{ config, pkgs, lib, ... }: { services.restic.backups = let localJob = name: paths: { inherit paths; repository = "/mnt/feal-syn1/backup/challenger/${name}"; passwordFile = config.sops.secrets."restic/${name}".path; initialize = true; pruneOpts = [ "--keep-daily 7" "--keep-weekly 4" "--keep-monthly 3" "--keep-yearly 10" ]; }; cloudJob = name: paths: { inherit paths; # "rsyncnet" connection details specified in /root/.ssh/config repository = "sftp://rsyncnet/restic/challenger/${name}"; passwordFile = config.sops.secrets."restic/${name}".path; initialize = true; pruneOpts = [ # rsync.net keeps daily snapshots "--keep-weekly 4" "--keep-monthly 36" ]; }; in { # Calibre metadata and config calibre = localJob "calibre" [ "/var/lib/calibre-web" "/var/lib/calibre-server" ]; media = localJob "media" [ "/tank/media/music" "/tank/media/books" ]; media-remote = cloudJob "media" [ "/tank/media/music" "/tank/media/books" ] // { pruneOpts = [ "--keep-monthly 12" ]; }; # Nextcloud config and data nextcloud = localJob "nextcloud" [ "/tank/nextcloud" ]; nextcloud-remote = cloudJob "nextcloud" [ "/tank/nextcloud" ]; postgres = (localJob "postgres" [ "/var/backup/postgres" ]) // { timerConfig.OnCalendar = "05:15"; # 2h after postgresqlBackup }; postgres-remote = (cloudJob "postgres" [ "/var/backup/postgres" ]) // { timerConfig.OnCalendar = "05:15"; # 2h after postgresqlBackup }; # Transmission metadata/config transmission = localJob "transmission" [ "/var/lib/transmission" ]; # TODO: timemachine, komga }; sops.secrets."restic/calibre" = { }; sops.secrets."restic/media" = { }; sops.secrets."restic/nextcloud" = { }; sops.secrets."restic/postgres" = { }; sops.secrets."restic/transmission" = { }; environment.systemPackages = with pkgs; [ restic ]; }