blob: cf3c65bedf397ea73cf3e18eaf6b31a5357c6fe7 (
plain) (
tree)
|
|
{
config,
pkgs,
...
}:
let
environmentFile = toString (
pkgs.writeText "restic-gcs-env" ''
GOOGLE_PROJECT_ID=fcuny-infra
GOOGLE_APPLICATION_CREDENTIALS=${config.age.secrets.restic_gcs_credentials.path}
''
);
in
{
services.restic.backups.local = {
passwordFile = config.age.secrets.restic_password.path;
repository = "/srv/data/backups/";
initialize = true;
paths = [ "/var/lib/gitolite" ];
exclude = [
"/var/lib/gitolite/.bash_history"
"/var/lib/gitolite/.ssh"
"/var/lib/gitolite/.viminfo"
];
extraBackupArgs = [
"--exclude-caches"
"--compression=max"
];
timerConfig = {
OnCalendar = "daily";
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 3"
];
};
services.restic.backups.gcs = {
passwordFile = config.age.secrets.restic_password.path;
environmentFile = environmentFile;
repository = "gs:fcuny-infra-backups:/vm-synology/";
initialize = true;
paths = [ "/var/lib/gitolite" ];
exclude = [
"/var/lib/gitolite/.bash_history"
"/var/lib/gitolite/.ssh"
"/var/lib/gitolite/.viminfo"
];
extraBackupArgs = [
"--exclude-caches"
"--compression=max"
];
timerConfig = {
OnCalendar = "daily";
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 3"
];
};
environment = {
sessionVariables = {
RESTIC_REPOSITORY = "/srv/data/backups";
RESTIC_PASSWORD_FILE = config.age.secrets.restic_password.path;
};
systemPackages = with pkgs; [
restic
];
};
}
|
