backups: do backups for the laptop

From the laptop I only backup /home/fcuny, as the rest should be straightforward to rebuild with nix. I run that backup as my own user, since I need my ssh key to use the remote repository (which is on the NAS). I also need a new secret for it (I might have been able to use `pass' for this, but well, that's easy enough). For the NAS, I update the list of directories to backup to include home, this will be on the systems backup.
author: Franck Cuny <franck@fcuny.net> 2022-04-24 13:46:18 -0700
committer: Franck Cuny <franck@fcuny.net> 2022-04-24 13:46:18 -0700
commit: 94f8172f0f5a6d5568b5204d88c5d45e77a20f69 (patch)
tree: a4a11722232dc2e015e2c32eeebf12be4fd5f53f /hosts
parent: tmux: start windows at 1 (diff)
download: world-94f8172f0f5a6d5568b5204d88c5d45e77a20f69.tar.gz
5 files changed, 36 insertions, 1 deletions
diff --git a/hosts/aptos/default.nix b/hosts/aptos/default.nix
index 5887d46..04d45ee 100644
--- a/hosts/aptos/default.nix
+++ b/hosts/aptos/default.nix
@@ -7,6 +7,7 @@
     ./networking.nix
     ./profile.nix
     ./home.nix
+    ./services.nix
   ];
 
   virtualisation.docker = { enable = true; };
diff --git a/hosts/aptos/secrets/restic/repo-users.age b/hosts/aptos/secrets/restic/repo-users.age
new file mode 100644
index 0000000..59c435a
--- /dev/null
+++ b/hosts/aptos/secrets/restic/repo-users.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 dtgBNg 5MAt41NmpX7UB+6zxI8NHrXpjvsn0iiEaUDwgt4RWDQ
+40RuB49FnH8WkPptwfiC4Es5b8JkI5PT6eau0f2wtOI
+-> ssh-ed25519 +LF+iw kchufYdtZ4Zp3fT58mFxbe033PLCPHXvMBwdR+xTTFM
+Kya9nVBHiVuDD5DJPQfsl3c5V64uCJb2nbPhWfbFqnA
+-> '-grease a3~x=^
+bn2D2ZS3fW4a42Au7J95HAQPE9IBGOULmNKH6XFWKNi+BzWiG3yo37MOog
+--- jvVR43MbkXMwylmHM3IrKwGjfnL8TdnWRoIrUergBC4
+Us9ûˆ¦þ¿§ìÄ'ðÀ`}òm£)N§§=~/†}¼÷TDQMÄuí¦¶ˆÓñv$ñ
\ No newline at end of file
diff --git a/hosts/aptos/secrets/secrets.nix b/hosts/aptos/secrets/secrets.nix
index 425a15f..05e9662 100644
--- a/hosts/aptos/secrets/secrets.nix
+++ b/hosts/aptos/secrets/secrets.nix
@@ -15,4 +15,9 @@ in {
     publicKeys = [ fcuny aptos ];
     owner = "fcuny";
   };
+
+  "restic/repo-users.age" = {
+    publicKeys = [ fcuny aptos ];
+    owner = "fcuny";
+  };
 }
diff --git a/hosts/aptos/services.nix b/hosts/aptos/services.nix
new file mode 100644
index 0000000..a2210e2
--- /dev/null
+++ b/hosts/aptos/services.nix
@@ -0,0 +1,19 @@
+{ config, ... }:
+let secrets = config.age.secrets;
+in {
+  my.services = {
+    backup = {
+      enable = true;
+      user = "fcuny";
+      repository = "sftp:192.168.0.107:/data/slow/backups/users/fcuny";
+      exclude = [
+        "/home/fcuny/.cache"
+        "/home/fcuny/downloads"
+        "/home/fcuny/workspace/linux.git"
+      ];
+      timerConfig = { OnCalendar = "06:30"; };
+      passwordFile = secrets."restic/repo-users".path;
+      paths = [ "/home/fcuny" ];
+    };
+  };
+}
diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix
index 7de94f6..9bd7162 100644
--- a/hosts/tahoe/services.nix
+++ b/hosts/tahoe/services.nix
@@ -43,7 +43,8 @@ in {
       repository = "/data/slow/backups/systems";
       timerConfig = { OnCalendar = "00:15"; };
       passwordFile = secrets."restic/repo-systems".path;
-      paths = [ "/data/fast/music" "/data/fast/photos" "/data/fast/videos" ];
+      paths =
+        [ "/home" "/data/fast/music" "/data/fast/photos" "/data/fast/videos" ];
     };
   };
 }
author	Franck Cuny <franck@fcuny.net>	2022-04-24 13:46:18 -0700
committer	Franck Cuny <franck@fcuny.net>	2022-04-24 13:46:18 -0700
commit	94f8172f0f5a6d5568b5204d88c5d45e77a20f69 (patch)
tree	a4a11722232dc2e015e2c32eeebf12be4fd5f53f /hosts
parent	tmux: start windows at 1 (diff)
download	world-94f8172f0f5a6d5568b5204d88c5d45e77a20f69.tar.gz