nixos/modules/services/restic-client-desktop/default.nix

{
  config,
  inputs,
  lib,
  pkgs,
  ...
}:
let
  cfg = config.services.az-restic-client-desktop;
  password_file = config.age.secrets.resticKey.path;
  repository = "rest:http://10.7.89.30:8000";
in
{
  options = {
    services.az-restic-client-desktop.enable = lib.mkEnableOption "Enable restic backups";
  };
  config = lib.mkIf cfg.enable {
    services.az-telegram-notifications.enable = true;
    age.secrets.infomaniakEnv = {
      file = "${inputs.self}/scrts/infomaniak_env.age";
      mode = "600";
      owner = config.az-username;
      group = "users";
    };
    age.secrets.resticKey = {
      file = "${inputs.self}/scrts/restic.key.age";
      mode = "600";
      owner = config.az-username;
      group = "users";
    };

    systemd.timers."restic-backups-${config.az-username}" = {
      wantedBy = [ "timers.target" ];
      partOf = [ "restic-backups-${config.az-username}.service" ];
      timerConfig = {
        OnCalendar = "hourly";
        RandomizedDelaySec = "15min";
      };
    };

    systemd.services."restic-backups-${config.az-username}" = {
      unitConfig.ConditionACPower = true;
      serviceConfig = {
        User = config.az-username;
        Type = "oneshot";
      };
      environment = {
        RESTIC_PASSWORD_FILE = password_file;
        RESTIC_REPOSITORY = repository;
      };
      onFailure = [ "unit-status-telegram@%n.service" ];
      script = ''
        ${pkgs.restic}/bin/restic \
          --exclude-file=${inputs.self}/modules/misc/restic-client/excludes.txt \
          --tag home-dir \
          backup /home/${config.az-username}

        ${pkgs.restic}/bin/restic \
        forget \
          --host ${config.networking.hostName} \
          --keep-hourly 25 \
          --keep-daily 7 \
          --keep-weekly 5 \
          --keep-monthly 12 \
          --keep-yearly 2 \
      '';
    };
  };
}
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`{`
			`config,`
			`inputs,`
			`lib,`
			`pkgs,`
			`...`
			`}:`
test an alias for restic 2022-03-01 15:01:50 +01:00			`let`
Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00			`cfg = config.services.az-restic-client-desktop;`
Encrypt restic secrets 2022-11-04 16:49:46 +01:00			`password_file = config.age.secrets.resticKey.path;`
Revert "Check that the server exists before starting backups" This reverts commit 459e74b01a517dea62dd8c68df0c275b92fcdf9a. 2023-12-31 17:25:24 +01:00			`repository = "rest:http://10.7.89.30:8000";`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`in`
			`{`
Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00			`options = {`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`services.az-restic-client-desktop.enable = lib.mkEnableOption "Enable restic backups";`
Encrypt restic secrets 2022-11-04 16:49:46 +01:00			`};`
Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00			`config = lib.mkIf cfg.enable {`
			`services.az-telegram-notifications.enable = true;`
			`age.secrets.infomaniakEnv = {`
			`file = "${inputs.self}/scrts/infomaniak_env.age";`
			`mode = "600";`
			`owner = config.az-username;`
			`group = "users";`
update the desktop restic 2022-01-29 16:01:27 +01:00			`};`
Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00			`age.secrets.resticKey = {`
			`file = "${inputs.self}/scrts/restic.key.age";`
			`mode = "600";`
			`owner = config.az-username;`
			`group = "users";`
correct the forget service 2022-02-28 17:15:14 +01:00			`};`
Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00
			`systemd.timers."restic-backups-${config.az-username}" = {`
			`wantedBy = [ "timers.target" ];`
			`partOf = [ "restic-backups-${config.az-username}.service" ];`
			`timerConfig = {`
			`OnCalendar = "hourly";`
			`RandomizedDelaySec = "15min";`
			`};`
rewrite the restic service to fit my needs 2022-02-28 18:11:11 +01:00			`};`

Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00			`systemd.services."restic-backups-${config.az-username}" = {`
			`unitConfig.ConditionACPower = true;`
			`serviceConfig = {`
			`User = config.az-username;`
			`Type = "oneshot";`
			`};`
			`environment = {`
			`RESTIC_PASSWORD_FILE = password_file;`
			`RESTIC_REPOSITORY = repository;`
			`};`
			`onFailure = [ "unit-status-telegram@%n.service" ];`
			`script = ''`
Revert "Check that the server exists before starting backups" This reverts commit 459e74b01a517dea62dd8c68df0c275b92fcdf9a. 2023-12-31 17:25:24 +01:00			`${pkgs.restic}/bin/restic \`
			`--exclude-file=${inputs.self}/modules/misc/restic-client/excludes.txt \`
			`--tag home-dir \`
			`backup /home/${config.az-username}`
Reformat the aliases 2022-08-23 20:13:31 +02:00
Revert "Check that the server exists before starting backups" This reverts commit 459e74b01a517dea62dd8c68df0c275b92fcdf9a. 2023-12-31 17:25:24 +01:00			`${pkgs.restic}/bin/restic \`
			`forget \`
			`--host ${config.networking.hostName} \`
			`--keep-hourly 25 \`
			`--keep-daily 7 \`
			`--keep-weekly 5 \`
			`--keep-monthly 12 \`
			`--keep-yearly 2 \`
Move restic-client-desktop into options 2023-05-31 22:10:26 +02:00			`'';`
			`};`
			`};`
add a module for restic 2021-11-28 12:00:58 +01:00			`}`