1 files changed, 38 insertions, 5 deletions

diff --git a/nix/machines/vm-synology/backups.nix b/nix/machines/vm-synology/backups.nix
index 69dcb6e..cf3c65b 100644
--- a/nix/machines/vm-synology/backups.nix
+++ b/nix/machines/vm-synology/backups.nix
@@ -1,22 +1,45 @@
 {
-  pkgs,
   config,
+  pkgs,
   ...
 }:
 let
   environmentFile = toString (
     pkgs.writeText "restic-gcs-env" ''
-      GOOGLE_PROJECT_ID=fcuny-backups-464518
+      GOOGLE_PROJECT_ID=fcuny-infra
       GOOGLE_APPLICATION_CREDENTIALS=${config.age.secrets.restic_gcs_credentials.path}
     ''
   );
 in
 {
-  # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/backup/restic.nix
-  services.restic.backups.git = {
+  services.restic.backups.local = {
+    passwordFile = config.age.secrets.restic_password.path;
+    repository = "/srv/data/backups/";
+    initialize = true;
+    paths = [ "/var/lib/gitolite" ];
+    exclude = [
+      "/var/lib/gitolite/.bash_history"
+      "/var/lib/gitolite/.ssh"
+      "/var/lib/gitolite/.viminfo"
+    ];
+    extraBackupArgs = [
+      "--exclude-caches"
+      "--compression=max"
+    ];
+    timerConfig = {
+      OnCalendar = "daily";
+    };
+    pruneOpts = [
+      "--keep-daily 7"
+      "--keep-weekly 4"
+      "--keep-monthly 3"
+    ];
+  };
+
+  services.restic.backups.gcs = {
     passwordFile = config.age.secrets.restic_password.path;
     environmentFile = environmentFile;
-    repository = "gs:fcuny-backup:/vm-synology";
+    repository = "gs:fcuny-infra-backups:/vm-synology/";
     initialize = true;
     paths = [ "/var/lib/gitolite" ];
     exclude = [
@@ -37,4 +60,14 @@ in
       "--keep-monthly 3"
     ];
   };
+
+  environment = {
+    sessionVariables = {
+      RESTIC_REPOSITORY = "/srv/data/backups";
+      RESTIC_PASSWORD_FILE = config.age.secrets.restic_password.path;
+    };
+    systemPackages = with pkgs; [
+      restic
+    ];
+  };
 }