homelab: added restic for backups

3 files changed, 36 insertions, 0 deletions

diff --git a/nixos/modules/homelab/core/default.nix b/nixos/modules/homelab/core/default.nix
index 7adc169..0264ce7 100644
--- a/nixos/modules/homelab/core/default.nix
+++ b/nixos/modules/homelab/core/default.nix
@@ -2,5 +2,6 @@
   imports = [
     ./ssh.nix
     ./caddy.nix
+    ./restic.nix
   ];
 }
diff --git a/nixos/modules/homelab/core/restic.nix b/nixos/modules/homelab/core/restic.nix
new file mode 100644
index 0000000..7315632
--- /dev/null
+++ b/nixos/modules/homelab/core/restic.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }: let
+  cfg = config.homelab.core.restic;
+in {
+  options.homelab.core.restic = {
+    enable = lib.mkEnableOption "restic";
+    passwordFile = lib.mkOption {
+      description = "restic password file";
+      type = lib.types.path;
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = [ pkgs.restic ];
+    services.restic.backups = let
+      defaultPruneOpts = [
+        "--keep-daily 7"
+        "--keep-weekly 4"
+        "--keep-monthly 6"
+      ];
+    in {
+      syncthing = {
+        initialize = true;
+        paths = [
+          "/home/server/Sync"
+        ];
+        repository = "/srv/backups/syncthing";
+        pruneOpts = defaultPruneOpts;
+        passwordFile = cfg.passwordFile;
+      };
+    };
+  };
+}
diff --git a/nixos/systems/prodesk-server/system.nix b/nixos/systems/prodesk-server/system.nix
index 8cf10a6..5bec770 100644
--- a/nixos/systems/prodesk-server/system.nix
+++ b/nixos/systems/prodesk-server/system.nix
@@ -76,6 +76,10 @@
     core = {
       ssh.enable = true;
       caddy.enable = true;
+      restic = {
+        enable = true;
+        passwordFile = config.age.secrets.server-user-password.path;
+      };
     };
     cloud = {
       syncthing = {