Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c0d51ee06defd894496c0c9e2539de5f7734d6a6
nixos/utils/modules/borgbackup.nix
Dominik Polakovics 92099bd1e9 many changes
2024-09-03 14:47:06 +02:00

100 lines
2.8 KiB
Nix
Raw Blame History

{ pkgs, config, lib, ... }:
let
repo = config.borgbackup.repo;
#repo = config.borgrepo;
#repo = "u149513-sub3@u149513-sub3.your-backup.de:borg";
borgMount = pkgs.writeShellScriptBin "borg-mount" ''
export BORG_PASSCOMMAND='cat ${config.sops.secrets.borg-passphrase.path}'
borg mount --rsh "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}" ${repo}::$1 $2
'';
borgList = pkgs.writeShellScriptBin "borg-list" ''
export BORG_PASSCOMMAND='cat ${config.sops.secrets.borg-passphrase.path}'
borg --rsh "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}" list ${repo}
'';
borgBackup = pkgs.writeShellScriptBin "borg-backup" ''
systemctl restart borgbackup-job-default.service
'';
borgRestore = pkgs.writeShellScriptBin "borg-restore" ''
cd /
export BORG_PASSCOMMAND='cat ${config.sops.secrets.borg-passphrase.path}'
borg --rsh "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}" list ${repo}
borg extract --list --rsh "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}" ${repo}::$1
'';
borgDelete = pkgs.writeShellScriptBin "borg-delete" ''
export BORG_PASSCOMMAND='cat ${config.sops.secrets.borg-passphrase.path}'
borg delete --rsh "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}" ${repo}::$1
borg compact --rsh "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}" ${repo}
'';
in {
options = with lib; with types; {
borgbackup = mkOption {
description = "Options for borg module";
type = submodule {
options.repo = mkOption {
type = types.str;
description = "borg repo";
};
};
};
};
config = {
sops.secrets.borg-passphrase = {};
sops.secrets.borg-ssh-key = {};
environment.systemPackages = [
borgMount
borgList
borgBackup
borgRestore
borgDelete
];
services.borgbackup.jobs.default = {
paths = [
"/home"
"/var"
"/root"
];
exclude = [
# already included in database backup
"/var/lib/mysql"
"/var/lib/postgresql"
# dont backup container stuff
"/var/lib/docker/"
"/var/lib/containers/"
"/var/lib/containerd"
# dont backup nextcloud as it is already backed up
"/var/lib/nextcloud/"
# dont backup logs and temp stuff
"/var/log"
"/var/cache"
"/var/tmp"
"/var/log"
];
environment.BORG_RSH = "ssh -p23 -i ${config.sops.secrets.borg-ssh-key.path}";
repo = repo;
encryption = {
mode = "repokey";
passCommand = "cat ${config.sops.secrets.borg-passphrase.path}";
};
compression = "auto,zstd";
startAt = "*-*-* 03:00:00";
prune.keep = {
within = "1d"; # Keep all archives from the last day
daily = 7;
weekly = 4;
monthly = 6;
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink