puter/hosts/headless/vessel/backup.nix

{
  attrName,
  config,
  lib,
  pkgs,
  ...
}: let
  backups = {
    music = "/srv/music";
    safe = "/srv/safe";
    storage = "/srv/storage";
    sync = config.services.syncthing.dataDir;
  };
in {
  systemd = lib.mkMerge (map (
    backupName: let
      systemdName = "${backupName}-backup";
    in {
      timers.${systemdName} = {
        description = "Local rsync Backup ${backupName}";
        wantedBy = ["timers.target"];
        timerConfig = {
          OnCalendar = "*-*-* 03:00:00"; # TODO
          Persistent = true;
          Unit = "${systemdName}.service"; # TODO
        };
      };

      services.${systemdName} = {
        description = "Local rsync Backup ${backupName}";
        serviceConfig = {
          Type = "oneshot";
          User = "root";
          Group = "root";
        };
        # TODO
        script = ''
          ${lib.getExe pkgs.rsync} --verbose --verbose --archive --update --delete --mkpath -- ${backups.${backupName}}/ /srv/backup/${backupName}/
        '';
      };
    }
  ) (lib.attrNames backups));

  age.secrets = lib.mkSecrets {"restic-${attrName}" = {};};

  services.restic.backups.${attrName} = {
    repository = "sftp:u385962@u385962.your-storagebox.de:/restic/${attrName}";
    initialize = true;
    paths = [
      backups.safe
      backups.sync
    ];
    passwordFile = config.age.secrets."restic-${attrName}".path;
    pruneOpts = ["--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12"];
    timerConfig = {
      OnCalendar = "*-*-* 03:00:00"; # TODO
      Persistent = true;
    };
    extraOptions = ["sftp.args='-i /etc/ssh/ssh_host_ed25519_key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'"];
  };
}
init 2024-02-04 20:51:11 +00:00			`{`
backups 2024-02-26 18:27:27 +00:00			`attrName,`
			`config,`
init 2024-02-04 20:51:11 +00:00			`lib,`
backups 2024-02-26 18:27:27 +00:00			`pkgs,`
init 2024-02-04 20:51:11 +00:00			`...`
backups 2024-02-26 18:27:27 +00:00			`}: let`
stuff 2024-08-18 12:54:44 +00:00			`backups = {`
stuff 2024-09-15 12:16:32 +00:00			`music = "/srv/music";`
stuff 2024-08-18 12:54:44 +00:00			`safe = "/srv/safe";`
stuff 2024-09-15 12:16:32 +00:00			`storage = "/srv/storage";`
stuff 2024-08-18 12:54:44 +00:00			`sync = config.services.syncthing.dataDir;`
			`};`
snapshot 2024-08-18 00:55:37 +00:00			`in {`
			`systemd = lib.mkMerge (map (`
stuff 2024-08-18 12:54:44 +00:00			`backupName: let`
			`systemdName = "${backupName}-backup";`
			`in {`
			`timers.${systemdName} = {`
			`description = "Local rsync Backup ${backupName}";`
			`wantedBy = ["timers.target"];`
			`timerConfig = {`
fix 2025-01-05 00:06:14 +00:00			`OnCalendar = "--* 03:00:00"; # TODO`
stuff 2024-08-18 12:54:44 +00:00			`Persistent = true;`
fix 2025-01-05 00:06:14 +00:00			`Unit = "${systemdName}.service"; # TODO`
snapshot 2024-08-18 00:55:37 +00:00			`};`
stuff 2024-08-18 12:54:44 +00:00			`};`
init 2024-02-04 20:51:11 +00:00
stuff 2024-08-18 12:54:44 +00:00			`services.${systemdName} = {`
			`description = "Local rsync Backup ${backupName}";`
			`serviceConfig = {`
			`Type = "oneshot";`
			`User = "root";`
			`Group = "root";`
snapshot 2024-08-18 00:55:37 +00:00			`};`
fix 2025-01-05 00:06:14 +00:00			`# TODO`
stuff 2024-08-18 12:54:44 +00:00			`script = ''`
stuff 2024-09-15 12:16:32 +00:00			`${lib.getExe pkgs.rsync} --verbose --verbose --archive --update --delete --mkpath -- ${backups.${backupName}}/ /srv/backup/${backupName}/`
stuff 2024-08-18 12:54:44 +00:00			`'';`
			`};`
			`}`
			`) (lib.attrNames backups));`
init 2024-02-04 20:51:11 +00:00
snapshot 2024-12-01 03:05:16 +00:00			`age.secrets = lib.mkSecrets {"restic-${attrName}" = {};};`
backups 2024-02-26 18:27:27 +00:00
			`services.restic.backups.${attrName} = {`
fixes 2024-02-27 20:37:58 +00:00			`repository = "sftp:u385962@u385962.your-storagebox.de:/restic/${attrName}";`
backups 2024-02-26 18:27:27 +00:00			`initialize = true;`
stuff 2024-08-18 12:54:44 +00:00			`paths = [`
			`backups.safe`
			`backups.sync`
			`];`
backups 2024-02-26 18:27:27 +00:00			`passwordFile = config.age.secrets."restic-${attrName}".path;`
			`pruneOpts = ["--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12"];`
improvements 2024-03-08 21:46:46 +00:00			`timerConfig = {`
fix 2025-01-05 00:06:14 +00:00			`OnCalendar = "--* 03:00:00"; # TODO`
improvements 2024-03-08 21:46:46 +00:00			`Persistent = true;`
backups 2024-02-26 18:27:27 +00:00			`};`
improvements 2024-03-08 21:46:46 +00:00			`extraOptions = ["sftp.args='-i /etc/ssh/ssh_host_ed25519_key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'"];`
backups 2024-02-26 18:27:27 +00:00			`};`
init 2024-02-04 20:51:11 +00:00			`}`