51 lines
1.1 KiB
Nix
51 lines
1.1 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
sqliteBackup = path: ''
|
|
mkdir -p /backup${path}
|
|
${lib.getExe pkgs.sqlite} ${path} "vacuum into '/var/backup${path}'"
|
|
'';
|
|
in
|
|
{
|
|
sops.secrets = {
|
|
"restic/repo" = {
|
|
sopsFile = ../secrets.yaml;
|
|
};
|
|
"restic/password" = {
|
|
sopsFile = ../secrets.yaml;
|
|
};
|
|
};
|
|
|
|
custom.restic = {
|
|
enable = true;
|
|
repositoryFile = config.sops.secrets."restic/repo".path;
|
|
passwordFile = config.sops.secrets."restic/password".path;
|
|
paths = [
|
|
"/var/backup"
|
|
"/mnt/storage"
|
|
];
|
|
};
|
|
|
|
services.postgresqlBackup = {
|
|
enable = true;
|
|
compression = "zstd";
|
|
compressionLevel = 9;
|
|
location = "/var/backup/postgresql";
|
|
};
|
|
|
|
services.restic.backups.${config.networking.hostName} = {
|
|
backupPrepareCommand = builtins.concatStringsSep "\n" [
|
|
(sqliteBackup "/var/lib/hedgedoc/db.sqlite")
|
|
(sqliteBackup "/var/lib/bitwarden_rs/db.sqlite3")
|
|
(sqliteBackup "/var/lib/gotosocial/database.sqlite")
|
|
(sqliteBackup "/var/lib/kanidm/kanidm.db")
|
|
];
|
|
extraBackupArgs = [
|
|
"--limit-upload=1024"
|
|
];
|
|
};
|
|
}
|