blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

20 current 2025-10-07 00:49:35 25.05.20251001.5b5be50 6.12.49 *

Browse Source
This commit is contained in:
blake
2025-10-07 14:21:24 -05:00
parent eb98778b64
commit 03d62685eb
1 changed files with 34 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
modules/system/backups.nix
View File

@@ -14,7 +14,7 @@ in
}; };
repo = lib.mkOption { repo = lib.mkOption {
type = lib.types.path; type = lib.types.path;
default = "/backups"; default = "/holocron/borg";
description = "borg repository path"; description = "borg repository path";
}; };
passphraseFile = lib.mkOption { passphraseFile = lib.mkOption {
@@ -30,32 +30,39 @@ in
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
EnvironmentFile = config.modules.system.backups.passphraseFile; EnvironmentFile = config.modules.system.backups.passphraseFile;
ExecStart = pkgs.writeShellScript "borg-backup" ''
set -euo pipefail
export BORG_PASSPHRASE="$(cat ${passwd_file})"
export BORG_REPO="${cfg.repo}"
# Initialize repo if it doesn't exist
if ! borg info "$BORG_REPO" >/dev/null 2>&1; then
echo "init borg repo at $BORG_REPO"
borg init --encryption=repokey "$BORG_REPO"
fi
# Create backup
echo "starting backup..."
borg create \
--verbose \
--filter AME \
--list \
--stats \
--show-rc \
--compression lz4 \
"$BORG_REPO::$(hostname)-$(date +'%Y-%m-%dT%H:%M:%S')" \
${lib.concatStringsSep " " cfg.paths}
# Prune old backups according to retention policy
echo "Pruning old backups..."
borg prune -v --list "$BORG_REPO" \
--keep-daily=7 \
--keep-weekly=52 \
--keep-monthly=-1
echo "Backup completed successfully."
'';
}; };
script = ''
set -eux
export BORG_REPO=${config.modules.system.backups.repo}
export BORG_PASSPHRASE="$(cat ${config.modules.system.backups.passphraseFile})"
# Initialize repo if it doesnt exist
if ! ${borg} info "${repo}" >/dev/null 2>&1; then
echo "Initializing new Borg repository at ${repo}"
${borg} init --encryption=repokey "${repo}"
fi
timestamp=$(date +%Y-%m-%d_%H-%M-%S)
${borg} create \
--stats \
--compression zstd,3 \
::${timestamp} \
${lib.concatStringsSep " " backup_paths}
# Retention policy
${borg} prune -v --list \
--keep-daily=7 \
--keep-weekly=52 \
--keep-monthly=-1
'';
}; };
systemd.timers.borg-backup = { systemd.timers.borg-backup = {
@@ -71,5 +78,5 @@ in
}; };
} }
# add to module # add to modules
# modules.system.backups.paths = lib.mkIf cfg.backups [ <path> ]; # modules.system.backups.paths = lib.mkIf cfg.backups [ <path> ];