From e46677a3f6ac9354ea0e380fe1b952c85d0855dc Mon Sep 17 00:00:00 2001
From: Gabe Venberg <gabevenberg@gmail.com>
Date: Tue, 25 Mar 2025 17:41:01 +0100
Subject: [PATCH] added backup pruning to restic.

Only done on the restic host itself, as no remote can do it due to
--append-only.
---
 hosts/cirrostratus/restic.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/hosts/cirrostratus/restic.nix b/hosts/cirrostratus/restic.nix
index 8710671..ec4c372 100644
--- a/hosts/cirrostratus/restic.nix
+++ b/hosts/cirrostratus/restic.nix
@@ -42,14 +42,21 @@ in {
   ];
 
   services.restic.backups = lib.mkIf (inputs ? nix-secrets) {
-    remote = {
-      repositoryFile = config.sops.secrets.restic-url.path;
+    local = {
+      repositoryFile = "/backup/restic/";
       passwordFile = config.sops.secrets.restic-password.path;
       initialize = true;
       paths = [
         "/storage/syncthing"
         "/storage/factorio"
       ];
+      pruneOpts=[
+        "--keep-within 14d"
+        "--keep-daily 14"
+        "--keep-weekly 8"
+        "--keep-monthly 12"
+        "--keep-yearly 10"
+      ];
       timerConfig = {
         OnCalendar = "daily";
         Persistent = true;