diff --git a/modules/backups.nix b/modules/backups.nix index 4915067..3c39871 100644 --- a/modules/backups.nix +++ b/modules/backups.nix @@ -20,6 +20,7 @@ let ${config.services.btcpayserver.dataDir} ${config.services.joinmarket.dataDir} /secrets/jm-wallet-seed + ${config.services.postgresqlBackup.location}/btcpaydb.sql.gz /var/lib/tor # Extra files ${cfg.extraFiles} @@ -69,8 +70,8 @@ in { }; }; - config = mkMerge [ - (mkIf (cfg.enable && cfg.program == "duplicity") { + config = mkIf (cfg.enable && cfg.program == "duplicity") (mkMerge [ + { environment.systemPackages = [ pkgs.duplicity ]; services.duplicity = { @@ -85,7 +86,17 @@ in { }; nix-bitcoin.secrets.backup-encryption-env.user = "root"; - + } + (mkIf config.services.btcpayserver.enable { + services.postgresqlBackup = { + enable = true; + databases = [ "btcpaydb" ]; + startAt = []; + }; + systemd.services.duplicity = rec { + wants = [ "postgresqlBackup-btcpaydb.service" ]; + after = wants; + }; }) - ]; + ]); } diff --git a/test/base.py b/test/base.py index b7db2ae..85c5096 100644 --- a/test/base.py +++ b/test/base.py @@ -166,6 +166,10 @@ def run_tests(extra_tests): "export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'", "var/lib/bitcoind/wallet.dat", ) + assert_matches( + "export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'", + "var/backup/postgresql/btcpaydb.sql.gz", + ) ### Check that all extra_tests have been run assert len(extra_tests) == 0 diff --git a/test/test.nix b/test/test.nix index 23a6c26..0533b92 100644 --- a/test/test.nix +++ b/test/test.nix @@ -19,6 +19,9 @@ import ./make-test.nix rec { # hardened ]; + # needed because duplicity requires 270 MB of free temp space, regardless of backup size. + virtualisation.diskSize = 1024; + nix-bitcoin.netns-isolation.enable = (scenario == "withnetns"); services.bitcoind.extraConfig = mkForce "connect=0";