45 lines
1.2 KiB
Nix
45 lines
1.2 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: {
|
|
age.secrets = {
|
|
bigding_backup_s3_creds.file = ../../../secrets/bigding_backup_s3_creds.age;
|
|
bigding_backup_repo_password.file = ../../../secrets/bigding_backup_repo_password.age;
|
|
};
|
|
|
|
services.restic.backups = {
|
|
"system" = {
|
|
initialize = true;
|
|
passwordFile = config.age.secrets.bigding_backup_repo_password.path;
|
|
timerConfig = {
|
|
OnCalendar = "02:00";
|
|
};
|
|
repository = "s3:s3.eu-central-003.backblazeb2.com/bigding-backup";
|
|
s3CredentialsFile = config.age.secrets.bigding_backup_s3_creds.path;
|
|
|
|
paths = [
|
|
"/etc/group"
|
|
"/etc/machine-id"
|
|
"/etc/NetworkManager/system-connections"
|
|
"/etc/passwd"
|
|
"/etc/subgid"
|
|
"/home"
|
|
"/root"
|
|
"/var/lib/prometheus2"
|
|
"/var/lib/jellyfin"
|
|
"/var/lib/fail2ban"
|
|
"/var/lib/matrix-synapse"
|
|
"/var/lib/golink"
|
|
"/var/lib/tailscale"
|
|
"/var/lib/caddy"
|
|
"/var/backup"
|
|
];
|
|
|
|
backupPrepareCommand = ''
|
|
${pkgs.postgresql_13}/bin/pg_dumpall --clean -U postgres | ${pkgs.zstd}/bin/zstd --rsyncable > /var/backup/pgdump.sql.zst
|
|
'';
|
|
};
|
|
};
|
|
}
|