47 lines
1.2 KiB
Nix
47 lines
1.2 KiB
Nix
{
|
|
config,
|
|
keys,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
storagebox-user = "u422292-sub1";
|
|
storagebox-host = "${storagebox-user}.your-storagebox.de";
|
|
in
|
|
{
|
|
environment.systemPackages = [
|
|
pkgs.sshpass
|
|
];
|
|
|
|
age.secrets.restic-genepi-storagebox-key.file = ../../secrets/restic-genepi-storagebox-key.age;
|
|
age.secrets.restic-genepi-storagebox-password.file = ../../secrets/restic-genepi-storagebox-password.age;
|
|
|
|
programs.ssh.knownHosts = {
|
|
"${storagebox-host}".publicKey = keys.hosts.storagebox-rsa;
|
|
};
|
|
|
|
services.restic.backups = {
|
|
storagebox-nightly = {
|
|
initialize = true;
|
|
paths = [
|
|
"/persist"
|
|
];
|
|
passwordFile = config.age.secrets.restic-genepi-storagebox-key.path;
|
|
repository = "sftp://${storagebox-user}@${storagebox-host}/";
|
|
extraOptions = [
|
|
"sftp.command='${pkgs.sshpass}/bin/sshpass -f ${config.age.secrets.restic-genepi-storagebox-password.path} -- ssh ${storagebox-host} -l ${storagebox-user} -s sftp'"
|
|
];
|
|
timerConfig = {
|
|
OnCalendar = "03:00";
|
|
RandomizedDelaySec = "1h";
|
|
};
|
|
pruneOpts = [
|
|
"--keep-daily 7"
|
|
"--keep-weekly 5"
|
|
"--keep-monthly 12"
|
|
"--keep-yearly 10"
|
|
];
|
|
};
|
|
};
|
|
}
|