|
|
@@ -38,6 +38,12 @@
|
|
|
restic-win2022-backup
|
|
|
restic-ntfsgames-backup
|
|
|
|
|
|
+ restic-openwrt-init
|
|
|
+ restic-openwrt-backup
|
|
|
+
|
|
|
+ restic-whonix-gateway-direct-init
|
|
|
+ restic-whonix-gateway-direct-backup
|
|
|
+
|
|
|
restic-command))
|
|
|
|
|
|
;;; Commentary:
|
|
|
@@ -171,7 +177,7 @@
|
|
|
(define %user-home
|
|
|
(passwd:dir (getpw "oleg")))
|
|
|
|
|
|
-(define (restic-system-backup)
|
|
|
+(define restic-system-backup
|
|
|
(program-file
|
|
|
"restic-backup-system"
|
|
|
#~(begin
|
|
|
@@ -191,7 +197,7 @@
|
|
|
(map (lambda (directory)
|
|
|
(string-append #$%user-home "/" directory))
|
|
|
'#$%user-directories))))
|
|
|
- (setenv "RESTIC_PASSWORD"
|
|
|
+ (setenv "RESTIC_PASSWORD_FILE"
|
|
|
(string-trim-right
|
|
|
(with-input-from-file "/etc/guix/secrets/restic"
|
|
|
read-string)))
|
|
|
@@ -209,7 +215,7 @@
|
|
|
(define* (restic-lv-backup vg lv
|
|
|
#:key (predicate #~(begin #t))
|
|
|
restic-repository
|
|
|
- restic-password
|
|
|
+ restic-password-file
|
|
|
(lvm2-snapshot-size "32G"))
|
|
|
"Return a GEXP which defines a logical volume backup steps."
|
|
|
(let* ((device (string-append "/dev/" vg "/" lv))
|
|
|
@@ -220,10 +226,10 @@
|
|
|
#~(begin
|
|
|
(use-modules (ice-9 rdelim)
|
|
|
(srfi srfi-1))
|
|
|
- (if #$(predicate)
|
|
|
+ (if #$predicate
|
|
|
(begin
|
|
|
(format #t "Creating new Restic ~a snapshot~%" #$device)
|
|
|
- (setenv "RESTIC_PASSWORD" #$(restic-password))
|
|
|
+ (setenv "RESTIC_PASSWORD_FILE" #$restic-password-file)
|
|
|
(zero?
|
|
|
(system
|
|
|
(string-join
|
|
|
@@ -245,7 +251,7 @@
|
|
|
"--snapshot" #$device))
|
|
|
(begin
|
|
|
(format #t "Creating new Restic ~a snapshot~%" #$device)
|
|
|
- (setenv "RESTIC_PASSWORD" #$(restic-password))
|
|
|
+ (setenv "RESTIC_PASSWORD_FILE" #$restic-password-file)
|
|
|
(zero?
|
|
|
(system
|
|
|
(string-join
|
|
|
@@ -265,99 +271,92 @@
|
|
|
(system* #$lvremove-binary "--yes"
|
|
|
#$lvm2-snapshot-device))))))))))
|
|
|
|
|
|
-(define (win10-shut-off?)
|
|
|
+(define (virtual-machine-shut-off? virtual-machine-name)
|
|
|
#~(begin
|
|
|
(use-modules (ice-9 popen)
|
|
|
(ice-9 rdelim))
|
|
|
(let* ((port (open-pipe* OPEN_READ #$virsh-binary
|
|
|
- "domstate" "win10"))
|
|
|
+ "domstate" #$virtual-machine-name))
|
|
|
(output (read-string port)))
|
|
|
(close-port port)
|
|
|
(string= (string-trim-right output #\newline)
|
|
|
"shut off"))))
|
|
|
|
|
|
-(define (win10-password)
|
|
|
- #~(begin
|
|
|
- (use-modules (ice-9 rdelim))
|
|
|
- (string-trim-right
|
|
|
- (with-input-from-file "/etc/guix/secrets/windows"
|
|
|
- read-string))))
|
|
|
-
|
|
|
-(define (restic-win10-backup)
|
|
|
+(define restic-win10-backup
|
|
|
(restic-lv-backup "lvm1" "win10"
|
|
|
#:restic-repository "/srv/backup/win10"
|
|
|
- #:restic-password win10-password
|
|
|
- #:predicate win10-shut-off?))
|
|
|
-
|
|
|
-(define (win2022-password)
|
|
|
- #~(begin
|
|
|
- (use-modules (ice-9 rdelim))
|
|
|
- (string-trim-right
|
|
|
- (with-input-from-file "/etc/guix/secrets/windows"
|
|
|
- read-string))))
|
|
|
-
|
|
|
-(define (restic-win2022-backup)
|
|
|
- (restic-lv-backup "lvm2" "win2022"
|
|
|
- #:restic-repository "/srv/backup/win2022"
|
|
|
- #:restic-password win2022-password
|
|
|
- #:predicate win2022-shut-off?))
|
|
|
-
|
|
|
-(define (win2022-shut-off?)
|
|
|
- #~(begin
|
|
|
- (use-modules (ice-9 popen)
|
|
|
- (ice-9 rdelim))
|
|
|
- (let* ((port (open-pipe* OPEN_READ #$virsh-binary
|
|
|
- "domstate" "win2022"))
|
|
|
- (output (read-string port)))
|
|
|
- (close-port port)
|
|
|
- (string= (string-trim-right output #\newline)
|
|
|
- "shut off"))))
|
|
|
+ #:restic-password-file "/etc/guix/secrets/windows"
|
|
|
+ #:predicate (virtual-machine-shut-off? "win10")))
|
|
|
|
|
|
-(define (restic-win2022-backup)
|
|
|
+(define restic-win2022-backup
|
|
|
(restic-lv-backup "lvm2" "win2022"
|
|
|
#:restic-repository "/srv/backup/win2022"
|
|
|
- #:restic-password win2022-password
|
|
|
- #:predicate win2022-shut-off?))
|
|
|
+ #:restic-password-file "/etc/guix/secrets/windows"
|
|
|
+ #:predicate (virtual-machine-shut-off? "win2022")))
|
|
|
|
|
|
-(define (restic-ntfsgames-backup)
|
|
|
+(define restic-ntfsgames-backup
|
|
|
(restic-lv-backup "lvm2" "ntfsgames"
|
|
|
#:restic-repository "/srv/backup/ntfsgames"
|
|
|
- #:restic-password win10-password
|
|
|
- #:predicate win10-shut-off?))
|
|
|
-
|
|
|
-(define (guix-password)
|
|
|
- #~(begin
|
|
|
- (use-modules (ice-9 rdelim))
|
|
|
- (string-trim-right
|
|
|
- (with-input-from-file "/etc/guix/secrets/guix"
|
|
|
- read-string))))
|
|
|
+ #:restic-password-file "/etc/guix/secrets/guix"
|
|
|
+ #:predicate (virtual-machine-shut-off? "win10")))
|
|
|
|
|
|
-(define (guix-shut-off?)
|
|
|
- #~(begin
|
|
|
- (use-modules (ice-9 popen)
|
|
|
- (ice-9 rdelim))
|
|
|
- (let* ((port (open-pipe* OPEN_READ #$virsh-binary
|
|
|
- "domstate" "guix"))
|
|
|
- (output (read-string port)))
|
|
|
- (close-port port)
|
|
|
- (string= (string-trim-right output #\newline)
|
|
|
- "shut off"))))
|
|
|
-
|
|
|
-(define (restic-guix-backup)
|
|
|
+(define restic-guix-backup
|
|
|
(restic-lv-backup "lvm2" "guix"
|
|
|
#:restic-repository "/srv/backup/guix"
|
|
|
- #:restic-password guix-password
|
|
|
- #:predicate guix-shut-off?))
|
|
|
+ #:restic-password-file "/etc/guix/secrets/guix"
|
|
|
+ #:predicate (virtual-machine-shut-off? "guix")))
|
|
|
+
|
|
|
+(define restic-openwrt-backup
|
|
|
+ (restic-lv-backup "lvm1" "openwrt"
|
|
|
+ #:restic-repository "/srv/backup/openwrt"
|
|
|
+ #:restic-password-file "/etc/guix/secrets/restic-openwrt"
|
|
|
+ #:predicate (virtual-machine-shut-off? "openwrt")))
|
|
|
+
|
|
|
+(define restic-whonix-gateway-direct-backup
|
|
|
+ (restic-lv-backup "lvm1" "whonix-gateway-direct"
|
|
|
+ #:restic-repository "/srv/backup/whonix-gateway-direct"
|
|
|
+ #:restic-password-file "/etc/guix/secrets/restic-whonix-gateway-direct"
|
|
|
+ #:predicate (virtual-machine-shut-off? "whonix-gateway-direct")))
|
|
|
+
|
|
|
+(define (restic-repository-init restic-repository-name
|
|
|
+ restic-repository-directory
|
|
|
+ restic-password-file)
|
|
|
+ (program-file
|
|
|
+ (string-append "restic-repository-init-" restic-repository-name)
|
|
|
+ #~(unless (file-exists? #$restic-repository-directory)
|
|
|
+ (use-modules (ice-9 rdelim))
|
|
|
+ (setenv "RESTIC_PASSWORD_FILE" #$restic-password-file)
|
|
|
+ (format #t "Creating new Restic ~a repository~%"
|
|
|
+ #$restic-repository-directory)
|
|
|
+ (zero?
|
|
|
+ (apply system*
|
|
|
+ (append (list #$restic-binary "--no-cache"
|
|
|
+ "--repo" #$restic-repository-directory)
|
|
|
+ (list "init")))))))
|
|
|
+
|
|
|
+(define restic-openwrt-init
|
|
|
+ (restic-repository-init "openwrt"
|
|
|
+ "/srv/backup/openwrt"
|
|
|
+ "/etc/guix/secrets/restic-openwrt"))
|
|
|
+
|
|
|
+(define restic-whonix-gateway-direct-init
|
|
|
+ (restic-repository-init "whonix-gateway-direct"
|
|
|
+ "/srv/backup/whonix-gateway-direct"
|
|
|
+ "/etc/guix/secrets/restic-whonix-gateway-direct"))
|
|
|
|
|
|
(define (restic-command)
|
|
|
(program-file
|
|
|
"restic-commands"
|
|
|
#~(map (lambda (program)
|
|
|
(zero? (system* program)))
|
|
|
- (list #$(restic-system-backup)
|
|
|
- #$(restic-guix-backup)
|
|
|
- #$(restic-win10-backup)
|
|
|
- #$(restic-win2022-backup)
|
|
|
- #$(restic-ntfsgames-backup)))))
|
|
|
+ (list #$restic-system-backup
|
|
|
+ #$restic-guix-backup
|
|
|
+ #$restic-win10-backup
|
|
|
+ #$restic-win2022-backup
|
|
|
+ #$restic-ntfsgames-backup
|
|
|
+ #$restic-openwrt-init
|
|
|
+ #$restic-openwrt-backup
|
|
|
+ #$restic-whonix-gateway-direct-init
|
|
|
+ #$restic-whonix-gateway-direct-backup))))
|
|
|
|
|
|
;;; backup.scm ends here
|
Oleg Pykhalov