blob: be65da60fb7332d843289491cd9579a079a638fa (
plain) (
tree)
|
|
{ config, pkgs, ... }:
let
restic-local = pkgs.writeShellScriptBin "restic-local" ''
export RESTIC_REPOSITORY="/data/backups/${config.networking.hostName}"
export RESTIC_PASSWORD_FILE="${config.age.secrets.restic-local-pw.path}"
exec ${pkgs.restic}/bin/restic "$@"
'';
in
{
age = {
secrets = {
restic-local-pw = {
file = ../secrets/restic-pw.age;
};
nas-client = {
file = ../secrets/nas_client.age;
};
};
};
boot.kernelModules = [
"cifs"
"cmac"
"sha256"
];
environment.systemPackages = [
pkgs.cifs-utils
pkgs.restic
restic-local
];
systemd.mounts = [
{
description = "Mount for NAS volume";
what = "//192.168.1.68/backups";
where = "/data/backups/";
unitConfig = {
Type = "cifs";
};
type = "cifs";
options = "credentials=${config.age.secrets.nas-client.path},uid=1000,gid=1000,rw";
}
];
systemd.automounts = [
{
description = "Automount for NAS volume backups";
where = "/data/backups";
wantedBy = [ "multi-user.target" ];
}
];
services.restic = {
backups = {
local = {
paths = [ ];
passwordFile = config.age.secrets.restic-local-pw.path;
repository = "/data/backups/${config.networking.hostName}";
initialize = true;
timerConfig.OnCalendar = "*-*-* *:00:00";
timerConfig.RandomizedDelaySec = "5m";
extraBackupArgs = [ ];
};
};
};
}
|
