restic: make global module

modules/nixos/services/homeserver/restic.nix

@@ -3,9 +3,6 @@
 {
   sops.secrets."restic/password" = {};
 
-  # for use as restic backend
-#  environment.systemPackages = [ pkgs.rclone ];
-
   systemd.services = {
     db-backup = {
       wantedBy = [ "restic-backups-main.service" ];
@@ -44,23 +41,6 @@
     restic-backups-main.serviceConfig.Type = "oneshot";
   };
 
-  # make wrapper to run restic rootless
-  users = {
-    users.restic = {
-      group = "restic";
-      isSystemUser = true;
-    };
-    groups.restic = {};
-  };
-
-  security.wrappers.restic = {
-    source = lib.getExe pkgs.restic;
-    owner = "restic";
-    group = "restic";
-    permissions = "500";
-    capabilities = "cap_dac_read_search+ep";
-  };
-
   services.restic.backups = {
     main = {
       user = "restic";

modules/nixos/services/restic.nix

@@ -0,0 +1,20 @@
+{ config, pkgs, ... }:
+
+{
+  # make wrapper to run restic rootless
+  users = {
+    users.restic = {
+      group = "restic";
+      isSystemUser = true;
+    };
+    groups.restic = {};
+  };
+
+  security.wrappers.restic = {
+    source = lib.getExe pkgs.restic;
+    owner = "restic";
+    group = "restic";
+    permissions = "500";
+    capabilities = "cap_dac_read_search+ep";
+  };
+}