jeff/nixos-restic
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

test passwordFile

Browse source
This commit is contained in:
Jeffrey C. Ollie 2023-04-04 11:16:35 -05:00
parent 210af3b949
commit 75ba7e2d88
No known key found for this signature in database
GPG key ID: F936E4DCB7E25F15
1 changed files with 19 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
flake.nix
View file

@ -87,8 +87,13 @@
type = lib.types.submodule {
options = {
enable = lib.options.mkEnableOption "Restic";
passwordFile = lib.options.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
};
password = lib.options.mkOption {
type = lib.types.str;
type = lib.types.nullOr lib.types.str;
default = null;
};
storage = lib.options.mkOption {
type = lib.types.enum [
@ -187,11 +192,22 @@
}.${cfg.storage};
in
lib.mkIf cfg.enable {
assertions = [
{
assertion = cfg.passwordFile != null and cfg.password != null;
message = "Must specifiy either passwordFile or password";
}
];
warnings =
if cfg.password != null then [
''Restic encryption password will be stored world readable in the Nix store.''
] else [ ];
environment.systemPackages = [
package
];
environment.etc."restic/password" = {
environment.etc."restic/password" = lib.mkIf cfg.password != null {
text = cfg.password;
user = "root";
group = "root";
@ -230,7 +246,7 @@
text = ''
${hcConfig}
RESTIC_CACHE_DIR=/var/cache/restic
RESTIC_PASSWORD_FILE=/etc/restic/password
RESTIC_PASSWORD_FILE=${if cfg.passwordFile != null then cfg.passwordFile else "/etc/restic/password"}
RESTIC_REPOSITORY=${repositoryConfig}
${storageConfig}
'';