51 lines
1.2 KiB
Nix
51 lines
1.2 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
sqliteBackup = fromPath: toPath: file: ''
|
|
mkdir -p ${toPath}
|
|
${lib.getExe pkgs.sqlite} ${fromPath} ".backup '${toPath}/${file}'"
|
|
'';
|
|
in
|
|
{
|
|
sops.secrets = {
|
|
"restic/repo" = {
|
|
sopsFile = ../secrets.yaml;
|
|
};
|
|
"restic/password" = {
|
|
sopsFile = ../secrets.yaml;
|
|
};
|
|
};
|
|
|
|
custom.restic = {
|
|
enable = true;
|
|
repositoryFile = config.sops.secrets."restic/repo".path;
|
|
passwordFile = config.sops.secrets."restic/password".path;
|
|
paths = [
|
|
"/backup"
|
|
"/mnt/storage"
|
|
];
|
|
};
|
|
|
|
services.postgresqlBackup = {
|
|
enable = true;
|
|
compression = "zstd";
|
|
compressionLevel = 9;
|
|
location = "/backup/postgresql";
|
|
};
|
|
|
|
services.restic.backups.${config.networking.hostName} = {
|
|
backupPrepareCommand = builtins.concatStringsSep "\n" [
|
|
(sqliteBackup "/var/lib/hedgedoc/db.sqlite" "/backup/hedgedoc" "db.sqlite")
|
|
(sqliteBackup "/var/lib/bitwarden_rs/db.sqlite3" "/backup/bitwarden_rs" "db.sqlite3")
|
|
(sqliteBackup "/var/lib/gotosocial/database.sqlite" "/backup/gotosocial" "database.sqlite")
|
|
(sqliteBackup "/var/lib/kanidm/kanidm.db" "/backup/kanidm" "kanidm.db")
|
|
];
|
|
extraBackupArgs = [
|
|
"--limit-upload=1024"
|
|
];
|
|
};
|
|
}
|