dotfiles/nixos/boxes/vpsfree1/backups.nix

61 lines
1.5 KiB
Nix

{
config,
pkgs,
...
}: let
genericBackupPath = "/var/lib/backups/";
nixosContainersBackupPath = "/var/lib/nixos-containers/";
in rec {
environment.systemPackages = with pkgs; [restic];
sops.secrets."restic-backups-b2-repo-password" = {
sopsFile = ./restic.sops.yaml;
};
sops.secrets."restic-backups-b2-environment" = {
sopsFile = ./restic-environment.sops;
format = "binary";
path = "/etc/nixos/secrets/b2-env";
};
services = {
restic.backups.b2 = {
passwordFile = "/run/secrets/restic-backups-b2-repo-password";
paths = [
"/var/lib/foundryvtt"
"/var/lib/gitea"
"/var/lib/mastodon"
"${nixosContainersBackupPath}"
];
repository = "b2:cyplo-restic-vpsfree";
backupPrepareCommand = ''
systemctl stop container@mastodon.service
'';
backupCleanupCommand = ''
systemctl start container@mastodon.service
'';
timerConfig = {OnCalendar = "daily";};
environmentFile = "${config.sops.secrets.restic-backups-b2-environment.path}";
exclude = ["cache"];
pruneOpts = [
"--keep-hourly 25"
"--keep-daily 8"
"--keep-weekly 5"
"--keep-monthly 13"
"--keep-yearly 2"
];
checkOpts = [
"--with-cache"
];
};
};
systemd.services.restic-backups-b2 = {
environment = {
GOMAXPROCS = "1";
GOGC = "20";
};
serviceConfig = {
Nice = 19;
IOSchedulingClass = "idle";
};
};
}