home: add backblaze module (#38)

* home: add basic backblaze module * home/backblaze: add keyFile and KeyIdFile options * home/backblaze: handle secrets at home activation * home/backblaze: activate *after* systemd for agenix secrets * home/baxkblaze: fix spelling error in hm.dag.entryAfter * home/backblaze: improve docs * mauville/home: remove b2 authentication step * home/backblaze: avoid unbound XDG_RUNTIME_DIR * fix fmt
2024-11-22 08:33:55 -05:00 · 2024-07-16 12:44:50 -04:00 · 2024-07-16 12:44:50 -04:00 · cd90c68f8c
parent 67d0f7f6ac
commit cd90c68f8c
5 changed files with 51 additions and 14 deletions
--- a/homeManagerModules/apps/backblaze/default.nix
+++ b/homeManagerModules/apps/backblaze/default.nix
@ -0,0 +1,24 @@
 {
  pkgs,
  lib,
  config,
  ...
 }: let
  cfg = config.ar.home.apps.backblaze;
 in {
  config = lib.mkIf cfg.enable {
    home = {
      activation.backblazeAuthentication = lib.hm.dag.entryAfter ["reloadSystemd"] ''
        ${
          if ((cfg.keyIdFile != null) && (cfg.keyFile != null))
          then ''
            XDG_RUNTIME_DIR=''${XDG_RUNTIME_DIR:-/run/user/$(id -u)}
            run --quiet ${lib.getExe pkgs.backblaze-b2} authorize_account `${lib.getExe' pkgs.coreutils "cat"} ${cfg.keyIdFile}` `${lib.getExe' pkgs.coreutils "cat"} ${cfg.keyFile}`''
          else ''run echo "backblaze: Missing keyIDfile and keyFile."''
        }
      '';
      packages = with pkgs; [backblaze-b2];
    };
  };
 }
--- a/homeManagerModules/apps/default.nix
+++ b/homeManagerModules/apps/default.nix
@ -6,6 +6,7 @@
 }: {
  imports = [
    ./alacritty
    ./backblaze
    ./bash
    ./chromium
    ./emacs
--- a/homeManagerModules/options.nix
+++ b/homeManagerModules/options.nix
@ -10,6 +10,23 @@ in {
  options.ar.home = {
    apps = {
      alacritty.enable = lib.mkEnableOption "Alacritty terminal.";
      backblaze = {
        enable = lib.mkEnableOption "Backblaze-b2 client with declarative authentication.";
        keyIdFile = lib.mkOption {
          description = "Backblaze key ID.";
          default = null;
          type = lib.types.nullOr lib.types.str;
        };
        keyFile = lib.mkOption {
          description = "Backblaze application key.";
          default = null;
          type = lib.types.nullOr lib.types.str;
        };
      };
      bash.enable = lib.mkEnableOption "Bash defaults.";
      chromium = {
--- a/homes/aly/default.nix
+++ b/homes/aly/default.nix
@ -31,7 +31,6 @@ in {
    };
    packages = [
      pkgs.backblaze-b2
      pkgs.browsh
      pkgs.curl
      pkgs.fractal
@ -84,6 +83,13 @@ in {
  ar.home = {
    apps = {
      alacritty.enable = true;
      backblaze = {
        enable = true;
        keyIdFile = config.age.secrets.backblazeKeyId.path;
        keyFile = config.age.secrets.backblazeKey.path;
      };
      bash.enable = true;
      chromium.enable = true;
      emacs.enable = true;
--- a/hosts/mauville/home.nix
+++ b/hosts/mauville/home.nix
@ -17,12 +17,7 @@
      }
    ];
-    users.aly = lib.mkForce ({
+    users.aly = lib.mkForce {
      config,
      pkgs,
      lib,
      ...
    }: {
      imports = [self.homeManagerModules.aly];
      systemd.user = {
@ -30,12 +25,6 @@
          Unit.Description = "Backup to Backblaze.";
          Service.ExecStart = "${pkgs.writeShellScript "backblaze-sync" ''
            # Authenticate with backblaze.
            b2KeyId=`cat ${config.age.secrets.backblazeKeyId.path}`
            b2Key=`cat ${config.age.secrets.backblazeKey.path}`
            ${lib.getExe pkgs.backblaze-b2} authorize_account $b2KeyId $b2Key
            declare -A backups
            backups=(
              ['/home/aly/pics/camera']="b2://aly-camera"
@ -63,6 +52,6 @@
          Unit.Description = "Daily backups to Backblaze.";
        };
      };
-    });
+    };
  };
 }