configured backups

2025-04-25 16:08:30 +02:00 · 2023-07-30 19:41:51 +02:00 · 2023-07-30 19:41:51 +02:00 · b48fa4e383
commit b48fa4e383
parent 60e1f3c3d0
25 changed files with 217 additions and 92 deletions
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -4,10 +4,10 @@
  imports =
    [
      ./hardware-configuration.nix
+      ./modules/backup
      ./modules/networks
      ./modules/greetd
      ./modules/virtualisation
-      ./modules/snapper
    ];

  # Use the systemd-boot EFI boot loader.
--- a/hosts/thinkpad/modules/backup/default.nix
+++ b/hosts/thinkpad/modules/backup/default.nix
@ -0,0 +1,41 @@
+{ config, pkgs, ... }:
+{
+  sops.secrets."borg/passphrase" = { };
+  environment.systemPackages = [ pkgs.borgbackup ];
+  services.borgmatic = {
+    enable = true;
+    settings = {
+      location = {
+        source_directories = [
+          "/var/lib"
+          "/var/log"
+          "/nix/persist"
+          "/home"
+        ];
+
+        repositories = [
+          "ssh://root@192.168.10.2/mnt/backup/thinkpad"
+        ];
+        exclude_patterns = [
+          "/home/*/.cache"
+          "/home/*/.zcomp*"
+          "/home/*/.zcomp*"
+          "/home/*/.local/share/Steam"
+          "/home/*/.local/share/Trash"
+          "/home/*/.local/share/vifm/Trash"
+          "/home/*/Linux/Isos"
+        ];
+      };
+      storage = {
+        encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.sops.secrets."borg/passphrase".path}";
+        compression = "lz4";
+      };
+      retention = {
+        keep_daily = 7;
+        keep_weekly = 4;
+        keep_monthly = 12;
+        keep_yearly = 3;
+      };
+    };
+  };
+}
--- a/hosts/thinkpad/modules/snapper/default.nix
+++ b/hosts/thinkpad/modules/snapper/default.nix
@ -1,19 +0,0 @@
-{ ... }:
-{
-  services.snapper = {
-    configs = {
-      home = {
-        SUBVOLUME = "/home";
-        ALLOW_USERS = [ "rouven" ];
-        TIMELINE_CREATE = true;
-        TIMELINE_CLEANUP = true;
-      };
-      lib = {
-        SUBVOLUME = "/var/lib";
-        ALLOW_USERS = [ "rouven" ];
-        TIMELINE_CREATE = true;
-        TIMELINE_CLEANUP = true;
-      };
-    };
-  };
-}
--- a/hosts/thinkpad/modules/virtualisation/default.nix
+++ b/hosts/thinkpad/modules/virtualisation/default.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, pkgs, ... }:
 # Virtualisation with gpu passthrough
 # Following https://astrid.tech/2022/09/22/0/nixos-gpu-vfio/
 # let