nix-config/hosts/cirrus/restic.nix

{
  inputs,
  config,
  pkgs,
  lib,
  ...
}: {
  environment.systemPackages = with pkgs; [
    restic
  ];

  sops = lib.mkIf (inputs ? nix-secrets) {
    secrets.restic-url = {
      sopsFile = "${inputs.nix-secrets}/restic-client.yaml";
      owner = config.host.user;
    };
    secrets.restic-password = {
      sopsFile = "${inputs.nix-secrets}/restic-client.yaml";
      owner = config.host.user;
    };
  };

  services.restic.backups = lib.mkIf (inputs ? nix-secrets) {
    remote = {
      repositoryFile = config.sops.secrets.restic-url.path;
      passwordFile = config.sops.secrets.restic-password.path;
      initialize = true;
      paths = [
        "/var/lib/radicale"
      ];
      timerConfig = {
        OnCalendar = "daily";
        Persistent = true;
        RandomizedDelaySec = "4h";
      };
    };
  };
}
lots of stuff: Moved syncthing to system service Restic actually works now removed some old system configs. formatting. 2024-09-30 16:06:17 +02:00			`{`
			`inputs,`
			`config,`
			`pkgs,`
			`lib,`
			`...`
			`}: {`
			`environment.systemPackages = with pkgs; [`
			`restic`
			`];`

			`sops = lib.mkIf (inputs ? nix-secrets) {`
			`secrets.restic-url = {`
			`sopsFile = "${inputs.nix-secrets}/restic-client.yaml";`
			`owner = config.host.user;`
			`};`
			`secrets.restic-password = {`
			`sopsFile = "${inputs.nix-secrets}/restic-client.yaml";`
			`owner = config.host.user;`
			`};`
			`};`

			`services.restic.backups = lib.mkIf (inputs ? nix-secrets) {`
			`remote = {`
			`repositoryFile = config.sops.secrets.restic-url.path;`
			`passwordFile = config.sops.secrets.restic-password.path;`
			`initialize = true;`
			`paths = [`
			`"/var/lib/radicale"`
			`];`
			`timerConfig = {`
			`OnCalendar = "daily";`
			`Persistent = true;`
			`RandomizedDelaySec = "4h";`
			`};`
			`};`
			`};`
			`}`