wo2w/nixos-config
1
0
Fork 0
Code Issues Pull requests Activity

restic(homeserver): add offsite backup

Browse source
This commit is contained in:
wo2w 2026-02-08 13:01:18 -05:00
parent fc6dba68aa
commit c3d3bed26a
2 changed files with 32 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

33
modules/nixos/services/homeserver/restic/backups.nix
View file

@ -4,12 +4,14 @@
sops.secrets = { sops.secrets = {
"restic/password" = {}; "restic/password" = {};
"restic/rest-auth.env" = {}; "restic/rest-auth.env" = {};
"restic/rclone/onedrive" = {};
}; };
systemd.services = { systemd.services = {
db-backup = { db-backup = {
wantedBy = [ "restic-backups-main.service" ]; wantedBy = [ "restic-backups-main.service" "restic-backups-offsite.service" ];
before = [ "restic-backups-main.service" ]; before = [ "restic-backups-main.service" "restic-backups-offsite.service" ];
script = '' script = ''
DB_BACKUP_DIR=/var/backups/db-backup DB_BACKUP_DIR=/var/backups/db-backup
@ -36,8 +38,8 @@
}; };
db-backup-cleanup = { db-backup-cleanup = {
wantedBy = [ "restic-backups-main.service" ]; wantedBy = [ "restic-backups-main.service" "restic-backups-offsite.service" ];
after = [ "restic-backups-main.service" ]; after = [ "restic-backups-main.service" "restic-backups-offsite.service" ];
script = "rm -r /var/backups/db-backup"; script = "rm -r /var/backups/db-backup";
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
}; };
@ -83,6 +85,27 @@
]; ];
}; };
services.restic.backups.offsite = {
user = "restic-backup";
package = pkgs.writeShellScriptBin "restic" ''
exec /run/wrappers/bin/restic "$@"
'';
passwordFile = config.sops.secrets."restic/password".path;
timerConfig = {
OnCalendar = "03:05";
Persistent = true;
};
repository = "rclone:remote:restic/drone";
initialize = true;
rcloneConfigFile = config.sops.secrets."restic/rclone/onedrive".path;
rcloneOptions = { temp-dir = "/tmp"; };
paths = config.services.restic.backups.main.paths;
exclude = config.services.restic.backups.main.exclude;
};
services.restic.backups.syncthing = { services.restic.backups.syncthing = {
user = "restic-backup"; user = "restic-backup";
package = pkgs.writeShellScriptBin "restic" '' package = pkgs.writeShellScriptBin "restic" ''
@ -92,7 +115,7 @@
environmentFile = config.sops.secrets."restic/rest-auth.env".path; environmentFile = config.sops.secrets."restic/rest-auth.env".path;
passwordFile = config.sops.secrets."restic/password".path; passwordFile = config.sops.secrets."restic/password".path;
timerConfig = { timerConfig = {
OnCalendar = "03:05"; OnCalendar = "03:10";
Persistent = true; Persistent = true;
}; };

6
secrets/drone.yaml
View file

File diff suppressed because one or more lines are too long