From e6989963c7e92836df9f98bd278fcd8a8d0a5334 Mon Sep 17 00:00:00 2001
From: SebastianStork <sebastian.stork@pm.me>
Date: Sat, 7 Jun 2025 15:12:21 +0200
Subject: [PATCH] Automate restic restore command creation

---
 .../system/services/actualbudget/backups.nix  | 20 +------
 modules/system/services/forgejo/backups.nix   | 20 +------
 modules/system/services/hedgedoc/backups.nix  | 20 +------
 modules/system/services/nextcloud/backups.nix | 27 +++------
 .../services/restic-backups/restore.nix       | 58 +++++++++++++++++++
 modules/system/services/syncthing/backups.nix | 20 +------
 6 files changed, 70 insertions(+), 95 deletions(-)
 create mode 100644 modules/system/services/restic-backups/restore.nix

diff --git a/modules/system/services/actualbudget/backups.nix b/modules/system/services/actualbudget/backups.nix
index 6f8be0f..7dee40d 100644
--- a/modules/system/services/actualbudget/backups.nix
+++ b/modules/system/services/actualbudget/backups.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, lib, ... }:
 let
   user = config.users.users.actual.name;
 in
@@ -16,18 +11,5 @@ in
       dependentService = "actual.service";
       extraConfig.paths = [ config.services.actual.settings.dataDir ];
     };
-
-    environment.systemPackages = [
-      (pkgs.writeShellApplication {
-        name = "actual-restore";
-        text = ''
-          sudo --user=${user} bash -c "
-            systemctl stop actual.service
-            restic-actual restore latest --target /
-            systemctl start actual.service
-          "
-        '';
-      })
-    ];
   };
 }
diff --git a/modules/system/services/forgejo/backups.nix b/modules/system/services/forgejo/backups.nix
index 846ff88..a979b6b 100644
--- a/modules/system/services/forgejo/backups.nix
+++ b/modules/system/services/forgejo/backups.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, lib, ... }:
 let
   user = config.users.users.forgejo.name;
 in
@@ -16,18 +11,5 @@ in
       dependentService = "forgejo.service";
       extraConfig.paths = [ config.services.forgejo.stateDir ];
     };
-
-    environment.systemPackages = [
-      (pkgs.writeShellApplication {
-        name = "forgejo-restore";
-        text = ''
-          sudo --user=${user} bash -c "
-            systemctl stop forgejo.service
-            restic-forgejo restore latest --target /
-            systemctl start forgejo.service
-          "
-        '';
-      })
-    ];
   };
 }
diff --git a/modules/system/services/hedgedoc/backups.nix b/modules/system/services/hedgedoc/backups.nix
index 1de77e0..b8f1ea2 100644
--- a/modules/system/services/hedgedoc/backups.nix
+++ b/modules/system/services/hedgedoc/backups.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, lib, ... }:
 let
   user = config.users.users.hedgedoc.name;
 in
@@ -19,18 +14,5 @@ in
         db.storage
       ];
     };
-
-    environment.systemPackages = [
-      (pkgs.writeShellApplication {
-        name = "hedgedoc-restore";
-        text = ''
-          sudo --user=${user} bash -c "
-            systemctl stop hedgedoc.service
-            restic-hedgedoc restore latest --target /
-            systemctl start hedgedoc.service
-          "
-        '';
-      })
-    ];
   };
 }
diff --git a/modules/system/services/nextcloud/backups.nix b/modules/system/services/nextcloud/backups.nix
index 967d318..ba10269 100644
--- a/modules/system/services/nextcloud/backups.nix
+++ b/modules/system/services/nextcloud/backups.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, lib, ... }:
 let
   cfg = config.custom.services.nextcloud;
 
@@ -28,20 +23,14 @@ in
           "${dataDir}/db.dump"
         ];
       };
-    };
 
-    environment.systemPackages = [
-      (pkgs.writeShellApplication {
-        name = "nextcloud-restore";
-        text = ''
-          sudo --user=${user} bash -c "
-            ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --on
-            restic-nextcloud restore latest --target /
-            pg_restore --clean --if-exists --dbname nextcloud ${dataDir}/db.dump
-            ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --off
-          "
+      restoreCommand = {
+        preRestore = "${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --on";
+        postRestore = ''
+          pg_restore --clean --if-exists --dbname nextcloud ${dataDir}/db.dump
+          ${lib.getExe' config.services.nextcloud.occ "nextcloud-occ"} maintenance:mode --off
         '';
-      })
-    ];
+      };
+    };
   };
 }
diff --git a/modules/system/services/restic-backups/restore.nix b/modules/system/services/restic-backups/restore.nix
new file mode 100644
index 0000000..4574628
--- /dev/null
+++ b/modules/system/services/restic-backups/restore.nix
@@ -0,0 +1,58 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+let
+  backupsWithRestoreCommand =
+    config.custom.services.resticBackups
+    |> lib.filterAttrs (_: value: value.enable)
+    |> lib.filterAttrs (_: value: value.restoreCommand.enable);
+in
+{
+  options.custom.services.resticBackups = lib.mkOption {
+    type = lib.types.attrsOf (
+      lib.types.submodule {
+        options.restoreCommand = {
+          enable = lib.mkEnableOption "" // {
+            default = true;
+          };
+          preRestore = lib.mkOption {
+            type = lib.types.str;
+            default = "";
+          };
+          postRestore = lib.mkOption {
+            type = lib.types.str;
+            default = "";
+          };
+        };
+      }
+    );
+  };
+
+  config = {
+    environment.systemPackages =
+      backupsWithRestoreCommand
+      |> lib.mapAttrsToList (
+        name: value:
+        pkgs.writeShellApplication {
+          name = "restic-restore-${name}";
+          text =
+            let
+              inherit (value) dependentService;
+              hasDependentService = dependentService != null;
+            in
+            ''
+              ${lib.optionalString hasDependentService "sudo systemctl stop ${dependentService}"}
+              sudo --user=${value.user} bash -c "
+                ${value.restoreCommand.preRestore}
+                restic-nextcloud restore latest --target /
+                ${value.restoreCommand.postRestore}
+              "
+              ${lib.optionalString hasDependentService "sudo systemctl start ${dependentService}"}
+            '';
+        }
+      );
+  };
+}
diff --git a/modules/system/services/syncthing/backups.nix b/modules/system/services/syncthing/backups.nix
index 4148f82..68a490d 100644
--- a/modules/system/services/syncthing/backups.nix
+++ b/modules/system/services/syncthing/backups.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, lib, ... }:
 let
   cfg = config.custom.services.syncthing;
 
@@ -25,18 +20,5 @@ in
       dependentService = "syncthing.service";
       extraConfig.paths = [ config.services.syncthing.dataDir ];
     };
-
-    environment.systemPackages = [
-      (pkgs.writeShellApplication {
-        name = "syncthing-restore";
-        text = ''
-          sudo --user=${user} bash -c "
-            systemctl stop syncthing.service
-            restic-syncthing restore latest --target /
-            systemctl start syncthing.service
-          "
-        '';
-      })
-    ];
   };
 }