|
8 | 8 | cfg = config.services.hashi-snapshots; |
9 | 9 |
|
10 | 10 | inherit (lib) boolToString listToAttrs mkEnableOption mkIf mkMerge mkOption nameValuePair toUpper; |
11 | | - inherit (lib.types) addCheck attrs bool enum int str submodule; |
| 11 | + inherit (lib.types) attrs bool enum int ints nonEmptyStr str submodule; |
12 | 12 |
|
13 | 13 | snapshotJobConfig = submodule { |
14 | 14 | options = { |
|
21 | 21 | }; |
22 | 22 |
|
23 | 23 | backupCount = mkOption { |
24 | | - type = addCheck int (x: x >= 0); |
| 24 | + type = ints.unsigned; |
25 | 25 | default = null; |
26 | 26 | description = '' |
27 | 27 | The number of snapshots to keep. A sensible value matched to the onCalendar |
|
47 | 47 | }; |
48 | 48 |
|
49 | 49 | backupSuffix = mkOption { |
50 | | - type = addCheck str (x: x != ""); |
| 50 | + type = nonEmptyStr; |
51 | 51 | default = null; |
52 | 52 | description = '' |
53 | 53 | Sets the saved snapshot filename with a descriptive suffix prior to the file |
|
100 | 100 | }; |
101 | 101 |
|
102 | 102 | interval = mkOption { |
103 | | - type = addCheck str (x: x != ""); |
| 103 | + type = nonEmptyStr; |
104 | 104 | default = null; |
105 | 105 | description = '' |
106 | 106 | The default onCalendar systemd timer string to trigger snapshot backups. |
|
114 | 114 | }; |
115 | 115 |
|
116 | 116 | randomizedDelaySec = mkOption { |
117 | | - type = addCheck int (x: x >= 0); |
| 117 | + type = ints.unsigned; |
118 | 118 | default = 0; |
119 | 119 | description = '' |
120 | 120 | A randomization period to be added to each systemd timer to avoid |
|
251 | 251 | snapshotCmd = ''nomad operator snapshot save "$SNAP_NAME"''; |
252 | 252 | envPrep = '' |
253 | 253 | set +x |
254 | | - NOMAD_TOKEN="$(< ${hashiTokens.nomad-snapshot})" |
| 254 | + NOMAD_TOKEN=$(< ${hashiTokens.nomad-snapshot}) |
255 | 255 | export NOMAD_TOKEN |
256 | 256 | set -x |
257 | 257 |
|
258 | | - STATUS="$(nomad agent-info --json)" |
| 258 | + STATUS=$(nomad agent-info --json) |
259 | 259 | ''; |
260 | 260 | roleCmd = ''jq -e '(.stats.nomad.leader // "false") == "true"' <<< "$STATUS"''; |
261 | 261 | }; |
|
268 | 268 | snapshotCmd = ''vault operator raft snapshot save "$SNAP_NAME"''; |
269 | 269 | envPrep = '' |
270 | 270 | set +x |
271 | | - VAULT_TOKEN="$(< ${hashiTokens.vault})" |
| 271 | + VAULT_TOKEN=$(< ${hashiTokens.vault}) |
272 | 272 | export VAULT_TOKEN |
273 | 273 | set -x |
274 | 274 |
|
275 | | - STATUS="$(vault status)" |
| 275 | + STATUS=$(vault status) |
276 | 276 |
|
277 | 277 | if jq -e '.storage_type != "raft"' <<< "$STATUS"; then |
278 | 278 | echo "Vault storage backend is not raft." |
|
0 commit comments