modules/nixos/backup.nix at deck

hyl.st / helm

fork atom

nix config

fork atom

helm / modules / nixos / backup.nix

at deck 53 lines 1.5 kB view raw

wrap content

Anish Lakhwara update backup module to use /run/agenix/borg-key for key location 3y ago

b8d7e411

 1# TODO: 
 2# This currently works on a per host basis, and the host file has to define all the locations it wants to back up.
 3# Ideally, this would create a job for each profile instead, so the backup strategy is included in the profile regardless of host
 4{ config, lib, pkgs, ... }:
 5with lib;
 6let
 7  cfg = config.mossnet.backup;
 8in
 9{
10  options = {
11    mossnet.backup = {
12      enable = mkEnableOption "Backup module using borg for Anish's computer nursery";
13      name = lib.mkOption {
14        type = types.str;
15        default = { };
16        example = literalExample ''
17          mossnet
18        '';
19        description = ''
20          name for the backup operator
21        '';
22      };
23      paths = lib.mkOption {
24        type = with types; listOf str;
25        default = { };
26        example = literalExample ''
27          [ "/home/anish/usr" ];
28        '';
29        description = ''
30          A list of folders to backup
31        '';
32      };
33    };
34  };
35
36  config = mkIf cfg.enable {
37    services.borgbackup.jobs = {
38      "${cfg.name}" = {
39        paths = cfg.paths;
40        doInit = true;
41        repo = "20779@hk-s020.rsync.net:${cfg.name}";
42        encryption = {
43          mode = "repokey-blake2";
44          passCommand = "cat /run/agenix/borg-password";
45        };
46        environment = { BORG_RSH = "ssh -i /run/agenix/borg-key"; };
47        compression = "auto,lzma";
48        startAt = "daily";
49        extraArgs = "--remote-path=borg1";
50      };
51    };
52  };
53}