blob: cf3c65bedf397ea73cf3e18eaf6b31a5357c6fe7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
{
config,
pkgs,
...
}:
let
environmentFile = toString (
pkgs.writeText "restic-gcs-env" ''
GOOGLE_PROJECT_ID=fcuny-infra
GOOGLE_APPLICATION_CREDENTIALS=${config.age.secrets.restic_gcs_credentials.path}
''
);
in
{
services.restic.backups.local = {
passwordFile = config.age.secrets.restic_password.path;
repository = "/srv/data/backups/";
initialize = true;
paths = [ "/var/lib/gitolite" ];
exclude = [
"/var/lib/gitolite/.bash_history"
"/var/lib/gitolite/.ssh"
"/var/lib/gitolite/.viminfo"
];
extraBackupArgs = [
"--exclude-caches"
"--compression=max"
];
timerConfig = {
OnCalendar = "daily";
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 3"
];
};
services.restic.backups.gcs = {
passwordFile = config.age.secrets.restic_password.path;
environmentFile = environmentFile;
repository = "gs:fcuny-infra-backups:/vm-synology/";
initialize = true;
paths = [ "/var/lib/gitolite" ];
exclude = [
"/var/lib/gitolite/.bash_history"
"/var/lib/gitolite/.ssh"
"/var/lib/gitolite/.viminfo"
];
extraBackupArgs = [
"--exclude-caches"
"--compression=max"
];
timerConfig = {
OnCalendar = "daily";
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 4"
"--keep-monthly 3"
];
};
environment = {
sessionVariables = {
RESTIC_REPOSITORY = "/srv/data/backups";
RESTIC_PASSWORD_FILE = config.age.secrets.restic_password.path;
};
systemPackages = with pkgs; [
restic
];
};
}
|
