This provides an easy way to specify exclude patterns in config. It was
already possible via extraBackupOptions; this change creates a simpler,
similar to other backup services, way to specify them.
makes sure that program listing tags are separated from their contents
by exactly a newline character. this makes the markdown translation
easier to verify (since no new newlines need to be inserted), and
there's no rendering difference anyway.
Invoke `install` separately for each directory to get ownership right --
i.e. not always owned by root. When owned by root, user sessions break
as no user processes are allowed to create directores there. On normal
systems the directories already exist, but in clean environments / NixOS
test VMs, the bug shows.
Before:
$ namei -l /home/user1/.cache/borg
f: /home/user1/.cache/borg
drwxr-xr-x root root /
drwxr-xr-x root root home
drwx------ user1 users user1
drwxr-xr-x root root .cache
drwxr-xr-x user1 users borg
After:
$ namei -l /home/user1/.cache/borg
f: /home/user1/.cache/borg
drwxr-xr-x root root /
drwxr-xr-x root root home
drwx------ user1 users user1
drwxr-xr-x user1 users .cache
drwxr-xr-x user1 users borg
Adds a new option for backup jobs `inhibitsSleep` which prevents
the system from going to sleep while a backup is in progress.
Uses `systemd-inhibit`, which holds a "lock" that prevents the
system from sleeping while the process it invokes is running.
This did require wrapping the existing backup script using
`writeShellScript` so that it could be run by `systemd-inhibit`.
Configures the `--cache-dir` parameter for the prune and check commands run after backing up. For `check`, also adds a `checkOpts` flag to enable using the cache, since that is disabled by default.
conversions were done using https://github.com/pennae/nix-doc-munge
using (probably) rev f34e145 running
nix-doc-munge nixos/**/*.nix
nix-doc-munge --import nixos/**/*.nix
the tool ensures that only changes that could affect the generated
manual *but don't* are committed, other changes require manual review
and are discarded.
this mostly means marking options that use markdown already
appropriately and making a few adjustments so they still render
correctly. notable for nftables we have to transform the md links
because the manpage would not render them correctly otherwise.
now nix-doc-munge will not introduce whitespace changes when it replaces
manpage references with the MD equivalent.
no change to the manpage, changes to the HTML manual are whitespace only.
make (almost) all links appear on only a single line, with no
unnecessary whitespace, using double quotes for attributes. this lets us
automatically convert them to markdown easily.
the few remaining links are extremely long link in a gnome module, we'll
come back to those at a later date.
we can't embed syntactic annotations of this kind in markdown code
blocks without yet another extension. replaceable is rare enough to make
this not much worth it, so we'll go with «thing» instead. the module
system already uses this format for its placeholder names in attrsOf
paths.
the conversion procedure is simple:
- find all things that look like options, ie calls to either `mkOption`
or `lib.mkOption` that take an attrset. remember the attrset as the
option
- for all options, find a `description` attribute who's value is not a
call to `mdDoc` or `lib.mdDoc`
- textually convert the entire value of the attribute to MD with a few
simple regexes (the set from mdize-module.sh)
- if the change produced a change in the manual output, discard
- if the change kept the manual unchanged, add some text to the
description to make sure we've actually found an option. if the
manual changes this time, keep the converted description
this procedure converts 80% of nixos options to markdown. around 2000
options remain to be inspected, but most of those fail the "does not
change the manual output check": currently the MD conversion process
does not faithfully convert docbook tags like <code> and <package>, so
any option using such tags will not be converted at all.
That way the `backupCleanupCommand` can also run when the backup service
failed for some reason.
Fixes: #182089.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Transform exit handlers of the form
trap cleanup EXIT [INT] [TERM] [QUIT] [HUP] [ERR]
(where cleanup is idempotent)
to
trap cleanup EXIT
This fixes a common bash antipattern.
Each of the above signals causes the script to exit. For each signal,
bash first handles the signal by running `cleanup` and then runs
`cleanup` again when handling EXIT.
(Exception: `vscode/*` prevents the second run of `cleanup` by removing
the trap in cleanup`).
Simplify the cleanup logic by just trapping exit, which is always run
when the script exits due to any of the above signals.
Note: In case of borgbackup, the exit handler is not idempotent, but just
trapping EXIT guarantees that it's only run once.
The backupPrepareCommand and backupCleanupCommand options offer a way to
run a script to prepare for backup and then cleanup it once finish.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
