit plan.startAt --- krebs/3modules/backup.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'krebs/3modules/backup.nix') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 86e2e72e..66a325ed 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -76,8 +76,7 @@ let SyslogIdentifier = ExecStart.name; Type = "oneshot"; }; - } // optionalAttrs (plan.startAt != null) { - inherit (plan) startAt; + startAt = mkIf (plan.startAt != null) plan.startAt; }) (filter (plan: build-host-is "pull" "dst" plan || build-host-is "push" "src" plan) enabled-plans)); -- cgit v1.2.3