refactor: small backup refactoring

flake.nix

@@ -80,7 +80,7 @@
               imports = [
                 self.nixosModules.common
                 ./hosts/nachtigall
-                self.pub-solar.lib.linux.unlockZFSOnBoot
+                self.lib.linux.unlockZFSOnBoot
                 self.nixosModules.home-manager
                 self.nixosModules.linux
                 self.nixosModules.overlays
@@ -155,7 +155,7 @@
             };
           };
 
-          deploy.nodes = self.pub-solar.lib.deploy.mkDeployNodes self.nixosConfigurations {
+          deploy.nodes = self.lib.deploy.mkDeployNodes self.nixosConfigurations {
             nachtigall = {
               sshUser = username;
             };

hosts/nachtigall/apps/forgejo.nix

@@ -103,11 +103,19 @@
     GPG_TTY = "$(tty)";
   };
 
-  services.restic.backups.forgejo = flake.self.lib.droppieBackup {
+  services.restic.backups.forgejo = {
     paths = [
       "/var/lib/forgejo"
       "/tmp/forgejo-backup.sql"
     ];
+    timerConfig = {
+      OnCalendar = "*-*-* 02:00:00 Etc/UTC";
+      # droppie will be offline if nachtigall misses the timer
+      Persistent = false;
+    };
+    initialize = true;
+    passwordFile = config.age.secrets."restic-repo-droppie".path;
+    repository = "yule@droppie.b12f.io:/media/internal/backups-pub-solar";
     backupPrepareCommand = ''
       ${pkgs.sudo}/bin/sudo -iu postgres ${pkgs.postgresql}/bin/pg_dump -d gitea > /tmp/forgejo-backup.sql
     '';

hosts/nachtigall/apps/keycloak.nix

@@ -47,10 +47,18 @@
     };
   };
 
-  services.restic.backups.keycloak = flake.self.lib.droppieBackup {
+  services.restic.backups.keycloak = {
     paths = [
       "/tmp/keycloak-backup.sql"
     ];
+    timerConfig = {
+      OnCalendar = "*-*-* 02:00:00 Etc/UTC";
+      # droppie will be offline if nachtigall misses the timer
+      Persistent = false;
+    };
+    initialize = true;
+    passwordFile = config.age.secrets."restic-repo-droppie".path;
+    repository = "yule@droppie.b12f.io:/media/internal/backups-pub-solar";
     backupPrepareCommand = ''
       ${pkgs.sudo}/bin/sudo -iu postgres ${pkgs.postgresql}/bin/pg_dump -d keycloak > /tmp/keycloak-backup.sql
     '';

hosts/nachtigall/apps/mailman.nix

@@ -80,11 +80,19 @@
   #  ])
   #'';
 
-  services.restic.backups.mailman = flake.self.lib.droppieBackup {
+  services.restic.backups.mailman = {
     paths = [
       "/var/lib/mailman"
       "/var/lib/mailman-web/mailman-web.db"
       "/var/lib/postfix/conf/aliases.db"
     ];
+    timerConfig = {
+      OnCalendar = "*-*-* 02:00:00 Etc/UTC";
+      # droppie will be offline if nachtigall misses the timer
+      Persistent = false;
+    };
+    initialize = true;
+    passwordFile = config.age.secrets."restic-repo-droppie".path;
+    repository = "yule@droppie.b12f.io:/media/internal/backups-pub-solar";
   };
 }

hosts/nachtigall/apps/mastodon.nix

@@ -1,10 +1,6 @@
+{ config, pkgs, flake, inputs, ... }:
+
 {
-  config,
-  pkgs,
-  flake,
-  inputs,
-  ...
-}: {
   age.secrets."mastodon-secret-key-base" = {
     file = "${flake.self}/secrets/mastodon-secret-key-base.age";
     mode = "400";
@@ -98,12 +94,20 @@
     };
   };
 
-  services.restic.backups.mastodon = flake.self.lib.droppieBackup {
+  services.restic.backups.mastodon = {
     paths = [
       "/tmp/mastodon-backup.sql"
     ];
+    timerConfig = {
+      OnCalendar = "*-*-* 02:00:00 Etc/UTC";
+      # droppie will be offline if nachtigall misses the timer
+      Persistent = false;
+    };
+    initialize = true;
+    passwordFile = config.age.secrets."restic-repo-droppie".path;
+    repository = "yule@droppie.b12f.io:/media/internal/backups-pub-solar";
     backupPrepareCommand = ''
-      ${pkgs.sudo}/bin/sudo -iu postgres ${pkgs.postgresql}/bin/pg_dump -d gitea > /tmp/mastodon-backup.sql
+      ${pkgs.sudo}/bin/sudo -iu postgres ${pkgs.postgresql}/bin/pg_dump -d mastodon > /tmp/mastodon-backup.sql
     '';
     backupCleanupCommand = ''
       rm /tmp/mastodon-backup.sql

hosts/nachtigall/apps/nextcloud.nix

@@ -3,7 +3,8 @@
   pkgs,
   flake,
   ...
-}: {
+}:
+{
   age.secrets."nextcloud-secrets" = {
     file = "${flake.self}/secrets/nextcloud-secrets.age";
     mode = "400";
@@ -130,11 +131,19 @@
     database.createLocally = true;
   };
 
-  services.restic.backups.nextcloud = flake.self.lib.droppieBackup {
+  services.restic.backups.nextcloud = {
     paths = [
       "/var/lib/nextcloud/data"
       "/tmp/nextcloud-backup.sql"
     ];
+    timerConfig = {
+      OnCalendar = "*-*-* 02:00:00 Etc/UTC";
+      # droppie will be offline if nachtigall misses the timer
+      Persistent = false;
+    };
+    initialize = true;
+    passwordFile = config.age.secrets."restic-repo-droppie".path;
+    repository = "yule@droppie.b12f.io:/media/internal/backups-pub-solar";
     backupPrepareCommand = ''
       ${pkgs.sudo}/bin/sudo -iu postgres ${pkgs.postgresql}/bin/pg_dump -d nextcloud > /tmp/nextcloud-backup.sql
     '';

lib/default.nix

@@ -1,7 +1,7 @@
 { self, lib, inputs, ... }: {
   # Configuration common to all Linux systems
   flake = {
-    pub-solar.lib = let
+    lib = let
       callLibs = file: import file {inherit lib;};
     in rec {
       ## Define your own library functions here!
@@ -12,8 +12,6 @@
 
       deploy = import ./deploy.nix { inherit inputs lib; };
 
-      droppieBackup = import ./droppie-backup.nix;
-
       linux = {
         unlockZFSOnBoot = import ./unlock-zfs-on-boot.nix {publicKeys = self.publicKeys.allAdmins;};
       };

lib/droppie-backup.nix

@@ -1,10 +0,0 @@
-{ config, ... }: extraOptions: {
-  timerConfig = {
-    OnCalendar = "*-*-* 02:00:00 Etc/UTC";
-    # droppie will be offline if nachtigall misses the timer
-    Persistent = false;
-  };
-  initialize = true;
-  passwordFile = config.age.secrets."restic-repo-droppie".path;
-  repository = "yule@droppie.b12f.io:/media/internal/backups-pub-solar";
-} // extraOptions