feat(nix): add tmux-backup module for Google Drive sync

[shunkakinoki]

Summary

• Adds modules.tmux-backup home-manager module (pattern follows modules.tailscale)
• Periodically syncs ~/.local/share/tmux/ to gdrive:tmux-logs/ via rclone
• Darwin: launchd.agents.tmux-backup with StartInterval = 3600 (hourly)
• Linux: systemd.user.services.tmux-backup (oneshot) + systemd.user.timers.tmux-backup (hourly)
• Configurable remote, remotePath, localPath options (defaults to gdrive:tmux-logs)
• Enabled on galactica (Darwin) and kyber (Linux) hosts

Test plan

• home-manager switch completes without errors on Darwin and Linux
• Darwin: launchctl list | grep tmux-backup shows agent loaded
• Linux: systemctl --user status tmux-backup.{service,timer} shows active
• Manual test: run backup script, verify rclone ls gdrive:tmux-logs/ shows files

🤖 Generated with Claude Code

---

Summary by cubic

Adds a tmux-backup Home Manager module that syncs ~/.local/share/tmux to Google Drive via rclone on an hourly schedule. Enabled on galactica (macOS) and kyber (Linux).

• New Features

  • modules.tmux-backup: rclone sync of tmux logs to a remote (default gdrive:tmux-logs).
  • macOS: launchd agent runs hourly (StartInterval=3600).
  • Linux: systemd user oneshot service + hourly timer.
  • Options: remote, remotePath, localPath.

• Migration

  • Ensure an rclone remote for Google Drive exists (default name: gdrive); override via module options.
  • Enable with modules.tmux-backup.enable = true and run home-manager switch.

^{Written for commit df176ad. Summary will update on new commits.}

[mesa-dot-dev]

You do not have enough credits to review this pull request. Please purchase more credits to continue.

[coderabbitai]

Warning

Rate limit exceeded

@shunkakinoki has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 16 minutes and 59 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 8b14b66 and df176ad.

📒 Files selected for processing (4)

• home-manager/modules/default.nix
• home-manager/modules/tmux-backup/default.nix
• named-hosts/galactica/default.nix
• named-hosts/kyber/default.nix

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/tmux-backup

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @shunkakinoki, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new Home Manager module designed to automate the backup of tmux session logs to Google Drive. It establishes a robust, platform-agnostic solution for data persistence by leveraging rclone for synchronization and integrating with native scheduling mechanisms like launchd on Darwin and systemd on Linux. The module is configurable and has been activated on key development environments, ensuring critical session data is regularly archived.

Highlights

• New Home Manager Module: Introduced a new modules.tmux-backup Home Manager module, following the pattern of existing modules like tailscale.
• Automated Backup: Implemented periodic synchronization of ~/.local/share/tmux/ (tmux session logs) to gdrive:tmux-logs/ using rclone.
• Platform-Specific Scheduling: Configured launchd.agents.tmux-backup for Darwin systems with an hourly StartInterval and systemd.user.services.tmux-backup along with systemd.user.timers.tmux-backup for Linux, also set to run hourly.
• Configurable Options: Provided configurable options for remote, remotePath, and localPath to allow customization of the backup destination and source.
• Host Activation: Enabled the tmux-backup module on specific hosts: galactica (Darwin) and kyber (Linux).

Changelog

• home-manager/modules/default.nix
  • Added tmux-backup to the list of imported modules.
• home-manager/modules/tmux-backup/default.nix
  • Created a new Nix module for configuring tmux session log backups.
  • Defined options for enabling the module, specifying rclone remote, remote path, and local path.
  • Implemented a shell script for rclone synchronization.
  • Configured launchd agent for Darwin to run the backup hourly.
  • Configured systemd user service and timer for Linux to run the backup hourly.
• named-hosts/galactica/default.nix
  • Enabled the modules.tmux-backup for the galactica host.
• named-hosts/kyber/default.nix
  • Enabled the modules.tmux-backup for the kyber host.

Activity

• The pull request includes a detailed test plan covering home-manager switch completion, service/agent status verification, and manual backup script testing.
• The PR description indicates that it was generated with 'Claude Code'.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[mesa-dot-dev]

Mesa Description

TL;DR

Adds modules.tmux-backup home-manager module to periodically sync ~/.local/share/tmux/ to gdrive:tmux-logs/ via rclone. Configured for hourly backups on Darwin (via launchd) and Linux (via systemd).

What changed?

A new home-manager module modules.tmux-backup was added, following the pattern of modules.tailscale. This module enables periodic synchronization of tmux logs to Google Drive using rclone. Specifically:

• For Darwin, a launchd.agents.tmux-backup agent is configured to run hourly.
• For Linux, a systemd.user.services.tmux-backup (oneshot) and systemd.user.timers.tmux-backup (hourly) are set up.
• The module includes configurable options for remote, remotePath, and localPath.
• The module is enabled on galactica (Darwin) and kyber (Linux) hosts.

^{Description generated by Mesa. Update settings}

[gemini-code-assist]

Code Review

This pull request introduces a new home-manager module, tmux-backup, designed to periodically sync tmux logs to cloud storage via rclone, supporting both Darwin (launchd) and Linux (systemd). A security audit identified two medium-severity vulnerabilities: potential command injection in the backup script due to missing shell argument escaping, and insecure temporary log file handling in the Darwin launchd agent configuration. Additionally, consider reducing rclone log verbosity and generalizing the module's descriptions to reflect broader rclone remote compatibility. Overall, this is a valuable addition, but addressing these security and general improvements will enhance its robustness and usability.

[gemini-code-assist]

This line is vulnerable to command injection. Nix configuration options like remote or localPath are interpolated directly into the shell script without proper escaping. This could lead to command injection if they contain shell metacharacters. Use lib.escapeShellArg to safely pass these strings. Additionally, consider changing --log-level INFO to --log-level NOTICE to reduce log verbosity for automated tasks, as INFO logs every file check.

    ${pkgs.rclone}/bin/rclone sync ${lib.escapeShellArg "${cfg.localPath}/"} ${lib.escapeShellArg "${cfg.remote}:${cfg.remotePath}/"} --log-level INFO

[gemini-code-assist]

Using fixed log file paths in /tmp is insecure and vulnerable to symlink attacks on multi-user systems. A malicious user could create a symlink to a sensitive file, leading to overwrites. It is safer to store logs within the user's home directory to prevent such attacks and avoid conflicts.

        StandardOutPath = "${config.home.homeDirectory}/.tmux-backup.log";
        StandardErrorPath = "${config.home.homeDirectory}/.tmux-backup.error.log";

[gemini-code-assist]

The module is described as being specifically for 'Google Drive', but it's implemented generically using rclone and could work with any rclone remote (e.g., S3, Dropbox). It would be better to make the descriptions more generic to reflect this, which improves the module's clarity and reusability.

You should update the descriptions in the following places:

• Line 1 (file comment)
• Line 23 (remote option description)
• Line 55 (systemd service description)

    enable = mkEnableOption "tmux session log backup via rclone";

[cubic-dev-ai]

No issues found across 4 files