krebs.backup: use globally configured ssh ports

krebs/3modules/backup.nix

@@ -103,74 +103,63 @@ let
     plan.method == method &&
     config.krebs.build.host.name == plan.${side}.host.name;
 
-  start = plan: pkgs.writeScript "backup.${plan.name}" ''
+  start = plan: let
-    #! ${pkgs.bash}/bin/bash
+    login-name = "root";
-    set -efu
+    identity = local.host.ssh.privkey.path;
-    ${getAttr plan.method {
+    ssh = "ssh -i ${shell.escape identity}";
-      push = ''
+    local = getAttr plan.method {
-        identity=${shell.escape plan.src.host.ssh.privkey.path}
+      push = plan.src // { rsync = src-rsync; };
-        src_path=${shell.escape plan.src.path}
+      pull = plan.dst // { rsync = dst-rsync; };
-        src=$src_path
+    };
-        dst_user=root
+    remote = getAttr plan.method {
-        dst_host=$(${fastest-address plan.dst.host})
+      push = plan.dst // { rsync = dst-rsync; };
-        dst_port=$(${pkgs.get-ssh-port}/bin/get-ssh-port "$dst_host")
+      pull = plan.src // { rsync = src-rsync; };
-        dst_path=${shell.escape plan.dst.path}
+    };
-        dst=$dst_user@$dst_host:$dst_path
+    src-rsync = "rsync";
-        echo "update snapshot: current; $src -> $dst" >&2
+    dst-rsync = concatStringsSep " && " [
-        dst_exec() {
-          exec ssh -F /dev/null \
-              -i "$identity" \
-              -p $dst_port \
-              "$dst_user@$dst_host" \
-              -T "exec$(printf ' %q' "$@")"
-        }
-        rsh="ssh -F /dev/null -i $identity -p $dst_port"
-        local_rsync() {
-          rsync "$@"
-        }
-        remote_rsync=${shell.escape (concatStringsSep " && " [
       "stat ${shell.escape plan.dst.path} >/dev/null"
       "mkdir -m 0700 -p ${shell.escape plan.dst.path}/current"
-          "exec flock -n ${shell.escape plan.dst.path} rsync"
+      "flock -n ${shell.escape plan.dst.path} rsync"
-        ])}
+    ];
+  in pkgs.writeScript "backup.${plan.name}" ''
+    #! ${pkgs.bash}/bin/bash
+    set -efu
+    start_date=$(date +%s)
+    ssh_target=${shell.escape login-name}@$(${fastest-address remote.host})
+    ${getAttr plan.method {
+      push = ''
+        rsync_src=${shell.escape plan.src.path}
+        rsync_dst=$ssh_target:${shell.escape plan.dst.path}
+        echo >&2 "update snapshot current; $rsync_src -> $rsync_dst"
       '';
       pull = ''
-        identity=${shell.escape plan.dst.host.ssh.privkey.path}
+        rsync_src=$ssh_target:${shell.escape plan.src.path}
-        src_user=root
+        rsync_dst=${shell.escape plan.dst.path}
-        src_host=$(${fastest-address plan.src.host})
+        echo >&2 "update snapshot current; $rsync_dst <- $rsync_src"
-        src_port=$(${pkgs.get-ssh-port}/bin/get-ssh-port "$src_host")
-        src_path=${shell.escape plan.src.path}
-        src=$src_user@$src_host:$src_path
-        dst_path=${shell.escape plan.dst.path}
-        dst=$dst_path
-        echo "update snapshot: current; $dst <- $src" >&2
-        dst_exec() {
-          exec "$@"
-        }
-        rsh="ssh -F /dev/null -i $identity -p $src_port"
-        local_rsync() {
-          stat ${shell.escape plan.dst.path} >/dev/null
-          mkdir -m 0700 -p ${shell.escape plan.dst.path}/current
-          flock -n ${shell.escape plan.dst.path} rsync "$@"
-        }
-        remote_rsync=rsync
       '';
     }}
-    start_date=$(date +%s)
+    ${local.rsync} >&2 \
-    local_rsync >&2 \
         -aAXF --delete \
-        --rsh="$rsh" \
+        --rsh=${shell.escape ssh} \
-        --rsync-path="$remote_rsync" \
+        --rsync-path=${shell.escape remote.rsync} \
-        --link-dest="$dst_path/current" \
+        --link-dest=${shell.escape plan.dst.path}/current \
-        "$src/" \
+        "$rsync_src/" \
-        "$dst/.partial"
+        "$rsync_dst/.partial"
+
+    dst_exec() {
+      ${getAttr plan.method {
+        push = ''exec ${ssh} "$ssh_target" -T "exec$(printf ' %q' "$@")"'';
+        pull = ''exec "$@"'';
+      }}
+    }
     dst_exec env \
-        dst_path="$dst_path" \
         start_date="$start_date" \
-        flock -n "$dst_path" \
+        flock -n ${shell.escape plan.dst.path} \
         /bin/sh < ${toFile "backup.${plan.name}.take-snapshots" ''
       set -efu
-      : $dst_path $start_date
+      : $start_date
+
+      dst_path=${shell.escape plan.dst.path}
 
       mv "$dst_path/current" "$dst_path/.previous"
       mv "$dst_path/.partial" "$dst_path/current"

krebs/5pkgs/default.nix

@@ -20,10 +20,6 @@ with config.krebs.lib;
               (filterAttrs (_: dir.has-default-nix)
                            (subdirsOf ./.))
   // {
-    get-ssh-port = callPackage ./get-ssh-port {
-      inherit config;
-    };
-
     haskellPackages = pkgs.haskellPackages.override {
       overrides = self: super:
         mapAttrs (name: path: self.callPackage path {})

krebs/5pkgs/get-ssh-port/default.nix

@@ -1,29 +0,0 @@
-{ config, pkgs, ... }: with config.krebs.lib;
-
-pkgs.writeScriptBin "get-ssh-port" ''
-  #! ${pkgs.dash}/bin/dash
-  set -efu
-  if test $# != 1 || test $1 = -h || test $1 = --help; then
-    echo "usage: get-ssh-port HOSTNAME" >&2
-    exit 23
-  fi
-  case $1 in
-  ${concatMapStringsSep ";;\n"
-    (host: toString [
-      "(${shell.escape host.name})"
-      "echo ${toString host.nets.${config.krebs.search-domain}.ssh.port}"
-    ])
-    (filter (host: hasAttr config.krebs.search-domain host.nets)
-            (attrValues config.krebs.hosts))
-  };;
-  ${concatMapStringsSep ";;\n"
-    (net: toString [
-      "(${concatMapStringsSep "|" shell.escape net.aliases})"
-      "echo ${toString net.ssh.port}"
-    ])
-    (concatMap (host: attrValues host.nets) (attrValues config.krebs.hosts))
-  };;
-  (*) echo "get-ssh-port: don't know ssh port of $1" >&2
-      exit 1
-  esac
-''