home/packages: add a wrapper for restic on the nas

This is to call restic on the nas from a remote machine. It sets variables and run everything via sudo.
author: Franck Cuny <franck@fcuny.net> 2023-04-30 14:04:52 -0700
committer: Franck Cuny <franck@fcuny.net> 2023-04-30 14:40:58 -0700
commit: 951d20795e1c81ffde1e7a0c69ee98847691ef1f (patch)
tree: e83becfe3f10f83f94ac9e09d928f563eb18b079
parent: modules/rclone: delete the module and cleanup (diff)
download: world-951d20795e1c81ffde1e7a0c69ee98847691ef1f.tar.gz
1 files changed, 16 insertions, 0 deletions
diff --git a/home/packages/default.nix b/home/packages/default.nix
index 6a67129..fbf258f 100644
--- a/home/packages/default.nix
+++ b/home/packages/default.nix
@@ -11,6 +11,21 @@ let
     scp "''${ALBUM_PATH}" "''${NAS}:~/import/album.zip"
     ssh "''${NAS}" bc-to-beet ~/import/album.zip
   '';
+
+  restic-nas = pkgs.writeShellApplication
+    {
+      name = "restic-nas";
+      runtimeInputs = [ pkgs.restic pkgs.tailscale pkgs.jq ];
+      text = ''
+        NAS=$(tailscale status --json | jq -r '.Peer | map(select(.HostName == "tahoe"))[0].TailscaleIPs[0]')
+
+        RESTIC_REPOSITORY="sftp:''${NAS}:/$(hostname)"
+        export RESTIC_REPOSITORY
+        export RESTIC_PASSWORD_FILE=/run/agenix/restic/repo-users
+
+        sudo -E restic -o sftp.command="ssh backup@''${NAS} -i /run/agenix/restic/ssh-key -s sftp" "$@"
+      '';
+    };
 in
 {
   options.my.home.packages = with lib; {
@@ -36,6 +51,7 @@ in
 
         # custom tools
         album-to-nas
+        restic-nas
 
         # tools inside the tools directory
         tools.gha-billing
author	Franck Cuny <franck@fcuny.net>	2023-04-30 14:04:52 -0700
committer	Franck Cuny <franck@fcuny.net>	2023-04-30 14:40:58 -0700
commit	951d20795e1c81ffde1e7a0c69ee98847691ef1f (patch)
tree	e83becfe3f10f83f94ac9e09d928f563eb18b079
parent	modules/rclone: delete the module and cleanup (diff)
download	world-951d20795e1c81ffde1e7a0c69ee98847691ef1f.tar.gz