From 3ec0a2fcb96f5ba4bb2f62751b830d79d2936cd5 Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@qenya.tel>
Date: Sat, 8 Feb 2025 03:04:57 +0000
Subject: [PATCH] orm, elucredassa: prototype backups for actual

---
 hosts/elucredassa/default.nix | 23 +++++++++++++++++++++++
 hosts/orm/default.nix         | 18 ++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/hosts/elucredassa/default.nix b/hosts/elucredassa/default.nix
index 925197e..f80ffa6 100644
--- a/hosts/elucredassa/default.nix
+++ b/hosts/elucredassa/default.nix
@@ -23,6 +23,29 @@ in
   console.keyMap = "uk";
   services.xserver.xkb.layout = "gb";
 
+  # TODO: modularise this
+  randomcat.services.zfs.datasets = {
+    "rpool_elucredassa/backups" = {
+      mountpoint = "none";
+      zfsPermissions.users.syncoid = [ "mount" "create" "receive" "recordsize" ];
+    };
+    "rpool_elucredassa/backups/rpool_orm" = { mountpoint = "none"; };
+  };
+  services.syncoid = {
+    enable = true;
+    interval = "*-*-* *:15:00";
+    commonArgs = [ "--no-sync-snap" ];
+    commands = {
+      "testing1" = {
+        source = "backup@10.127.1.2:rpool_orm/state";
+        target = "rpool_elucredassa/backups/rpool_orm/state";
+        recursive = true;
+        recvOptions = "ux recordsize o compression=lz4";
+        extraArgs = [ "--debug" ];
+      };
+    };
+  };
+
   qenya.services.distributed-builds = {
     enable = true;
     keyFile = "/etc/ssh/ssh_host_ed25519_key";
diff --git a/hosts/orm/default.nix b/hosts/orm/default.nix
index 30f0d69..03472bf 100644
--- a/hosts/orm/default.nix
+++ b/hosts/orm/default.nix
@@ -30,6 +30,24 @@
     useTemplate = [ "production" ];
     recursive = "zfs";
   };
+  
+  # TODO: modularise this
+  randomcat.services.zfs.datasets."rpool_orm/state".zfsPermissions.users.backup = [ "hold" "send" ];
+  users.users.backup = {
+    group = "backup";
+    isSystemUser = true;
+    useDefaultShell = true;
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFa3hjej6KGmS2aQ4s46Y7U8pN4yyR2FuMofpHRwXNk syncoid@elucredassa"
+    ];
+
+    # syncoid uses these if available but doesn't pull them in automatically
+    packages = with pkgs; [
+      pkgs.mbuffer
+      pkgs.lzop
+    ];
+  };
+  users.groups.backup = { };
 
   qenya.services.actual = {
     enable = true;