{ config, pkgs, lib, ... }: with lib; { systemd.services.ydns = { description = "update ydns address record"; after = [ "network-online.target" ]; startAt = "*:0/30"; serviceConfig.Type = "oneshot"; serviceConfig.environmentFile = config.secrets.environments.ydns; path = with pkgs; [ curl cacert gawk iproute ]; environment = { YDNS_HOST = config.var.hostname; CURL_CA_BUNDLE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; }; script = '' update() { ret=$(curl -$1 --basic --silent \ -u "$YDNS_USER:$YDNS_PASSWD" \ "https://ydns.io/api/v1/update/?host=$YDNS_HOST&ip=$2" || exit 0) case "$ret" in ok) echo "updated successfully: $YDNS_HOST ($2)" ;; badauth) echo "updated failed: $YDNS_HOST (authentication failed)" ;; *) echo "update failed: $YDNS_HOST ($ret)" ;; esac } update 4 "$(curl -s -4 https://ydns.io/api/v1/ip)" update 6 "$(ip addr show mngtmpaddr | awk '/inet6/{print $2; exit}' | cut -d/ -f1)" ''; }; systemd.services.backup = { description = "run system backup"; after = [ "network-online.target" ]; startAt = "weekly"; serviceConfig.Type = "oneshot"; path = with pkgs; [ bup git nfs-utils ]; environment.BUP_DIR = "/mnt/backup"; script = '' ${pkgs.fish}/bin/fish << 'EOF' set locations \ /etc/lvm \ /etc/nixos \ /var/lib \ /home set excluded \ /var/lib/alsa \ /var/lib/systemd \ /var/lib/udisks2 \ /var/lib/udev \ /var/lib/postgresql # mount NFS share mkdir -p $BUP_DIR mount.nfs -o nolock 192.168.1.3:/maxwell $BUP_DIR # check if properly mounted if not mountpoint -q $BUP_DIR echo mount failed! 1>&2 exit 1 end # init backup if not test -e $BUP_DIR/bupindex bup init end # build indices and copy for i in $locations eval bup index $i --exclude=(string join " --exclude=" $excluded) bup save -n (basename $i) $i end # postgresql backup set dir /var/lib/postgresql-backup mkdir -p $dir sudo -u postgres pg_dumpall | gzip > $dir/db.bak bup index $dir bup save -n postgresql $dir rm -rf $dir umount /mnt/backup EOF ''; }; systemd.services.namecoin-update = let userFile = with config.services.namecoind; pkgs.writeText "namecoin.conf" '' rpcbind=${rpc.address} rpcport=${toString rpc.port} rpcuser=${rpc.user} rpcpassword=${rpc.password} ''; in { description = "update namecoin names"; after = [ "namecoind.service" ]; startAt = "hourly"; path = [ pkgs.namecoind ]; serviceConfig.Type = "oneshot"; serviceConfig.ExecStart = "${pkgs.haskellPackages.namecoin-update}/bin/namecoin-update ${userFile}"; }; }