From 0d2db4e79f20324b80e7683a21af7aea89470b06 Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Wed, 8 Sep 2021 17:01:09 +0200
Subject: [PATCH] backups: add option `postgresqlDatabases`

This simplifies defining postgresql backups.
This change is covered by tests.py.
---
 modules/backups.nix | 38 ++++++++++++++++++++++++--------------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/modules/backups.nix b/modules/backups.nix
index a7747c6..2425214 100644
--- a/modules/backups.nix
+++ b/modules/backups.nix
@@ -18,17 +18,22 @@ let
     ${config.services.nbxplorer.dataDir}
     ${config.services.btcpayserver.dataDir}
     ${config.services.joinmarket.dataDir}
-    ${config.services.postgresqlBackup.location}/btcpaydb.sql.gz
     ${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"}
     /var/lib/tor
     /var/lib/nixos
 
+    ${builtins.concatStringsSep "\n" postgresqlBackupPaths}
+
     # Extra files
     ${cfg.extraFiles}
 
     # Exclude all unspecified files and directories
     - /
   '';
+
+  postgresqlBackupDir = config.services.postgresqlBackup.location;
+  postgresqlBackupPaths = map (db: "${postgresqlBackupDir}/${db}.sql.gz") cfg.postgresqlDatabases;
+  postgresqlBackupServices = map (db: "postgresqlBackup-${db}.service") cfg.postgresqlDatabases;
 in {
   options.services.backups = {
     enable = mkEnableOption "Backups service";
@@ -53,6 +58,11 @@ in {
         Run backup with the given frequency. If null, do not run automatically.
       '';
     };
+    postgresqlDatabases = mkOption {
+      type = types.listOf types.str;
+      default = [];
+      description = "List of database names to backup.";
+    };
     extraFiles = mkOption {
       type = types.lines;
       default = "";
@@ -63,8 +73,7 @@ in {
     };
   };
 
-  config = mkIf cfg.enable (mkMerge [
-    {
+  config = mkIf cfg.enable {
       environment.systemPackages = [ pkgs.duplicity ];
 
       services.duplicity = {
@@ -78,17 +87,18 @@ in {
         secretFile = "${config.nix-bitcoin.secretsDir}/backup-encryption-env";
       };
 
-      nix-bitcoin.secrets.backup-encryption-env.user = "root";
-    }
-    (mkIf config.services.btcpayserver.enable {
+      systemd.services.duplicity = {
+        wants = postgresqlBackupServices;
+        after = postgresqlBackupServices;
+      };
+
       services.postgresqlBackup = {
-        enable = true;
-        databases = [ "btcpaydb" ];
+        enable = mkIf (cfg.postgresqlDatabases != []) true;
+        databases = cfg.postgresqlDatabases;
       };
-      systemd.services.duplicity = rec {
-        wants = [ "postgresqlBackup-btcpaydb.service" ];
-        after = wants;
-      };
-    })
-  ]);
+
+      nix-bitcoin.secrets.backup-encryption-env.user = "root";
+
+      services.backups.postgresqlDatabases = mkIf config.services.btcpayserver.enable [ "btcpaydb" ];
+    };
 }