nixos-config/machines/massicot/services/restic.nix

52 lines
1.2 KiB
Nix
Raw Normal View History

2024-09-14 08:33:01 +00:00
{
config,
lib,
pkgs,
...
}:
let
2024-09-23 12:16:19 +00:00
sqliteBackup = fromPath: toPath: file: ''
mkdir -p ${toPath}
${lib.getExe pkgs.sqlite} ${fromPath} ".backup '${toPath}/${file}'"
2024-09-14 08:33:01 +00:00
'';
in
{
sops.secrets = {
"restic/repo" = {
sopsFile = ../secrets.yaml;
};
"restic/password" = {
sopsFile = ../secrets.yaml;
};
};
custom.restic = {
enable = true;
repositoryFile = config.sops.secrets."restic/repo".path;
passwordFile = config.sops.secrets."restic/password".path;
paths = [
2024-09-23 12:16:19 +00:00
"/backup"
2024-09-14 08:33:01 +00:00
"/mnt/storage"
];
};
services.postgresqlBackup = {
enable = true;
compression = "zstd";
compressionLevel = 9;
2024-09-23 12:16:19 +00:00
location = "/backup/postgresql";
2024-09-14 08:33:01 +00:00
};
services.restic.backups.${config.networking.hostName} = {
backupPrepareCommand = builtins.concatStringsSep "\n" [
2024-09-23 12:16:19 +00:00
(sqliteBackup "/var/lib/hedgedoc/db.sqlite" "/backup/hedgedoc" "db.sqlite")
(sqliteBackup "/var/lib/bitwarden_rs/db.sqlite3" "/backup/bitwarden_rs" "db.sqlite3")
(sqliteBackup "/var/lib/gotosocial/database.sqlite" "/backup/gotosocial" "database.sqlite")
(sqliteBackup "/var/lib/kanidm/kanidm.db" "/backup/kanidm" "kanidm.db")
2024-09-14 08:33:01 +00:00
];
extraBackupArgs = [
"--limit-upload=1024"
];
};
}