services: matrix-conduit: use sqlite .backup command instead of .dump

SQLite documents this [0] as the best way to perform backups on these files [1], so use it. [0] https://www.sqlite.org/backup.html [1] https://www.sqlite.org/howtocorrupt.html#_backup_or_restore_while_a_transaction_is_active Signed-off-by: Christoph Heiss <christoph@c8h4.io>
2024-03-14 22:27:41 +01:00 · 2024-03-14 22:27:41 +01:00 · e36e8d68ce
parent 05f4a4281c
commit e36e8d68ce
1 changed files with 6 additions and 4 deletions
--- a/services/conduit.nix
+++ b/services/conduit.nix
@ -117,17 +117,19 @@ in {
      repository = "${resticCfg.repositoryBase}/${config.networking.hostName}";
      passwordFile = "/var/secrets/restic/repo/${config.networking.hostName}";
      paths = [
-        "/var/backup/matrix-conduit/conduit.sql.zst"
+        "/var/backup/matrix-conduit/conduit.db.zst"
        "/var/lib/matrix-conduit/media"
      ];
      timerConfig.OnCalendar = "*-*-* 4:05:00"; # daily at 04:05
      backupPrepareCommand = ''
        set -euo pipefail
        umask 0077
+        f=$(mktemp)
+
        # consistency is provided by the internal locking of sqlite
-        ${pkgs.sqlite}/bin/sqlite3 /var/lib/matrix-conduit/conduit.db .dump \
-          | ${pkgs.zstd}/bin/zstd --compress -9 \
-          >/var/backup/matrix-conduit/conduit.sql.zst
+        ${pkgs.sqlite}/bin/sqlite3 /var/lib/matrix-conduit/conduit.db ".backup $f"
+        ${pkgs.zstd}/bin/zstd --compress -9 --rm --force \
+          -o /var/backup/matrix-conduit/conduit.db.zst $f
      '';
      backupCleanupCommand = my.mkResticBackupNotificationCmd {
        name = "matrix-conduit";