{ config, lib, pkgs, ... }: with lib; let cfgs = config.services.podman-mariadb; conf = import ./vars.nix; in { options = { services.podman-mariadb = mkOption { description = mdDoc "Configure a single database mariadb instance running in podman."; default = {}; type = types.attrsOf (types.submodule ({ config, ... }: { options = let name = config._module.args.name; in { enable = mkEnableOption (mdDoc "podman-mariadb"); image = mkOption { description = mdDoc "The mariadb image to use."; type = types.str; default = "docker.io/library/mariadb:latest"; example = "docker.io/library/mariadb:lts"; }; database = mkOption { description = "The name of the database to be created."; type = types.str; default = name; }; user = mkOption { description = "The owner of the database."; type = types.str; default = name; }; passwordFile = mkOption { description = "The password file for the database user."; type = types.path; }; port = mkOption { description = "The port to serve mariadb on the host."; type = types.int; example = 33060; }; backupPath = mkOption { description = "The path to backup the database to."; type = types.str; default = "/var/backup/mariadb"; }; backupInterval = mkOption { description = "The interval to backup the database"; type = types.str; default = "hourly"; example = "daily"; }; backupRetention = mkOption { description = "The amount of backups to keep."; type = types.int; default = 28; example = "2"; }; }; })); }; }; config = mkIf (any (cfg: cfg.enable) (attrValues cfgs)) { virtualisation.oci-containers.containers = mkMerge (mapAttrsToList (_: cfg: { "mariadb-${cfg.database}" = { image = cfg.image; ports = [ "${(toString cfg.port)}:3306" ]; environment = { TZ = "Europe/Berlin"; MARIADB_USER = cfg.user; MARIADB_DATABASE = cfg.database; MARIADB_PASSWORD_FILE = cfg.passwordFile; MARIADB_RANDOM_ROOT_PASSWORD = "true"; MARIADB_AUTO_UPGRADE = "true"; }; volumes = [ "/var/lib/mariadb/${cfg.database}:/var/lib/mysql" "${cfg.passwordFile}:${cfg.passwordFile}" ]; extraOptions = conf.podman.extraOptions; #extraOptions = conf.podman.extraOptions ++ [ # "--health-cmd=pg_isready -d ${cfg.database} -U ${cfg.user}" # "--health-start-period=10s" #]; }; }) cfgs); system.activationScripts = mkMerge (mapAttrsToList (_: cfg: { "makeMariaDB${cfg.database}Dirs" = lib.stringAfter [ "var" ] '' mkdir -p "/var/lib/mariadb/${cfg.database}" "${cfg.backupPath}/${cfg.database}" ''; }) cfgs); systemd = mkMerge (mapAttrsToList (_: cfg: { services."podman-mariadb-${cfg.database}-backup" = { description = "Backup of ${cfg.database} database"; requisite = [ "podman-mariadb-${cfg.database}.service" ]; serviceConfig = { ExecStart = let retention = (toString cfg.backupRetention); in ''${pkgs.bash}/bin/bash -c "${pkgs.podman}/bin/podman exec mariadb-${cfg.database} /bin/bash -c 'MYSQL_PWD=$(cat $MARIADB_PASSWORD_FILE) mariadb-dump --all-databases -u${cfg.database}' | ${pkgs.zstd}/bin/zstd -o ${cfg.backupPath}/${cfg.database}/$(${pkgs.coreutils}/bin/date +%%F_%%R).sql.zst && find ${cfg.backupPath}/${cfg.database} -type f | sort | head -n -${retention} | xargs rm -v" '' ; Type = "oneshot"; }; }; timers."podman-mariadb-${cfg.database}-backup" = { timerConfig = { OnCalendar = cfg.backupInterval; }; wantedBy = [ "podman-mariadb-${cfg.database}.service" ]; }; }) cfgs); }; } # vim: set et ts=2 sw=2 ai: