55 lines
1.1 KiB
Nix
55 lines
1.1 KiB
Nix
|
{ config, lib, ... }: {
|
||
|
|
|
||
|
|
options = {
|
||
|
|
backup.dirs = lib.mkOption {
|
||
|
|
default = [ ];
|
||
|
|
type = with lib.types; listOf str;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
config = let
|
||
|
|
servers = [
|
||
|
|
{
|
||
|
|
name = "workhorse";
|
||
|
|
host = "workhorse.private";
|
||
|
|
}
|
||
|
|
{
|
||
|
|
name = "pepe";
|
||
|
|
host = "pepe.private";
|
||
|
|
}
|
||
|
|
];
|
||
|
|
|
||
|
|
dirs = config.backup.dirs;
|
||
|
|
|
||
|
|
myHostname = config.networking.hostName;
|
||
|
|
|
||
|
|
setup = server: {
|
||
|
|
paths = dirs;
|
||
|
|
doInit = true;
|
||
|
|
repo = "borg@${server}:./${myHostname}";
|
||
|
|
encryption = {
|
||
|
|
mode = "repokey-blake2";
|
||
|
|
# todo rename
|
||
|
|
passCommand = "cat ${toString <secrets/backup/repo>}";
|
||
|
|
};
|
||
|
|
environment.BORG_RSH =
|
||
|
|
"ssh -i ${toString <secrets/backup/ssh_rsa>}";
|
||
|
|
compression = "auto,lzma";
|
||
|
|
startAt = "daily";
|
||
|
|
|
||
|
|
};
|
||
|
|
|
||
|
|
in {
|
||
|
|
|
||
|
|
services.borgbackup.jobs = let
|
||
|
|
setups = map ({ name, host }: { "${name}" = setup host; }) servers;
|
||
|
|
setupAttrs = lib.zipAttrsWith (_: vals: lib.head vals) setups;
|
||
|
|
nonEmptySetups =
|
||
|
|
lib.filterAttrs (_: { paths, ... }: builtins.length paths != 0)
|
||
|
|
setupAttrs;
|
||
|
|
in nonEmptySetups;
|
||
|
|
|
||
|
|
};
|
||
|
|
|
||
|
|
}
|