44 lines
855 B
Nix
44 lines
855 B
Nix
{
|
|
pkgs,
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib;
|
|
let
|
|
borgJob = name: {
|
|
environment = {
|
|
BORG_RSH = "ssh -i ${config.sops.secrets.gitea_backup_ssh_key.path}";
|
|
};
|
|
repo = "ssh://zh2088@zh2088.rsync.net/./backups/forgejo/${name}";
|
|
compression = "zstd,10";
|
|
startAt = "*-*-* 2,6,10,14,18,22:30:00";
|
|
extraInitArgs = "--make-parent-dirs";
|
|
archiveBaseName = name;
|
|
|
|
encryption = {
|
|
mode = "repokey-blake2";
|
|
passCommand = "cat ${config.sops.secrets.gitea_backup_pass.path}";
|
|
};
|
|
|
|
prune = {
|
|
keep = {
|
|
within = "1d";
|
|
daily = 7;
|
|
weekly = 4;
|
|
monthly = -1;
|
|
};
|
|
};
|
|
};
|
|
in
|
|
{
|
|
services = {
|
|
borgbackup.jobs = {
|
|
repos = borgJob "forgejo" // {
|
|
paths = [ "/var/lib/forgejo/dump" ];
|
|
};
|
|
};
|
|
};
|
|
|
|
environment.systemPackages = [ pkgs.borgbackup ];
|
|
}
|