2022-01-13 13:40:18 +01:00
|
|
|
{ config, lib, ... }:
|
|
|
|
# borg core setup
|
|
|
|
# ---------------
|
|
|
|
# provides an easy interface for all services
|
|
|
|
# to append it's files to be backuped
|
|
|
|
{
|
2020-09-04 00:49:35 +02:00
|
|
|
|
|
|
|
options = {
|
|
|
|
backup.dirs = lib.mkOption {
|
|
|
|
default = [ ];
|
|
|
|
type = with lib.types; listOf str;
|
2020-09-05 14:37:49 +02:00
|
|
|
description = ''
|
|
|
|
folders to backup
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
backup.exclude = lib.mkOption {
|
|
|
|
default = [ ];
|
|
|
|
type = with lib.types; listOf str;
|
|
|
|
description = ''
|
|
|
|
exclude files and folders matching a pattern.
|
|
|
|
Theses patterns effect all folders in `backup.dirs`.
|
|
|
|
see man borg pattern for more information
|
|
|
|
'';
|
|
|
|
example = [ ".git" "/home/*/.cache" ".stfolder" ];
|
2020-09-04 00:49:35 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
config =
|
|
|
|
let
|
2021-09-25 15:17:07 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
servers = [
|
2022-01-13 13:40:18 +01:00
|
|
|
#{
|
|
|
|
# name = "robi";
|
|
|
|
# host = "robi.private";
|
|
|
|
#}
|
2021-11-01 09:20:42 +01:00
|
|
|
{
|
|
|
|
name = "pepe";
|
|
|
|
host = "pepe.private";
|
|
|
|
}
|
|
|
|
];
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
dirs = config.backup.dirs;
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
myHostname = config.networking.hostName;
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
setup = server: {
|
|
|
|
paths = config.backup.dirs;
|
|
|
|
exclude = config.backup.exclude;
|
|
|
|
doInit = true;
|
|
|
|
repo = "borg@${server}:./${myHostname}";
|
|
|
|
encryption = {
|
|
|
|
mode = "repokey-blake2";
|
2022-01-13 13:40:18 +01:00
|
|
|
passCommand = "cat ${config.sops.secrets.backup_repository_passphrase.path}";
|
2021-11-01 09:20:42 +01:00
|
|
|
};
|
2022-01-13 13:40:18 +01:00
|
|
|
environment.BORG_RSH = "ssh -i ${toString config.sops.secrets.backup_ssh_rsa_private.path}";
|
2021-11-01 09:20:42 +01:00
|
|
|
compression = "auto,lzma";
|
|
|
|
startAt = "daily";
|
|
|
|
prune.keep = {
|
|
|
|
within = "10d"; # Keep all backups in the last 10 days.
|
|
|
|
weekly = 8; # Keep 8 additional end of week archives.
|
|
|
|
monthly = -1; # Keep end of month archive for every month
|
|
|
|
};
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
};
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
in
|
|
|
|
{
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
sops.secrets.backup_repository_passphrase = { };
|
|
|
|
sops.secrets.backup_ssh_rsa_private = { };
|
2021-09-25 15:17:07 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
services.borgbackup.jobs =
|
|
|
|
let
|
|
|
|
setups = map ({ name, host }: { "${name}" = setup host; }) servers;
|
|
|
|
setupAttrs = lib.zipAttrsWith (_: vals: lib.head vals) setups;
|
|
|
|
nonEmptySetups =
|
|
|
|
lib.filterAttrs (_: { paths, ... }: builtins.length paths != 0)
|
|
|
|
setupAttrs;
|
|
|
|
in
|
|
|
|
nonEmptySetups;
|
2020-09-04 00:49:35 +02:00
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
};
|
2020-09-04 00:49:35 +02:00
|
|
|
|
|
|
|
}
|