37 lines
795 B
Nix
37 lines
795 B
Nix
{ pkgs, config, lib, ... }:
|
|
with lib;
|
|
let
|
|
giteaCfg = config.services.gitea;
|
|
|
|
borgJob = name: {
|
|
environment = {
|
|
BORG_RSH = "ssh -i ${config.sops.secrets.gitea_backup_ssh_key.path}";
|
|
};
|
|
repo = "ssh://zh2088@zh2088.rsync.net:backups/gitea/${name}";
|
|
compression = "zstd,10";
|
|
startAt = "*-*-* 2,6,10,14,18,22:30:00";
|
|
|
|
encryption = {
|
|
mode = "repokey-blake2";
|
|
passCommand = "cat ${config.sops.secrets.gitea_backup_pass.path}";
|
|
};
|
|
|
|
prune = {
|
|
keep = {
|
|
within = "1d";
|
|
daily = 7;
|
|
weekly = 4;
|
|
monthly = -1;
|
|
};
|
|
};
|
|
};
|
|
in
|
|
{
|
|
services.borgbackup.jobs = mkIf giteaCfg.enable {
|
|
repos = borgJob "gitea" // {
|
|
paths = [ "/var/lib" ];
|
|
};
|
|
};
|
|
|
|
environment.systemPackages = [ pkgs.borgbackup ];
|
|
}
|