Add an option `service.borgbackup.jobs.<name>.wrapper` that allows to
control the name of the installed wrapper script -- or even to disable
its installation at all.
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
These settings are documented here:
https://pgbackrest.org/configuration.html
It's useful to be able to define specific configuration for separate
commands, for example for fixing a failing test in the next update.
The new `\restrict` migitation creates random keys in the dump file by
default, which breaks a before/after test for the backup module. By
making the restrict key reproducible, the test passes again.
Add module support for --stdin-from-command flag, which was added to
restic in https://github.com/restic/restic/pull/4410. I also made a few
very small changes here and there in the nix code to make it look a
little neater in my opinion.
I could potentially add support for the --stdin flag too, but this would
require prepending the restic command with an external command and a
pipe, which seems a bit messy - and the restic documentation says to
prefer --stdin-from-command over --stdin anyway.
I could add an option for --stdin-filename, but I feel that this would
be better for users to do in extraBackupArgs.
This avoids restarting the postgresql server, when only ensureDatabases
or ensureUsers have been changed. It will also allow to properly wait
for recovery to finish later.
To wait for "postgresql is ready" in other services, we now provide a
postgresql.target.
Resolves#400018
Co-authored-by: Marcel <me@m4rc3l.de>
While we're not (fully) supporting the related features, yet, we already
prevent accidental storage of secrets in the store. This will also avoid
breaking changes in the future, when those features are properly
supported.
in the restic rest-server, you can set the file to use in place of
$datadir/.htpasswd with the --htpasswd-file option. However, this was
unusable from the module with extraConfig, due to systemd hardening.
Adding a dedicated option fixes this.
The syncoid module generates systemd services with a `startAt` config
based on its `interval` value. However, it is currently not possible
to completely disable this timer, or set multiple `startAt` values.
By accepting the same types that `systemd.services.<name>.startAt`
accepts, we can disable generating a timer unit or set multiple
`startAt` timers.
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:
nix-build ci -A fmt.check
This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).
This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).
Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).
If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
Instead of assuming the restic executable is at `bin/restic`, use
`lib.getExe` on the restic package. The main motivation for this is
using a security wrapper that has a different name such as
`bin/restic-wrapper`.
NOTE: In rare cases this could be a breaking change. For example if you
are using a wrapper whose executable is at `bin/restic`,
`meta.mainProgram` is not set, _and_ your package name is something
other than `restic`.
See the [discource discussion](https://discourse.nixos.org/t/using-restic-service-with-the-security-wrapper/34547/5) for more details/discussion.
