Parameterise restic

This commit is contained in:
Simon Bruder 2020-12-05 14:19:34 +01:00
parent 6d0f3a9964
commit 8a63f8aac4
No known key found for this signature in database
GPG key ID: 6F03E0000CC5B62F
4 changed files with 51 additions and 28 deletions

View file

@ -6,7 +6,6 @@
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/cpu/intel.nix ../../modules/cpu/intel.nix
../../modules/gpu/intel.nix ../../modules/gpu/intel.nix
../../modules/restic.nix
../../modules/ssd.nix ../../modules/ssd.nix
../../modules/libvirt.nix ../../modules/libvirt.nix
../../modules ../../modules
@ -16,6 +15,7 @@
sbruder = { sbruder = {
gui = true; gui = true;
restic.enable = true;
}; };
boot.loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSC2KB480G7_PHYS749202D6480BGN"; boot.loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSC2KB480G7_PHYS749202D6480BGN";

View file

@ -7,7 +7,6 @@
../../modules/cpu/intel.nix ../../modules/cpu/intel.nix
../../modules/gpu/amd.nix ../../modules/gpu/amd.nix
../../modules/libvirt.nix ../../modules/libvirt.nix
../../modules/restic.nix
../../modules/ssd.nix ../../modules/ssd.nix
../../modules ../../modules
../../profiles/dev.nix ../../profiles/dev.nix
@ -16,6 +15,7 @@
sbruder = { sbruder = {
gui = true; gui = true;
restic.enable = true;
}; };
boot.loader.grub.device = "/dev/disk/by-id/ata-MTFDDAK256TBN-1AR15ABHA_UFZMQ01ZR50NMM"; boot.loader.grub.device = "/dev/disk/by-id/ata-MTFDDAK256TBN-1AR15ABHA_UFZMQ01ZR50NMM";

View file

@ -21,6 +21,7 @@
./office.nix ./office.nix
./prometheus/node_exporter.nix ./prometheus/node_exporter.nix
./pulseaudio.nix ./pulseaudio.nix
./restic.nix
./ssh.nix ./ssh.nix
./sway.nix ./sway.nix
./tools.nix ./tools.nix

View file

@ -1,5 +1,7 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, options, ... }:
let let
cfg = config.sbruder.restic;
name = "${config.networking.hostName}-system"; name = "${config.networking.hostName}-system";
excludes = [ excludes = [
# General # General
@ -44,32 +46,52 @@ let
maybePath = path: (lib.optional (builtins.pathExists path) (toString path)); maybePath = path: (lib.optional (builtins.pathExists path) (toString path));
in in
{ {
services.restic.backups."${name}" = { options.sbruder.restic = {
passwordFile = toString (../secrets/restic_password); enable = lib.mkEnableOption "restic";
s3CredentialsFile = toString ../secrets/s3_credentials; timerConfig =
repository = "s3:https://s3.eu-central-1.wasabisys.com/sbruder-restic"; lib.recursiveUpdate
paths = lib.mkDefault ( (
[ ] (builtins.elemAt
++ maybePath /data (builtins.elemAt
++ maybePath /home options.services.restic.backups.type.getSubModules
++ maybePath /srv 0
++ maybePath /var ).imports
); 0)
initialize = true; { name = ""; }
extraBackupArgs = [ ).options.timerConfig
"--exclude-caches" {
"--exclude-file=${excludesFile}" default = {
"--verbose" OnCalendar = "20:00";
]; RandomizedDelaySec = "2h";
timerConfig = { };
OnCalendar = "20:00"; };
RandomizedDelaySec = "2h";
};
}; };
systemd.services."restic-backups-${name}".serviceConfig = { config = lib.mkIf cfg.enable {
"Nice" = 10; services.restic.backups."${name}" = {
"IOSchedulingClass" = "best-effort"; passwordFile = toString (../secrets/restic_password);
"IOSchedulingPriority" = 7; s3CredentialsFile = toString ../secrets/s3_credentials;
repository = "s3:https://s3.eu-central-1.wasabisys.com/sbruder-restic";
paths = lib.mkDefault (
[ ]
++ maybePath /data
++ maybePath /home
++ maybePath /srv
++ maybePath /var
);
initialize = true;
extraBackupArgs = [
"--exclude-caches"
"--exclude-file=${excludesFile}"
"--verbose"
];
timerConfig = cfg.timerConfig;
};
systemd.services."restic-backups-${name}".serviceConfig = {
"Nice" = 10;
"IOSchedulingClass" = "best-effort";
"IOSchedulingPriority" = 7;
};
}; };
} }