blob: be65da60fb7332d843289491cd9579a079a638fa (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
{ config, pkgs, ... }:
let
restic-local = pkgs.writeShellScriptBin "restic-local" ''
export RESTIC_REPOSITORY="/data/backups/${config.networking.hostName}"
export RESTIC_PASSWORD_FILE="${config.age.secrets.restic-local-pw.path}"
exec ${pkgs.restic}/bin/restic "$@"
'';
in
{
age = {
secrets = {
restic-local-pw = {
file = ../secrets/restic-pw.age;
};
nas-client = {
file = ../secrets/nas_client.age;
};
};
};
boot.kernelModules = [
"cifs"
"cmac"
"sha256"
];
environment.systemPackages = [
pkgs.cifs-utils
pkgs.restic
restic-local
];
systemd.mounts = [
{
description = "Mount for NAS volume";
what = "//192.168.1.68/backups";
where = "/data/backups/";
unitConfig = {
Type = "cifs";
};
type = "cifs";
options = "credentials=${config.age.secrets.nas-client.path},uid=1000,gid=1000,rw";
}
];
systemd.automounts = [
{
description = "Automount for NAS volume backups";
where = "/data/backups";
wantedBy = [ "multi-user.target" ];
}
];
services.restic = {
backups = {
local = {
paths = [ ];
passwordFile = config.age.secrets.restic-local-pw.path;
repository = "/data/backups/${config.networking.hostName}";
initialize = true;
timerConfig.OnCalendar = "*-*-* *:00:00";
timerConfig.RandomizedDelaySec = "5m";
extraBackupArgs = [ ];
};
};
};
}
|
