98 lines
2.4 KiB
Nix
98 lines
2.4 KiB
Nix
{ pkgs, config, lib, options, ... }:
|
|
let
|
|
cfg = config.sbruder.restic;
|
|
|
|
name = "${config.networking.hostName}-system";
|
|
excludes = [
|
|
# General
|
|
"/home/*/Downloads/"
|
|
"/home/*/.cache/"
|
|
"/home/*/**/cache/"
|
|
"/home/*/.claws-mail/imapcache"
|
|
"/home/*/.local/share/Trash"
|
|
"/home/*/.local/share/nvim/"
|
|
|
|
# Rust
|
|
"/home/*/**/target/debug/"
|
|
"/home/*/**/target/doc/"
|
|
"/home/*/**/target/release/"
|
|
"/home/*/**/target/rls/"
|
|
"/home/*/**/target/tarpaulin/"
|
|
"/home/*/**/target/wasm32-unknown-unknown/"
|
|
"/home/*/.rustup/toolchains/"
|
|
"/home/*/.cargo"
|
|
|
|
# Python
|
|
"/home/*/.local/share/pyppeteer"
|
|
"/home/*/.local/share/virtualenvs/"
|
|
"/home/*/.platformio/"
|
|
|
|
# Node
|
|
"/home/*/**/.local-chromium"
|
|
|
|
# Project related
|
|
"/home/*/mount"
|
|
"/home/*/projects/vapoursynth/data/"
|
|
"/home/*/projects/vapoursynth/out/"
|
|
"/home/*/projects/vapoursynth/src/"
|
|
|
|
# Docker
|
|
"/var/lib/docker/"
|
|
|
|
# Stuff I do not want to back up
|
|
"/data/cache/"
|
|
];
|
|
excludesFile = pkgs.writeText "exludes.txt" (builtins.concatStringsSep "\n" excludes);
|
|
maybePath = path: (lib.optional (builtins.pathExists path) (toString path));
|
|
in
|
|
{
|
|
options.sbruder.restic = {
|
|
enable = lib.mkEnableOption "restic";
|
|
timerConfig =
|
|
lib.recursiveUpdate
|
|
(
|
|
(builtins.elemAt
|
|
(builtins.elemAt
|
|
options.services.restic.backups.type.getSubModules
|
|
0
|
|
).imports
|
|
0)
|
|
{ name = ""; }
|
|
).options.timerConfig
|
|
{
|
|
default = {
|
|
OnCalendar = "20:00";
|
|
RandomizedDelaySec = "2h";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
services.restic.backups."${name}" = {
|
|
passwordFile = toString (../secrets/restic_password);
|
|
s3CredentialsFile = toString ../secrets/s3_credentials;
|
|
repository = "s3:https://s3.eu-central-1.wasabisys.com/sbruder-restic";
|
|
paths = lib.mkDefault (
|
|
[ ]
|
|
++ maybePath /data
|
|
++ maybePath /home
|
|
++ maybePath /srv
|
|
++ maybePath /var
|
|
);
|
|
initialize = true;
|
|
extraBackupArgs = [
|
|
"--exclude-caches"
|
|
"--exclude-file=${excludesFile}"
|
|
"--verbose"
|
|
];
|
|
timerConfig = cfg.timerConfig;
|
|
};
|
|
|
|
systemd.services."restic-backups-${name}".serviceConfig = {
|
|
"Nice" = 10;
|
|
"IOSchedulingClass" = "best-effort";
|
|
"IOSchedulingPriority" = 7;
|
|
};
|
|
};
|
|
}
|