42 lines
982 B
Nix
42 lines
982 B
Nix
{
|
|
inputs,
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}: let
|
|
port = "8090";
|
|
in {
|
|
sops = lib.mkIf (inputs ? nix-secrets) {
|
|
secrets.restic-server-credentials = {
|
|
sopsFile = "${inputs.nix-secrets}/restic-server";
|
|
format = "binary";
|
|
owner = "restic";
|
|
};
|
|
secrets.restic-url = {
|
|
sopsFile = "${inputs.nix-secrets}/restic-client.yaml";
|
|
owner = config.host.details.user;
|
|
};
|
|
secrets.restic-password = {
|
|
sopsFile = "${inputs.nix-secrets}/restic-client.yaml";
|
|
owner = config.host.details.user;
|
|
};
|
|
};
|
|
|
|
host.restic = {
|
|
enable = true;
|
|
repository = "/backup/restic/";
|
|
passwordFile = config.sops.secrets.restic-password.path;
|
|
server = {
|
|
enable = true;
|
|
htpasswdPath = config.sops.secrets.restic-server-credentials.path;
|
|
domain = "restic.venberg.xyz";
|
|
port = port;
|
|
repositoryPath = "/backup/restic";
|
|
};
|
|
};
|
|
|
|
host.restic.backups.syncthing = {
|
|
paths = ["/storage/syncthing"];
|
|
};
|
|
}
|