added syncthing backups.

2024-10-18 15:21:37 +02:00 · 2024-10-18 15:21:37 +02:00 · 811dfa165e
parent 97238bddbd
commit 811dfa165e
3 changed files with 26 additions and 2 deletions
--- a/flake.nix
+++ b/flake.nix
@ -123,8 +123,6 @@
      sshUser = "root";
    };

-    checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
-
    packages.x86_64-linux = {
      proxmox = import ./packages/proxmox.nix {inherit inputs configLib;};
      iso = import ./packages/iso.nix {inherit inputs configLib;};
--- a/hosts/cirrostratus/nginx.nix
+++ b/hosts/cirrostratus/nginx.nix
@ -8,6 +8,7 @@
  imports = [
    ../../configs/nixos/nginx.nix
  ];
+  services.nginx.clientMaxBodySize="100m";
  services.nginx.virtualHosts = {
    "gabevenberg.com" = {
      enableACME = true;
--- a/hosts/cirrostratus/restic.nix
+++ b/hosts/cirrostratus/restic.nix
@ -27,8 +27,33 @@ in {
      path = "/backup/restic/.htpasswd";
      owner="restic";
    };
+    secrets.restic-url = {
+      sopsFile = "${inputs.nix-secrets}/restic-client.yaml";
+      owner = config.host.user;
    };
+    secrets.restic-password = {
+      sopsFile = "${inputs.nix-secrets}/restic-client.yaml";
+      owner = config.host.user;
+    };
+  };
+
  environment.systemPackages = with pkgs; [
    restic
  ];
+
+  services.restic.backups = lib.mkIf (inputs ? nix-secrets) {
+    remote = {
+      repositoryFile = config.sops.secrets.restic-url.path;
+      passwordFile = config.sops.secrets.restic-password.path;
+      initialize = true;
+      paths = [
+        "/storage/syncthing"
+      ];
+      timerConfig = {
+        OnCalendar = "daily";
+        Persistent = true;
+        RandomizedDelaySec = "4h";
+      };
+    };
+  };
 }