43 lines
1.2 KiB
Nix
43 lines
1.2 KiB
Nix
{ config, pkgs, ... }:
|
|
let
|
|
genericBackupPath = "/var/lib/backups/";
|
|
containersBackupPath = "${genericBackupPath}/oci-containers/";
|
|
in rec {
|
|
environment.systemPackages = with pkgs; [ restic ];
|
|
|
|
sops.secrets."restic-backups-b2-repo-password" = {
|
|
sopsFile = ./restic.sops.yaml;
|
|
};
|
|
sops.secrets."restic-backups-b2-environment" = {
|
|
sopsFile = ./restic-environment.sops;
|
|
format = "binary";
|
|
path = "/etc/nixos/secrets/b2-env";
|
|
};
|
|
services = {
|
|
restic.backups.b2 = {
|
|
passwordFile = "/run/secrets/restic-backups-b2-repo-password";
|
|
paths = [
|
|
"/var/lib/foundryvtt"
|
|
"/var/lib/gitea"
|
|
"/var/lib/mastodon"
|
|
"${containersBackupPath}"
|
|
];
|
|
repository = "b2:cyplo-restic-vpsfree";
|
|
backupPrepareCommand = ''
|
|
mkdir -p ${containersBackupPath}/
|
|
${pkgs.podman}/bin/podman volume export woodpecker-server-data -o ${containersBackupPath}/woodpecker.tar
|
|
'';
|
|
timerConfig = { OnCalendar = "hourly"; };
|
|
environmentFile =
|
|
"${config.sops.secrets.restic-backups-b2-environment.path}";
|
|
};
|
|
};
|
|
|
|
systemd.services.restic-backups-b2 = {
|
|
environment = { GOMAXPROCS = "1"; };
|
|
serviceConfig = {
|
|
Nice = 19;
|
|
IOSchedulingClass = "idle";
|
|
};
|
|
};
|
|
}
|