pyrox.dev / nixpkgs
lol
fork atom

nixos: tarsnap - make systemd timer persistent

A machine may not always be active (or online!) when a backup timer
triggers, meaning backups can be missed - now we properly set the
tarsnap timer's Persistent option so systemd will run the command even
when the machine wasn't online at that exact time.

However, we also need to make sure that we can contact the tarsnap
server reliably before we start the backup. So, we attempt to ping the
access endpoint in a loop with a sleep, before continuing.

This fixes #8823.

Signed-off-by: Austin Seipp <aseipp@pobox.com>

authored by

Tanner Doshier and committed by
Austin Seipp ad796f15 a68450e5

+13 -2
+13 -2
nixos/modules/services/backup/tarsnap.nix
··· 242 242 243 243 systemd.services."tarsnap@" = { 244 244 description = "Tarsnap archive '%i'"; 245 - requires = [ "network.target" ]; 245 + requires = [ "network-online.target" ]; 246 + after = [ "network-online.target" ]; 246 247 247 - path = [ pkgs.tarsnap pkgs.coreutils ]; 248 + path = [ pkgs.iputils pkgs.tarsnap pkgs.coreutils ]; 249 + 250 + # In order for the persistent tarsnap timer to work reliably, we have to 251 + # make sure that the tarsnap server is reachable after systemd starts up 252 + # the service - therefore we sleep in a loop until we can ping the 253 + # endpoint. 254 + preStart = "while ! ping -q -c 1 betatest-server.tarsnap.com &> /dev/null; do sleep 3; done"; 248 255 scriptArgs = "%i"; 249 256 script = '' 250 257 mkdir -p -m 0755 ${dirOf cfg.cachedir} ··· 259 266 IOSchedulingClass = "idle"; 260 267 NoNewPrivileges = "true"; 261 268 CapabilityBoundingSet = "CAP_DAC_READ_SEARCH"; 269 + PermissionsStartOnly = "true"; 262 270 }; 263 271 }; 264 272 273 + # Note: the timer must be Persistent=true, so that systemd will start it even 274 + # if e.g. your laptop was asleep while the latest interval occurred. 265 275 systemd.timers = mapAttrs' (name: cfg: nameValuePair "tarsnap@${name}" 266 276 { timerConfig.OnCalendar = cfg.period; 277 + timerConfig.Persistent = "true"; 267 278 wantedBy = [ "timers.target" ]; 268 279 }) cfg.archives; 269 280