kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 18:21:07 +01:00
Code Releases Activity
Files
87f73a8fc1874c075a0d1581dbe7be1108a49df5
niveum/configs/backup.nix

45 lines
1.2 KiB
Nix
Raw Blame History

{ pkgs, config, ... }:
let
inherit (import <niveum/lib>) restic;
in
{
services.restic.backups.niveum = {
initialize = true;
inherit (restic) repository;
timerConfig = { OnCalendar = "8:00"; RandomizedDelaySec = "1h"; };
passwordFile = toString <secrets/restic/password>;
extraBackupArgs = [
"--exclude=/home/kfm/projects/nixpkgs/.git"
"--exclude=node_modules"
];
paths = [
"/home/kfm/work"
"/home/kfm/projects"
"/home/kfm/cloud"
"/home/kfm/.gnupg"
"/home/kfm/.ssh"
];
};
systemd.services.restic-backups-niveum.serviceConfig = {
Restart = "on-failure";
RestartSec = "15s";
StartLimitIntervalSec = "1m"; # don't try more than 4 times
StartLimitBurst = 4;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "restic-niveum" ''
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${<secrets/restic/password>} "$@"
'')
(pkgs.writers.writeDashBin "restic-mount" ''
mountdir=$(mktemp -d)
trap clean EXIT
clean() {
rm -r "$mountdir"
}
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${<secrets/restic/password>} mount "$mountdir"
'')
];
}
View Git Blame Copy Permalink