qbit/xin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

stan: enable backups

Browse Source
This commit is contained in:
Aaron Bieber 2024-01-26 08:10:31 -07:00
parent 017784390d
commit b37043851d
No known key found for this signature in database
2 changed files with 40 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
flake.lock
View File

@ -392,10 +392,10 @@
}, },
"stable_2": { "stable_2": {
"locked": { "locked": {
"lastModified": 1702161203, "lastModified": 1706176172,
"narHash": "sha256-nq40oP9Pk/bC9/3ShxUah2FWsyHcObtS2NU5rV8shXY=", "narHash": "sha256-+kOLrH4DNw6EMITqXosMqoQUyIGWTMYVYcqALP8+PPc=",
"path": "/nix/store/2mk1z2xf4v5rnpml75gbmgv6bv6i4nig-source", "path": "/nix/store/a2y0kc4g4xlxg5r50565y45734q4mssd-source",
"rev": "901fc6ea49ca9e9bbf636c48e2611588802e7b16", "rev": "72d28a6d71c30f0242c18317520bc3f4d822e794",
"type": "path" "type": "path"
}, },
"original": { "original": {
@ -516,11 +516,11 @@
}, },
"unstable_2": { "unstable_2": {
"locked": { "locked": {
"lastModified": 1702397419, "lastModified": 1706278372,
"narHash": "sha256-CBMSwZHT7GLq2JdOPWAVDBaYFbUHWD1+jPFrYk0JeLM=", "narHash": "sha256-SYceUQX1wjDQQsdws5MjNOWXE79GESFp/9uc4w3tZDo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "73ca2df642228129df7a968bad6499732dbc7ddd", "rev": "6081df2649d246e60d9d0165c79bea8ac3a97816",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -553,11 +553,11 @@
"unstable": "unstable_2" "unstable": "unstable_2"
}, },
"locked": { "locked": {
"lastModified": 1705613028, "lastModified": 1706280764,
"narHash": "sha256-YeZWRn1sqFFtBp1HgDSJAVczlPGS62TMUA0ruB8d+CQ=", "narHash": "sha256-hvqQwniv9DTXHHf9wXdSus5aaZUMX+cPjm0BU5sT4cI=",
"ref": "main", "ref": "main",
"rev": "f6ef694e6d8a6bc9af28996238bc379b6348ea88", "rev": "28c6b8651be883f28933d2646221098394c1fdab",
"revCount": 122, "revCount": 125,
"type": "git", "type": "git",
"url": "ssh://xin-secrets-ro/qbit/xin-secrets.git" "url": "ssh://xin-secrets-ro/qbit/xin-secrets.git"
}, },

29
hosts/stan/default.nix
View File

@ -133,6 +133,21 @@ in
group = "wheel"; group = "wheel";
mode = "400"; mode = "400";
}; };
restic_password_file = {
sopsFile = config.xin-secrets.stan.main;
owner = "root";
mode = "400";
};
restic_env_file = {
sopsFile = config.xin-secrets.stan.main;
owner = "root";
mode = "400";
};
restic_repo_file = {
sopsFile = config.xin-secrets.stan.main;
owner = "root";
mode = "400";
};
}; };
users.users.root = userBase; users.users.root = userBase;
@ -193,6 +208,20 @@ in
}; };
services = { services = {
restic = {
backups = {
remote = {
initialize = true;
environmentFile = "${config.sops.secrets.restic_env_file.path}";
passwordFile = "${config.sops.secrets.restic_password_file.path}";
repositoryFile = "${config.sops.secrets.restic_repo_file.path}";
paths = [ "/home/abieber" "/var/lib/libvirt" ];
pruneOpts = [ "--keep-daily 7" "--keep-weekly 2" "--keep-monthly 2" ];
};
};
};
rsyslogd = { rsyslogd = {
enable = testingMode; enable = testingMode;
defaultConfig = '' defaultConfig = ''