Merge pull request #136925 from Artturin/snapperfix
nixos/snapper: change timer wantedBy to timers.target & add snapshotOnBoot
This commit is contained in:
commit
e3e5fc9bf1
@ -9,6 +9,14 @@ in
|
|||||||
{
|
{
|
||||||
options.services.snapper = {
|
options.services.snapper = {
|
||||||
|
|
||||||
|
snapshotRootOnBoot = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
description = ''
|
||||||
|
Whether to snapshot root on boot
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
snapshotInterval = mkOption {
|
snapshotInterval = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "hourly";
|
default = "hourly";
|
||||||
@ -130,20 +138,22 @@ in
|
|||||||
Type = "dbus";
|
Type = "dbus";
|
||||||
BusName = "org.opensuse.Snapper";
|
BusName = "org.opensuse.Snapper";
|
||||||
ExecStart = "${pkgs.snapper}/bin/snapperd";
|
ExecStart = "${pkgs.snapper}/bin/snapperd";
|
||||||
|
CapabilityBoundingSet = "CAP_DAC_OVERRIDE CAP_FOWNER CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_SYS_ADMIN CAP_SYS_MODULE CAP_IPC_LOCK CAP_SYS_NICE";
|
||||||
|
LockPersonality = true;
|
||||||
|
NoNewPrivileges = false;
|
||||||
|
PrivateNetwork = true;
|
||||||
|
ProtectHostname = true;
|
||||||
|
RestrictAddressFamilies = "AF_UNIX";
|
||||||
|
RestrictRealtime = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.snapper-timeline = {
|
systemd.services.snapper-timeline = {
|
||||||
description = "Timeline of Snapper Snapshots";
|
description = "Timeline of Snapper Snapshots";
|
||||||
inherit documentation;
|
inherit documentation;
|
||||||
|
requires = [ "local-fs.target" ];
|
||||||
serviceConfig.ExecStart = "${pkgs.snapper}/lib/snapper/systemd-helper --timeline";
|
serviceConfig.ExecStart = "${pkgs.snapper}/lib/snapper/systemd-helper --timeline";
|
||||||
};
|
startAt = cfg.snapshotInterval;
|
||||||
|
|
||||||
systemd.timers.snapper-timeline = {
|
|
||||||
description = "Timeline of Snapper Snapshots";
|
|
||||||
inherit documentation;
|
|
||||||
wantedBy = [ "basic.target" ];
|
|
||||||
timerConfig.OnCalendar = cfg.snapshotInterval;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.snapper-cleanup = {
|
systemd.services.snapper-cleanup = {
|
||||||
@ -155,10 +165,21 @@ in
|
|||||||
systemd.timers.snapper-cleanup = {
|
systemd.timers.snapper-cleanup = {
|
||||||
description = "Cleanup of Snapper Snapshots";
|
description = "Cleanup of Snapper Snapshots";
|
||||||
inherit documentation;
|
inherit documentation;
|
||||||
wantedBy = [ "basic.target" ];
|
wantedBy = [ "timers.target" ];
|
||||||
|
requires = [ "local-fs.target" ];
|
||||||
timerConfig.OnBootSec = "10m";
|
timerConfig.OnBootSec = "10m";
|
||||||
timerConfig.OnUnitActiveSec = cfg.cleanupInterval;
|
timerConfig.OnUnitActiveSec = cfg.cleanupInterval;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.services.snapper-boot = lib.optionalAttrs cfg.snapshotRootOnBoot {
|
||||||
|
description = "Take snapper snapshot of root on boot";
|
||||||
|
inherit documentation;
|
||||||
|
serviceConfig.ExecStart = "${pkgs.snapper}/bin/snapper --config root create --cleanup-algorithm number --description boot";
|
||||||
|
serviceConfig.type = "oneshot";
|
||||||
|
requires = [ "local-fs.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
unitConfig.ConditionPathExists = "/etc/snapper/configs/root";
|
||||||
|
};
|
||||||
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user