crony/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(desktop): local restic backup.

Browse source
This commit is contained in:
CronyAkatsuki 2025-06-22 09:09:36 +02:00
parent 33f606aebf
commit 64a1ecc15e
6 changed files with 144 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/ymir/home.nix
View file

@ -7,6 +7,7 @@
inputs.nvf.homeManagerModules.default inputs.nvf.homeManagerModules.default
inputs.nix-index-database.hmModules.nix-index inputs.nix-index-database.hmModules.nix-index
inputs.nix-flatpak.homeManagerModules.nix-flatpak inputs.nix-flatpak.homeManagerModules.nix-flatpak
inputs.agenix.homeManagerModules.default
]; ];
# Some info # Some info
@ -33,6 +34,8 @@
crony.wayland.enable = true; crony.wayland.enable = true;
crony.river.enable = false; crony.river.enable = false;
crony.hyprland.enable = true; crony.hyprland.enable = true;
crony.home-secrets.enable = true;
crony.restic.enable = true;
# DO NOT CHANGE ALSO # DO NOT CHANGE ALSO
home.stateVersion = "24.11"; # Please read the comment before changing. home.stateVersion = "24.11"; # Please read the comment before changing.

2
modules/linux/home-manager/default.nix
View file

@ -18,6 +18,7 @@
./wayland.nix ./wayland.nix
./river.nix ./river.nix
./pipewire.nix ./pipewire.nix
./secrets.nix
]; ];
crony.river.enable = lib.mkDefault false; crony.river.enable = lib.mkDefault false;
@ -38,4 +39,5 @@
crony.newsboat.enable = lib.mkDefault false; crony.newsboat.enable = lib.mkDefault false;
crony.xdg-user-dirs.enable = lib.mkDefault true; crony.xdg-user-dirs.enable = lib.mkDefault true;
crony.pipewire.enable = lib.mkDefault true; crony.pipewire.enable = lib.mkDefault true;
crony.home-secrets.enable = lib.mkDefault false;
} }

168
modules/linux/home-manager/restic.nix
View file

@ -14,79 +14,105 @@
restic restic
]; ];
# Restic home manager service
services.restic = {
enable = true;
backups = {
local = {
initialize = true;
passwordFile = "/run/user/1000/agenix/restic-local-pass";
paths = [
"/home/crony/.face"
"/home/crony/.librewolf"
"/home/crony/.ssh"
"/home/crony/.config/heroic"
"/home/crony/.config/nbfc.json"
"/home/crony/.config/OpenTabletDriver"
"/home/crony/.config/tridactyl"
"/home/crony/.local/share/gnupg"
"/home/crony/.local/share/osu"
"/home/crony/docs/sync"
"/home/crony/docs/wireguard-keys"
"/home/crony/pics"
];
repository = "/home/crony/.local/backup";
};
};
};
##-- Restic Timers And Services --## ##-- Restic Timers And Services --##
# Restic backup # Restic backup
systemd.user.services = { # systemd.user.services = {
restic_backup = { # restic_backup = {
Unit.Description = "Restic backup service"; # Unit.Description = "Restic backup service";
Service = { # Service = {
Type = "oneshot"; # Type = "oneshot";
ExecStart = toString (pkgs.writeShellScript "restic-backup" '' # ExecStart = toString (pkgs.writeShellScript "restic-backup" ''
. /etc/restic/local # . /etc/restic/local
restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12 # restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12
. /etc/restic/online # . /etc/restic/online
restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12 # restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12
rsync -avP --delete "$HOME/.local/backup/" "$HOME/Documents/Share/backup" # rsync -avP --delete "$HOME/.local/backup/" "$HOME/Documents/Share/backup"
''); # '');
}; # };
}; # };
}; # };
systemd.user.timers = { # systemd.user.timers = {
restic_backup = { # restic_backup = {
Unit.Description = "Restic backup timer"; # Unit.Description = "Restic backup timer";
Timer = { # Timer = {
OnBootSec = "5m"; # OnBootSec = "5m";
OnUnitActiveSec = "6h"; # OnUnitActiveSec = "6h";
}; # };
Install.WantedBy = ["timers.target"]; # Install.WantedBy = ["timers.target"];
}; # };
}; # };
#
# Restic check # # Restic check
systemd.user.services = { # systemd.user.services = {
restic_check = { # restic_check = {
Unit.Description = "Restic check service"; # Unit.Description = "Restic check service";
Service = { # Service = {
Type = "oneshot"; # Type = "oneshot";
ExecStart = toString (pkgs.writeShellScript "restic-check" '' # ExecStart = toString (pkgs.writeShellScript "restic-check" ''
. /etc/restic/local # . /etc/restic/local
restic check --read-data-subset=10% # restic check --read-data-subset=10%
. /etc/restic/online # . /etc/restic/online
restic check --read-data-subset=10% # restic check --read-data-subset=10%
''); # '');
}; # };
}; # };
}; # };
systemd.user.timers = { # systemd.user.timers = {
restic_check = { # restic_check = {
Unit.Description = "Restic check timer"; # Unit.Description = "Restic check timer";
Timer = {OnCalendar = "Thu *-*-* 18:00:00";}; # Timer = {OnCalendar = "Thu *-*-* 18:00:00";};
Install.WantedBy = ["timers.target"]; # Install.WantedBy = ["timers.target"];
}; # };
}; # };
#
# Restic prune # # Restic prune
systemd.user.services = { # systemd.user.services = {
restic_prune = { # restic_prune = {
Unit.Description = "Restic prune service"; # Unit.Description = "Restic prune service";
Service = { # Service = {
Type = "oneshot"; # Type = "oneshot";
ExecStart = toString (pkgs.writeShellScript "restic-prune" '' # ExecStart = toString (pkgs.writeShellScript "restic-prune" ''
. /etc/restic/local # . /etc/restic/local
restic prune # restic prune
. /etc/restic/online # . /etc/restic/online
restic prune # restic prune
''); # '');
}; # };
}; # };
}; # };
systemd.user.timers = { # systemd.user.timers = {
restic_prune = { # restic_prune = {
Unit.Description = "Restic prune timer"; # Unit.Description = "Restic prune timer";
Timer = {OnCalendar = "Fri *-*-* 18:00:00";}; # Timer = {OnCalendar = "Fri *-*-* 18:00:00";};
Install.WantedBy = ["timers.target"]; # Install.WantedBy = ["timers.target"];
}; # };
}; # };
}; };
} }

19
modules/linux/home-manager/secrets.nix Normal file
View file

@ -0,0 +1,19 @@
{
config,
lib,
...
}: {
options = {
crony.home-secrets.enable = lib.mkEnableOption "Enable home-manager secrets.";
};
config = lib.mkIf config.crony.home-secrets.enable {
age = {
secrets = {
restic-local-pass = {
file = ../../../secrets/restic-local-pass.age;
};
};
identityPaths = ["/home/crony/.ssh/main" "/root/.ssh/id_ed25519"];
};
};
}

22
secrets/restic-local-pass.age Normal file
View file

@ -0,0 +1,22 @@
age-encryption.org/v1
-> ssh-ed25519 2P4nKw VpIFPHc2sG0Fr7RaSp1sp27+igiSOEpMagaWf/CRyW4
4kM2KwNG47E+XOszulTU1WAiktOYwTdff4CzsSX5dWo
-> ssh-ed25519 6+hQpQ akYAB5TgKkdWyPzW75YKkol/pNMKmi6eSRM0Smkg7ws
XE4gqMqaqUVMJ77kTYuLM8lxJ74rUb+o1/K+ptSn40g
-> ssh-ed25519 l/ODWA 5QQ6PCjRv62Qj+OObHd7f9Ybcv7ubr8j3Kx80MfDGAE
xNS4gaNPz2pbjcVatSivKz74dUwZKPTGeIeFLChJ0WI
-> ssh-ed25519 7+5K3Q AVBWlQIvjfvKc8vl0Ln1cEuDgy3AdFWD8/IhwubVWyc
KjiIFfbQDbr0+uNsauuxE9P7ZEtfsOfPM9FXjtbWl+0
-> ssh-ed25519 Ow0TGw tyX1hPmyMX8OLn4HJCgJLOGNvEcBIMs/ehfm1atVMzY
pb1w/4/DGvudQKX9U2cxDK9AYrMtZ1kdLEmEYEEC4zg
-> ssh-ed25519 cEINMA Qw1dm3Tp101EDjDLNPkE7xW6x4I8uzq3hxbwEbvTdkE
UlQI8Lhz+awc9ZCfmhGsnaSn9iL0N1o7XwuZxEGqp1s
-> ssh-ed25519 qbMKrQ mob4CL0vPjLsQWQeX957aRoZiY45Ii57gycZNORSV3E
JxRsxxGhI9QtRmuTLIfBMJBQNnzx2/WQSKX4GTzK0zs
-> ssh-ed25519 GNZYRg 6H2FkkW8CnZPIbnMvqGXVRNWBsGshCf8zN1qN6A3l1g
5HgAQVUNUJHHzc6Iy60VhvKUPkqMT9qzwtZLQws6h0w
-> ssh-ed25519 fd/ZLQ NyzeGuA76toU8gkkNnZk+A6WcURFH5EwfcMw2rlA2kY
99rQUY+TjYnpQCDKpNOQtH7+GK+KnZ5Dl/HZYvYYLSI
--- Ut8YQYzHvhr88Rze/lkF/veN29jkIJqFY5MoUOKdGhk
ÝHg/©rXºÒi-;ñ<>¤ò¶à—©QËâW_v>
wgpîªú9„Òý:v]K#^7DSªKà,º†sý<0E>·­ A>ªç®èrÎfß:wtŠ¤d~a¤‰ú<E280B0>z?C/ˆ¸<02>Z'IT ': [D™quQPçµÁA³VD<«`\å}¦`6?¢±ü5ú~N2b{<7B>¡ðLÏVí¢æ„'$JŠ¬¼Ì<C2BC>OHÔVg¦Ïh„<68>ê¬&œÿÓw6üŽ5ˆêÝ®³ý2¡†G¿ ×uÍY¹ö,ÅZ© ˆ`

1
secrets/secrets.nix
View file

@ -29,4 +29,5 @@ in {
"crony-passwd-desktop.age".publicKeys = systems ++ users; "crony-passwd-desktop.age".publicKeys = systems ++ users;
"crony-passwd-servers.age".publicKeys = systems ++ users; "crony-passwd-servers.age".publicKeys = systems ++ users;
"root-passwd.age".publicKeys = systems ++ users; "root-passwd.age".publicKeys = systems ++ users;
"restic-local-pass.age".publicKeys = systems ++ users;
} }