4 files changed, 89 insertions, 57 deletions

diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index f891498c2..40f18336e 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -1,11 +1,10 @@
 _:
 {
   imports = [
-    ./xresources.nix
     ./folderPerms.nix
-    ./per-user.nix
+    ./mysql-backup.nix
     ./urxvtd.nix
-    ./xresources.nix
     ./wordpress_nginx.nix
+    ./xresources.nix
   ];
 }
diff --git a/lass/3modules/mysql-backup.nix b/lass/3modules/mysql-backup.nix
new file mode 100644
index 000000000..d2ae67171
--- /dev/null
+++ b/lass/3modules/mysql-backup.nix
@@ -0,0 +1,86 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+  cfg = config.lass.mysqlBackup;
+
+  out = {
+    options.lass.mysqlBackup = api;
+    config = mkIf cfg.enable imp;
+  };
+
+  api = {
+    enable = mkEnableOption "mysqlBackup";
+    config = mkOption {
+      type = with types; attrsOf (submodule ({ config, ... }: {
+        options = {
+          name = mkOption {
+            type = types.str;
+            default = config._module.args.name;
+          };
+          startAt = mkOption {
+            type = with types; nullOr str; # TODO systemd.time(7)'s calendar event
+            default = "*-*-* 01:15:00";
+          };
+          user = mkOption {
+            type = str;
+            default = "root";
+          };
+          password = mkOption {
+            type = nullOr str;
+            default = null;
+            description = ''
+              path to a file containing the mysqlPassword for the specified user.
+            '';
+          };
+          databases = mkOption {
+            type = listOf str;
+            default = [];
+          };
+          location = mkOption {
+            type = str;
+            default = "/bku/sql_dumps";
+          };
+        };
+      }));
+      description = "configuration for mysqlBackup";
+    };
+  };
+
+  imp = {
+
+    #systemd.timers =
+    #  mapAttrs (_: plan: {
+    #  wantedBy = [ "timers.target" ];
+    #  timerConfig = plan.timerConfig;
+    #}) cfg.config;
+
+    systemd.services =
+      mapAttrs' (_: plan: nameValuePair "mysqlBackup-${plan.name}" {
+        path = with pkgs; [
+          mysql
+          gzip
+        ];
+        serviceConfig = rec {
+          ExecStart = start plan;
+          SyslogIdentifier = ExecStart.name;
+          Type = "oneshot";
+          User = plan.user;
+        };
+        startAt = plan.startAt;
+      }) cfg.config;
+  };
+
+
+  start = plan: let
+    backupScript = plan: db:
+      "mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz";
+
+  in pkgs.pkgs.writeDash "mysqlBackup.${plan.name}" ''
+    ${concatMapStringsSep "\n" (backupScript plan) plan.databases}
+  '';
+
+
+in out
diff --git a/lass/3modules/per-user.nix b/lass/3modules/per-user.nix
deleted file mode 100644
index f8d357ce2..000000000
--- a/lass/3modules/per-user.nix
+++ /dev/null
@@ -1,53 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with config.krebs.lib;
-let
-  cfg = config.lass.per-user;
-
-  out = {
-    options.lass.per-user = api;
-    config = imp;
-  };
-
-  api = mkOption {
-    type = with types; attrsOf (submodule {
-      options = {
-        packages = mkOption {
-          type = listOf path;
-          default = [];
-        };
-      };
-    });
-    default = {};
-  };
-
-  imp = {
-    #
-    # TODO only shellInit and use well-known paths
-    #
-    environment.shellInit = ''
-      if test -e ${user-profiles}/"$LOGNAME"; then
-        . ${user-profiles}/"$LOGNAME"
-      fi
-    '';
-    environment.interactiveShellInit = ''
-      if test -e ${user-profiles}/"$LOGNAME"; then
-        . ${user-profiles}/"$LOGNAME"
-      fi
-    '';
-    environment.profileRelativeEnvVars.PATH = mkForce [ "/bin" ];
-  };
-
-  user-profiles = pkgs.runCommand "user-profiles" {} ''
-    mkdir $out
-    ${concatStrings (mapAttrsToList (logname: { packages, ... }: ''
-      cat > $out/${logname} <<\EOF
-      ${optionalString (length packages > 0) (
-        let path = makeSearchPath "bin" packages; in
-        ''export PATH="$PATH":${escapeShellArg path}''
-      )}
-      EOF
-    '') cfg)}
-  '';
-
-in out
diff --git a/lass/3modules/static_nginx.nix b/lass/3modules/static_nginx.nix
index 6e87e9853..6b5d19615 100644
--- a/lass/3modules/static_nginx.nix
+++ b/lass/3modules/static_nginx.nix
@@ -54,7 +54,7 @@ let
   user = config.services.nginx.user;
   group = config.services.nginx.group;
 
-  external-ip = head config.krebs.build.host.nets.internet.addrs4;
+  external-ip = config.krebs.build.host.nets.internet.ip4.addr;
 
   imp = {
     krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ssl, ... }: {