crony/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(desktop): local restic backup.

Browse source
This commit is contained in:
CronyAkatsuki 2025-06-22 09:09:36 +02:00
parent 33f606aebf
commit 64a1ecc15e
6 changed files with 144 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/ymir/home.nix
View file

@ -7,6 +7,7 @@
inputs.nvf.homeManagerModules.default
inputs.nix-index-database.hmModules.nix-index
inputs.nix-flatpak.homeManagerModules.nix-flatpak
inputs.agenix.homeManagerModules.default
];
# Some info
@ -33,6 +34,8 @@
crony.wayland.enable = true;
crony.river.enable = false;
crony.hyprland.enable = true;
crony.home-secrets.enable = true;
crony.restic.enable = true;
# DO NOT CHANGE ALSO
home.stateVersion = "24.11"; # Please read the comment before changing.

2
modules/linux/home-manager/default.nix
View file

@ -18,6 +18,7 @@
./wayland.nix
./river.nix
./pipewire.nix
./secrets.nix
];
crony.river.enable = lib.mkDefault false;
@ -38,4 +39,5 @@
crony.newsboat.enable = lib.mkDefault false;
crony.xdg-user-dirs.enable = lib.mkDefault true;
crony.pipewire.enable = lib.mkDefault true;
crony.home-secrets.enable = lib.mkDefault false;
}

168
modules/linux/home-manager/restic.nix
View file

@ -14,79 +14,105 @@
restic
];
# Restic home manager service
services.restic = {
enable = true;
backups = {
local = {
initialize = true;
passwordFile = "/run/user/1000/agenix/restic-local-pass";
paths = [
"/home/crony/.face"
"/home/crony/.librewolf"
"/home/crony/.ssh"
"/home/crony/.config/heroic"
"/home/crony/.config/nbfc.json"
"/home/crony/.config/OpenTabletDriver"
"/home/crony/.config/tridactyl"
"/home/crony/.local/share/gnupg"
"/home/crony/.local/share/osu"
"/home/crony/docs/sync"
"/home/crony/docs/wireguard-keys"
"/home/crony/pics"
];
repository = "/home/crony/.local/backup";
};
};
};
##-- Restic Timers And Services --##
# Restic backup
systemd.user.services = {
restic_backup = {
Unit.Description = "Restic backup service";
Service = {
Type = "oneshot";
ExecStart = toString (pkgs.writeShellScript "restic-backup" ''
. /etc/restic/local
restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12
. /etc/restic/online
restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12
rsync -avP --delete "$HOME/.local/backup/" "$HOME/Documents/Share/backup"
'');
};
};
};
systemd.user.timers = {
restic_backup = {
Unit.Description = "Restic backup timer";
Timer = {
OnBootSec = "5m";
OnUnitActiveSec = "6h";
};
Install.WantedBy = ["timers.target"];
};
};
# Restic check
systemd.user.services = {
restic_check = {
Unit.Description = "Restic check service";
Service = {
Type = "oneshot";
ExecStart = toString (pkgs.writeShellScript "restic-check" ''
. /etc/restic/local
restic check --read-data-subset=10%
. /etc/restic/online
restic check --read-data-subset=10%
'');
};
};
};
systemd.user.timers = {
restic_check = {
Unit.Description = "Restic check timer";
Timer = {OnCalendar = "Thu *-*-* 18:00:00";};
Install.WantedBy = ["timers.target"];
};
};
# Restic prune
systemd.user.services = {
restic_prune = {
Unit.Description = "Restic prune service";
Service = {
Type = "oneshot";
ExecStart = toString (pkgs.writeShellScript "restic-prune" ''
. /etc/restic/local
restic prune
. /etc/restic/online
restic prune
'');
};
};
};
systemd.user.timers = {
restic_prune = {
Unit.Description = "Restic prune timer";
Timer = {OnCalendar = "Fri *-*-* 18:00:00";};
Install.WantedBy = ["timers.target"];
};
};
# systemd.user.services = {
# restic_backup = {
# Unit.Description = "Restic backup service";
# Service = {
# Type = "oneshot";
# ExecStart = toString (pkgs.writeShellScript "restic-backup" ''
# . /etc/restic/local
# restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12
# . /etc/restic/online
# restic backup --files-from /home/crony/.config/restic/list --verbose && restic forget --keep-last 10 --keep-daily 7 --keep-weekly 5 --keep-monthly 12
# rsync -avP --delete "$HOME/.local/backup/" "$HOME/Documents/Share/backup"
# '');
# };
# };
# };
# systemd.user.timers = {
# restic_backup = {
# Unit.Description = "Restic backup timer";
# Timer = {
# OnBootSec = "5m";
# OnUnitActiveSec = "6h";
# };
# Install.WantedBy = ["timers.target"];
# };
# };
#
# # Restic check
# systemd.user.services = {
# restic_check = {
# Unit.Description = "Restic check service";
# Service = {
# Type = "oneshot";
# ExecStart = toString (pkgs.writeShellScript "restic-check" ''
# . /etc/restic/local
# restic check --read-data-subset=10%
# . /etc/restic/online
# restic check --read-data-subset=10%
# '');
# };
# };
# };
# systemd.user.timers = {
# restic_check = {
# Unit.Description = "Restic check timer";
# Timer = {OnCalendar = "Thu *-*-* 18:00:00";};
# Install.WantedBy = ["timers.target"];
# };
# };
#
# # Restic prune
# systemd.user.services = {
# restic_prune = {
# Unit.Description = "Restic prune service";
# Service = {
# Type = "oneshot";
# ExecStart = toString (pkgs.writeShellScript "restic-prune" ''
# . /etc/restic/local
# restic prune
# . /etc/restic/online
# restic prune
# '');
# };
# };
# };
# systemd.user.timers = {
# restic_prune = {
# Unit.Description = "Restic prune timer";
# Timer = {OnCalendar = "Fri *-*-* 18:00:00";};
# Install.WantedBy = ["timers.target"];
# };
# };
};
}

19
modules/linux/home-manager/secrets.nix Normal file
View file

@ -0,0 +1,19 @@
{
config,
lib,
...
}: {
options = {
crony.home-secrets.enable = lib.mkEnableOption "Enable home-manager secrets.";
};
config = lib.mkIf config.crony.home-secrets.enable {
age = {
secrets = {
restic-local-pass = {
file = ../../../secrets/restic-local-pass.age;
};
};
identityPaths = ["/home/crony/.ssh/main" "/root/.ssh/id_ed25519"];
};
};
}

22
secrets/restic-local-pass.age Normal file
View file

@ -0,0 +1,22 @@
age-encryption.org/v1
-> ssh-ed25519 2P4nKw VpIFPHc2sG0Fr7RaSp1sp27+igiSOEpMagaWf/CRyW4
4kM2KwNG47E+XOszulTU1WAiktOYwTdff4CzsSX5dWo
-> ssh-ed25519 6+hQpQ akYAB5TgKkdWyPzW75YKkol/pNMKmi6eSRM0Smkg7ws
XE4gqMqaqUVMJ77kTYuLM8lxJ74rUb+o1/K+ptSn40g
-> ssh-ed25519 l/ODWA 5QQ6PCjRv62Qj+OObHd7f9Ybcv7ubr8j3Kx80MfDGAE
xNS4gaNPz2pbjcVatSivKz74dUwZKPTGeIeFLChJ0WI
-> ssh-ed25519 7+5K3Q AVBWlQIvjfvKc8vl0Ln1cEuDgy3AdFWD8/IhwubVWyc
KjiIFfbQDbr0+uNsauuxE9P7ZEtfsOfPM9FXjtbWl+0
-> ssh-ed25519 Ow0TGw tyX1hPmyMX8OLn4HJCgJLOGNvEcBIMs/ehfm1atVMzY
pb1w/4/DGvudQKX9U2cxDK9AYrMtZ1kdLEmEYEEC4zg
-> ssh-ed25519 cEINMA Qw1dm3Tp101EDjDLNPkE7xW6x4I8uzq3hxbwEbvTdkE
UlQI8Lhz+awc9ZCfmhGsnaSn9iL0N1o7XwuZxEGqp1s
-> ssh-ed25519 qbMKrQ mob4CL0vPjLsQWQeX957aRoZiY45Ii57gycZNORSV3E
JxRsxxGhI9QtRmuTLIfBMJBQNnzx2/WQSKX4GTzK0zs
-> ssh-ed25519 GNZYRg 6H2FkkW8CnZPIbnMvqGXVRNWBsGshCf8zN1qN6A3l1g
5HgAQVUNUJHHzc6Iy60VhvKUPkqMT9qzwtZLQws6h0w
-> ssh-ed25519 fd/ZLQ NyzeGuA76toU8gkkNnZk+A6WcURFH5EwfcMw2rlA2kY
99rQUY+TjYnpQCDKpNOQtH7+GK+KnZ5Dl/HZYvYYLSI
--- Ut8YQYzHvhr88Rze/lkF/veN29jkIJqFY5MoUOKdGhk
ÝHg/©rXºÒi-;ñ<>¤ò¶à—©QËâW_v>
wgpîªú9„Òý:v]K#^7DSªKà,º†sý<0E>·­ A>ªç®èrÎfß:wtŠ¤d~a¤‰ú<E280B0>z?C/ˆ¸<02>Z'IT ': [D™quQPçµÁA³VD<«`\å}¦`6?¢±ü5ú~N2b{<7B>¡ðLÏVí¢æ„'$JŠ¬¼Ì<C2BC>OHÔVg¦Ïh„<68>ê¬&œÿÓw6üŽ5ˆêÝ®³ý2¡†G¿ ×uÍY¹ö,ÅZ© ˆ`

1
secrets/secrets.nix
View file

@ -29,4 +29,5 @@ in {
"crony-passwd-desktop.age".publicKeys = systems ++ users;
"crony-passwd-servers.age".publicKeys = systems ++ users;
"root-passwd.age".publicKeys = systems ++ users;
"restic-local-pass.age".publicKeys = systems ++ users;
}