diff --git a/home-pc.nix b/home-pc.nix index 76e376e..867eeaf 100644 --- a/home-pc.nix +++ b/home-pc.nix @@ -11,6 +11,7 @@ ./desktop ./virtualisation/docker.nix ./services/syncthing/felix-nixos.nix + ./services/restic/home-pc.nix ./services/pcscd.nix ]; diff --git a/services/restic/common.nix b/services/restic/common.nix new file mode 100644 index 0000000..6b3aa05 --- /dev/null +++ b/services/restic/common.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +# using the restic cli: +# load credentials into shell via: export $(cat /path/to/credentials/file | xargs) +# useful commands for analysing restic stats [snapshot-id], restic diff [s1] [s2], + +with lib; +with builtins; +let hasAnyAttr = flip (attrset: any (flip hasAttr attrset)); +in { + resticConfig = args@{ name, extraPruneOpts ? [ ], ... }: + assert !hasAnyAttr [ + "initialize" + "repository" + "s3CredentialsFile" + "passwordFile" + "pruneOpts" + ] args; + (removeAttrs args [ "name" "extraPruneOpts" ]) // { + initialize = true; + repository = "b2:felschr-backups:/${name}"; + environmentFile = "/etc/nixos/secrets/restic/b2"; + passwordFile = "/etc/nixos/secrets/restic/password"; + timerConfig = if (args ? timerConfig) then + args.timerConfig + else { + OnCalendar = "daily"; + }; + pruneOpts = [ + "--keep-daily 7" + "--keep-weekly 4" + "--keep-monthly 3" + "--keep-yearly 1" + ] ++ extraPruneOpts; + }; +} diff --git a/services/restic/home-pc.nix b/services/restic/home-pc.nix new file mode 100644 index 0000000..360a84d --- /dev/null +++ b/services/restic/home-pc.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: + +# using the restic cli: +# load credentials into shell via: export $(cat /path/to/credentials/file | xargs) +# useful commands for analysing restic stats [snapshot-id], restic diff [s1] [s2], + +with lib; +with builtins; +let common = import ./common.nix { inherit config lib pkgs; }; +in { + environment.systemPackages = with pkgs; [ restic ]; + + services.restic.backups.full = common.resticConfig { + name = "home-pc"; + dynamicFilesFrom = let + ignore = builtins.toFile "excludes" '' + /var/lib/lxcfs + /var/lib/docker + /home/*/.local/share/Trash + /home/*/.cache + /home/*/Downloads + /home/*/.npm + /home/*/.steam + /home/*/.local/share/Steam + /home/*/.local/share/lutris + /home/felschr/sync + /home/felschr/Sync + /home/felschr/keybase + ''; + in '' + ${pkgs.ripgrep}/bin/rg \ + --files /etc/nixos /var/lib /home \ + --ignore-file ${ignore} + ''; + timerConfig.OnCalendar = "0/4:00:00"; + extraPruneOpts = [ "--keep-last 6" ]; + }; +} diff --git a/services/restic/rpi4.nix b/services/restic/rpi4.nix index 038452d..8c9a1d3 100644 --- a/services/restic/rpi4.nix +++ b/services/restic/rpi4.nix @@ -6,42 +6,23 @@ with lib; with builtins; -let - hasAnyAttr = flip (attrset: any (flip hasAttr attrset)); - - resticConfig = args@{ name, extraPruneOpts ? [ ], ... }: - assert !hasAnyAttr [ - "initialize" - "repository" - "s3CredentialsFile" - "passwordFile" - "pruneOpts" - ] args; - (removeAttrs args [ "name" "extraPruneOpts" ]) // { - initialize = true; - repository = "b2:felschr-rpi4-backup:/${name}"; - environmentFile = "/etc/nixos/secrets/restic/b2"; - passwordFile = "/etc/nixos/secrets/restic/password"; - timerConfig = if (args ? timerConfig) then - args.timerConfig - else { - OnCalendar = "daily"; - }; - pruneOpts = [ - "--keep-daily 7" - "--keep-weekly 4" - "--keep-monthly 3" - "--keep-yearly 1" - ] ++ extraPruneOpts; - }; +let common = import ./common.nix { inherit config lib pkgs; }; in { environment.systemPackages = with pkgs; [ restic ]; - services.restic.backups.full = resticConfig { - name = "full"; + services.restic.backups.full = common.resticConfig { + name = "rpi4"; paths = [ "/etc/nixos" "/var/lib" "/home" ]; timerConfig.OnCalendar = "0/4:00:00"; extraPruneOpts = [ "--keep-last 6" ]; - extraOptions = [ "--exclude=/var/lib/jellyfin/transcodes" ]; + extraOptions = let + exclude = '' + /var/lib/lxcfs + /var/lib/docker + /home/*/.local/share/Trash + /home/*/.cache + /var/lib/jellyfin/transcodes + ''; + in [ "--exclude=/var/lib/jellyfin/transcodes" ]; }; }