diff --git a/machines/loki/barman.nix b/machines/loki/barman.nix index 6f9b6a2..0c7ef8c 100644 --- a/machines/loki/barman.nix +++ b/machines/loki/barman.nix @@ -23,6 +23,9 @@ streaming_archiver = true; backup_method = "postgres"; slot_name = "barman"; + bandwidth_limit = 0; + last_backup_maximum_age = "3 DAYS"; + minimum_redundancy = 3; retention_policy = "RECOVERY WINDOW OF 4 WEEKS"; }; }; diff --git a/modules/barman/default.nix b/modules/barman/default.nix index 9ed0ece..5ae9ba2 100644 --- a/modules/barman/default.nix +++ b/modules/barman/default.nix @@ -9,6 +9,27 @@ let iniFormat = pkgs.formats.ini { }; defaultUser = "barman"; defaultHome = "/var/lib/barman"; + + runtimeInputs = with pkgs; [ + cfg.package + bash + bzip2 + gzip + lz4 + pigz + postgresql + zstd + ]; + + barmanWrapper = pkgs.writeShellApplication { + name = "bm"; + + inherit runtimeInputs; + + text = '' + sudo --set-home --user ${cfg.settings.barman.barman_user} -- ${cfg.package}/bin/barman "$@" + ''; + }; in { options.services.barman = { @@ -73,7 +94,10 @@ in }; }) cfg.servers); - systemPackages = [ cfg.package ]; + systemPackages = [ + cfg.package + barmanWrapper + ]; }; systemd = { timers.barman = { @@ -87,16 +111,7 @@ in services.barman = { description = "Run barman maintenance tasks"; - path = with pkgs; [ - cfg.package - bash - bzip2 - gzip - lz4 - pigz - postgresql - zstd - ]; + path = runtimeInputs; # environment = { # PGPASSFILE = lib.mkIf (cfg.passwordsFile != null) cfg.passwordsFile; # };