let volumePath = "/overseer/services"; restic-default = { user = "root"; timerConfig = { OnCalendar = "hourly"; Persistent = true; }; # paths = [ # # Pocket-ID # "/var/lib/pocket-id" # "/var/lib/forgejo" # "/var/lib/mealie" # # lubelogger.nix # "${volumePath}/lubelogger" # # trilium.nix # "/var/lib/trilium/backup" # # actualbudget # "${volumePath}/actualbudget" # "/var/lib/tuwunel" # "/var/lib/paperless/export" # "/var/lib/octoprint" # ]; }; in { lib, config, ... }: { # Restic secrets sops.secrets = { "restic/borg-base/url" = { }; "restic/borg-base/key" = { }; "restic/hetzner-handlerone/url" = { }; "restic/hetzner-handlerone/key" = { }; }; services.restic.backups = { borg-base = restic-default // { repositoryFile = config.sops.secrets."restic/borg-base/url".path; passwordFile = config.sops.secrets."restic/borg-base/key".path; paths = [ # Pocket-ID "/var/lib/pocket-id" "/var/lib/forgejo" "/var/lib/mealie" # lubelogger.nix "${volumePath}/lubelogger" # trilium.nix "/var/lib/trilium/backup" # actualbudget "${volumePath}/actualbudget" "/var/lib/tuwunel" "/var/lib/paperless/export" "/var/lib/octoprint" ]; }; hetzner-handlerone = restic-default // { initialize = true; extraOptions = [ "sftp.args='-i /etc/ssh/ssh_host_ed25519_key -p 23'" ]; repositoryFile = config.sops.secrets."restic/hetzner-handlerone/url".path; passwordFile = config.sops.secrets."restic/hetzner-handlerone/key".path; paths = [ "/home/crow/swgalaxysite/public_html" "/home/crow/flamebandsite/public_html" # Pocket-ID "/var/lib/pocket-id" "/var/lib/forgejo" "/var/lib/mealie" # lubelogger.nix "${volumePath}/lubelogger" # trilium.nix "/var/lib/trilium/backup" # actualbudget "${volumePath}/actualbudget" "/var/lib/tuwunel" "/var/lib/paperless/export" "/var/lib/octoprint" ]; }; }; }