Nebucatnetzer
/
nixos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Move restic-client-desktop into options

This commit is contained in:
Andreas Zweili 2023-05-31 22:10:26 +02:00
parent a10bee0a72
commit f9685049a8
4 changed files with 79 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
modules/default.nix
View File

@ -15,6 +15,7 @@
./nix-direnv
./pipewire
./rdp
./restic-client-desktop
./scripts
./telegram-notifications
./tmux

148
modules/restic-client-desktop/default.nix
View File

@ -1,5 +1,6 @@
{ config, inputs, pkgs, ... }:
{ config, inputs, lib, pkgs, ... }:
let
cfg = config.services.az-restic-client-desktop;
password_file = config.age.secrets.resticKey.path;
repository = "rest:http://10.7.89.30:8000";
@ -43,81 +44,84 @@ let
${pkgs.restic}/bin/restic --password-file ${password_file} mount /tmp/restic'';
in
{
services.az-telegram-notifications.enable = true;
age.secrets.infomaniakEnv = {
file = "${inputs.self}/scrts/infomaniak_env.age";
mode = "600";
owner = config.az-username;
group = "users";
options = {
services.az-restic-client-desktop.enable = lib.mkEnableOption "Enable restic backups";
};
age.secrets.resticKey = {
file = "${inputs.self}/scrts/restic.key.age";
mode = "600";
owner = config.az-username;
group = "users";
};
systemd.timers."restic-backups-${config.az-username}" = {
wantedBy = [ "timers.target" ];
partOf = [ "restic-backups-${config.az-username}.service" ];
timerConfig = {
OnCalendar = "hourly";
RandomizedDelaySec = "15min";
config = lib.mkIf cfg.enable {
services.az-telegram-notifications.enable = true;
age.secrets.infomaniakEnv = {
file = "${inputs.self}/scrts/infomaniak_env.age";
mode = "600";
owner = config.az-username;
group = "users";
};
};
systemd.services."restic-backups-${config.az-username}" = {
unitConfig.ConditionACPower = true;
serviceConfig = {
User = config.az-username;
Type = "oneshot";
age.secrets.resticKey = {
file = "${inputs.self}/scrts/restic.key.age";
mode = "600";
owner = config.az-username;
group = "users";
};
environment = {
RESTIC_PASSWORD_FILE = password_file;
RESTIC_REPOSITORY = repository;
systemd.timers."restic-backups-${config.az-username}" = {
wantedBy = [ "timers.target" ];
partOf = [ "restic-backups-${config.az-username}.service" ];
timerConfig = {
OnCalendar = "hourly";
RandomizedDelaySec = "15min";
};
};
onFailure = [ "unit-status-telegram@%n.service" ];
script = ''
${pkgs.restic}/bin/restic \
--exclude-file=${inputs.self}/modules/restic-client/excludes.txt \
--tag home-dir \
backup /home/${config.az-username}
${pkgs.restic}/bin/restic \
forget \
--host ${config.networking.hostName} \
--keep-hourly 25 \
--keep-daily 7 \
--keep-weekly 5 \
--keep-monthly 12 \
--keep-yearly 75 \
'';
systemd.services."restic-backups-${config.az-username}" = {
unitConfig.ConditionACPower = true;
serviceConfig = {
User = config.az-username;
Type = "oneshot";
};
environment = {
RESTIC_PASSWORD_FILE = password_file;
RESTIC_REPOSITORY = repository;
};
onFailure = [ "unit-status-telegram@%n.service" ];
script = ''
${pkgs.restic}/bin/restic \
--exclude-file=${inputs.self}/modules/restic-client/excludes.txt \
--tag home-dir \
backup /home/${config.az-username}
${pkgs.restic}/bin/restic \
forget \
--host ${config.networking.hostName} \
--keep-hourly 25 \
--keep-daily 7 \
--keep-weekly 5 \
--keep-monthly 12 \
--keep-yearly 75 \
'';
};
environment.shellAliases = {
restic-list = ''
${pkgs.restic}/bin/restic \
--repo ${repository} \
--password-file ${password_file} \
snapshots --host ${config.networking.hostName}'';
restic-unlock = ''
${pkgs.restic}/bin/restic \
--repo ${repository} \
--password-file ${password_file} \
unlock'';
restic-forget = ''
${pkgs.restic}/bin/restic --repo ${repository} \
--password-file ${password_file} \
forget $1'';
};
environment.systemPackages = with pkgs;
[
restic
restic-mount
restic-mount-all
restic-infomaniak-list
restic-infomaniak-mount
];
};
environment.shellAliases = {
restic-list = ''
${pkgs.restic}/bin/restic \
--repo ${repository} \
--password-file ${password_file} \
snapshots --host ${config.networking.hostName}'';
restic-unlock = ''
${pkgs.restic}/bin/restic \
--repo ${repository} \
--password-file ${password_file} \
unlock'';
restic-forget = ''
${pkgs.restic}/bin/restic --repo ${repository} \
--password-file ${password_file} \
forget $1'';
};
environment.systemPackages = with pkgs;
[
restic
restic-mount
restic-mount-all
restic-infomaniak-list
restic-infomaniak-mount
];
}

2
systems/gwyn/default.nix
View File

@ -4,7 +4,6 @@
inputs.nixos-hardware.nixosModules.dell-precision-5530
inputs.nixos-hardware.nixosModules.common-gpu-nvidia
inputs.nixos-hardware.nixosModules.common-gpu-intel
"${inputs.self}/modules/restic-client-desktop"
"${inputs.self}/modules/tlp"
];
boot.initrd.availableKernelModules = [
@ -61,6 +60,7 @@
services = {
az-logs-share.enable = true;
az-rdp.enable = true;
az-restic-client-desktop.enable = true;
az-x86.enable = true;
};

2
systems/staubfinger/default.nix
View File

@ -4,7 +4,6 @@
inputs.nixos-hardware.nixosModules.common-gpu-intel
inputs.nixos-hardware.nixosModules.common-pc-laptop
inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
"${inputs.self}/modules/restic-client-desktop"
"${inputs.self}/modules/tlp"
];
boot.initrd.availableKernelModules = [
@ -50,6 +49,7 @@
};
services = {
az-docker.enable = true;
az-restic-client-desktop = true;
az-x86.enable = true;
};
virtualisation.virtualbox.host.enable = true;