feat: enable restic for home-pc

home-pc.nix

@@ -11,6 +11,7 @@
     ./desktop
     ./virtualisation/docker.nix
     ./services/syncthing/felix-nixos.nix
+    ./services/restic/home-pc.nix
     ./services/pcscd.nix
   ];
 

services/restic/common.nix

@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+# using the restic cli:
+# load credentials into shell via: export $(cat /path/to/credentials/file | xargs)
+# useful commands for analysing restic stats [snapshot-id], restic diff [s1] [s2],
+
+with lib;
+with builtins;
+let hasAnyAttr = flip (attrset: any (flip hasAttr attrset));
+in {
+  resticConfig = args@{ name, extraPruneOpts ? [ ], ... }:
+    assert !hasAnyAttr [
+      "initialize"
+      "repository"
+      "s3CredentialsFile"
+      "passwordFile"
+      "pruneOpts"
+    ] args;
+    (removeAttrs args [ "name" "extraPruneOpts" ]) // {
+      initialize = true;
+      repository = "b2:felschr-backups:/${name}";
+      environmentFile = "/etc/nixos/secrets/restic/b2";
+      passwordFile = "/etc/nixos/secrets/restic/password";
+      timerConfig = if (args ? timerConfig) then
+        args.timerConfig
+      else {
+        OnCalendar = "daily";
+      };
+      pruneOpts = [
+        "--keep-daily 7"
+        "--keep-weekly 4"
+        "--keep-monthly 3"
+        "--keep-yearly 1"
+      ] ++ extraPruneOpts;
+    };
+}

services/restic/home-pc.nix

@@ -0,0 +1,38 @@
+{ config, lib, pkgs, ... }:
+
+# using the restic cli:
+# load credentials into shell via: export $(cat /path/to/credentials/file | xargs)
+# useful commands for analysing restic stats [snapshot-id], restic diff [s1] [s2],
+
+with lib;
+with builtins;
+let common = import ./common.nix { inherit config lib pkgs; };
+in {
+  environment.systemPackages = with pkgs; [ restic ];
+
+  services.restic.backups.full = common.resticConfig {
+    name = "home-pc";
+    dynamicFilesFrom = let
+      ignore = builtins.toFile "excludes" ''
+        /var/lib/lxcfs
+        /var/lib/docker
+        /home/*/.local/share/Trash
+        /home/*/.cache
+        /home/*/Downloads
+        /home/*/.npm
+        /home/*/.steam
+        /home/*/.local/share/Steam
+        /home/*/.local/share/lutris
+        /home/felschr/sync
+        /home/felschr/Sync
+        /home/felschr/keybase
+      '';
+    in ''
+      ${pkgs.ripgrep}/bin/rg \
+        --files /etc/nixos /var/lib /home \
+        --ignore-file ${ignore}
+    '';
+    timerConfig.OnCalendar = "0/4:00:00";
+    extraPruneOpts = [ "--keep-last 6" ];
+  };
+}

services/restic/rpi4.nix

@@ -6,42 +6,23 @@
 
 with lib;
 with builtins;
-let
+let common = import ./common.nix { inherit config lib pkgs; };
-  hasAnyAttr = flip (attrset: any (flip hasAttr attrset));
-
-  resticConfig = args@{ name, extraPruneOpts ? [ ], ... }:
-    assert !hasAnyAttr [
-      "initialize"
-      "repository"
-      "s3CredentialsFile"
-      "passwordFile"
-      "pruneOpts"
-    ] args;
-    (removeAttrs args [ "name" "extraPruneOpts" ]) // {
-      initialize = true;
-      repository = "b2:felschr-rpi4-backup:/${name}";
-      environmentFile = "/etc/nixos/secrets/restic/b2";
-      passwordFile = "/etc/nixos/secrets/restic/password";
-      timerConfig = if (args ? timerConfig) then
-        args.timerConfig
-      else {
-        OnCalendar = "daily";
-      };
-      pruneOpts = [
-        "--keep-daily 7"
-        "--keep-weekly 4"
-        "--keep-monthly 3"
-        "--keep-yearly 1"
-      ] ++ extraPruneOpts;
-    };
 in {
   environment.systemPackages = with pkgs; [ restic ];
 
-  services.restic.backups.full = resticConfig {
+  services.restic.backups.full = common.resticConfig {
-    name = "full";
+    name = "rpi4";
     paths = [ "/etc/nixos" "/var/lib" "/home" ];
     timerConfig.OnCalendar = "0/4:00:00";
     extraPruneOpts = [ "--keep-last 6" ];
-    extraOptions = [ "--exclude=/var/lib/jellyfin/transcodes" ];
+    extraOptions = let
+      exclude = ''
+        /var/lib/lxcfs
+        /var/lib/docker
+        /home/*/.local/share/Trash
+        /home/*/.cache
+        /var/lib/jellyfin/transcodes
+      '';
+    in [ "--exclude=/var/lib/jellyfin/transcodes" ];
   };
 }