nixos/borgbackup: Add option wrapper

Add an option `service.borgbackup.jobs.<name>.wrapper` that allows to
control the name of the installed wrapper script -- or even to disable
its installation at all.

Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>

nixos/modules/services/backup/borgbackup.nix

@@ -216,17 +216,18 @@ let
         ''
       );
 
+  # Returns a singleton list, due to usage of lib.optional
   mkBorgWrapper =
     name: cfg:
-    mkWrapperDrv {
+    lib.optional (cfg.wrapper != "" && cfg.wrapper != null) (mkWrapperDrv {
       original = lib.getExe config.services.borgbackup.package;
-      name = "borg-job-${name}";
+      name = cfg.wrapper;
       set = {
         BORG_REPO = cfg.repo;
       }
       // (mkPassEnv cfg)
       // cfg.environment;
-    };
+    });
 
   # Paths listed in ReadWritePaths must exist before service is started
   mkTmpfiles =
@@ -488,6 +489,16 @@ in
               default = "root";
             };
 
+            wrapper = lib.mkOption {
+              type = with lib.types; nullOr str;
+              description = ''
+                Name of the wrapper that is installed into {env}`PATH`.
+                Set to `null` or `""` to disable it altogether.
+              '';
+              default = "borg-job-${name}";
+              defaultText = "borg-job-<name>";
+            };
+
             encryption.mode = lib.mkOption {
               type = lib.types.enum [
                 "repokey"
@@ -898,7 +909,7 @@ in
       environment.systemPackages = [
         config.services.borgbackup.package
       ]
-      ++ (lib.mapAttrsToList mkBorgWrapper jobs);
+      ++ (lib.flatten (lib.mapAttrsToList mkBorgWrapper jobs));
     }
   );
 }

nixos/tests/borgbackup.nix

@@ -79,6 +79,8 @@ in
               "--exclude-if-present"
               ".dont backup"
             ];
+
+            wrapper = "borg-main";
             postHook = "echo post";
             startAt = [ ]; # Do not run automatically
           };
@@ -87,6 +89,7 @@ in
             paths = dataDir;
             repo = localRepoMount;
             encryption.mode = "none";
+            wrapper = null;
             startAt = [ ];
           };
 
@@ -211,6 +214,9 @@ in
             "cat /mnt/borg/${dataDir}/${keepFile}"
         )
 
+        # Make sure custom wrapper name works
+        client.succeed("command -v borg-main")
+
     with subtest("localMount"):
         # the file system for the repo should not be already mounted
         client.fail("mount | grep ${localRepoMount}")
@@ -222,6 +228,9 @@ in
         # Make sure exactly one archive has been created
         assert int(client.succeed("{} list '${localRepoMount}' | wc -l".format(borg))) > 0
 
+        # Make sure disabling wrapper works
+        client.fail("command -v borg-job-localMount")
+
     with subtest("remote"):
         borg = "BORG_RSH='ssh -oStrictHostKeyChecking=no -i /root/id_ed25519' borg"
         server.wait_for_unit("sshd.service")
@@ -232,6 +241,9 @@ in
         # Make sure we can't access repos other than the specified one
         client.fail("{} list borg\@server:wrong".format(borg))
 
+        # Make sure default wrapper works
+        client.succeed("command -v borg-job-remote")
+
         # TODO: Make sure that data is actually deleted
 
     with subtest("remoteAppendOnly"):