diff --git a/secrets/borg-backup/default.nix b/secrets/borg-backup/default.nix deleted file mode 100644 index e9a3e7a..0000000 --- a/secrets/borg-backup/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ lib }: -let - inherit (lib) - fileContents - ; -in -{ - poseidon-repo = fileContents ./poseidon-repo.secret; -} diff --git a/secrets/borg-backup/poseidon-repo.secret b/secrets/borg-backup/poseidon-repo.secret deleted file mode 100644 index 1fce44a..0000000 Binary files a/secrets/borg-backup/poseidon-repo.secret and /dev/null differ diff --git a/secrets/default.nix b/secrets/default.nix index c17761a..278d2a1 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -16,7 +16,6 @@ in { nextcloud-admin-user = fileContents ./nextcloud-admin-user.secret; lohr-shared-secret = fileContents ./lohr-shared-secret.secret; - borg-backup = import ./borg-backup { inherit lib; }; paperless = import ./paperless { inherit lib; }; restic-backup = import ./restic-backup { inherit lib; }; diff --git a/services/borg-backup.nix b/services/borg-backup.nix deleted file mode 100644 index 92b91b0..0000000 --- a/services/borg-backup.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) - mkEnableOption - mkIf - mkOption - ; - cfg = config.my.services.borg-backup; -in { - options.my.services.borg-backup = let inherit (lib) types; in { - enable = mkEnableOption "Enable Borg backups for this host"; - - repo = mkOption { - type = types.str; - default = null; - example = "deadbeef@deadbeef.repo.borgbase.com:repo"; - description = "Borgbase repo info. Required."; - }; - - prune = mkOption { - type = types.attrs; - default = { - keep = { - daily = 7; - weekly = 4; - monthly = 6; - }; - }; - description = "pruning options for borg"; - }; - - paths = mkOption { - type = types.listOf types.str; - default = []; - example = [ - "/var/lib" - "/home" - ]; - description = "Paths to backup"; - }; - - exclude = mkOption { - type = types.listOf types.str; - default = []; - example = [ - # very large paths - "/var/lib/docker" - "/var/lib/systemd" - "/var/lib/libvirt" - - # temporary files created by cargo and `go build` - "**/target" - "/home/*/go/bin" - "/home/*/go/pkg" - ]; - description = "Paths to exclude from backup"; - }; - }; - - config = mkIf cfg.enable { - services.borgbackup.jobs."borgbase" = { - paths = cfg.paths; - exclude = cfg.exclude; - repo = cfg.repo; - encryption = { - mode = "repokey-blake2"; - passCommand = "cat /root/borgbackup/passphrase"; - }; - environment.BORG_RSH = "ssh -i /root/borgbackup/ssh_key"; - extraCreateArgs = "--stats --list"; - extraPruneArgs = "--stats --list --save-space"; - doInit = true; - compression = "auto,zstd"; - startAt = "daily"; - prune = cfg.prune; - }; - }; -} diff --git a/services/default.nix b/services/default.nix index 9412e57..82e3bf4 100644 --- a/services/default.nix +++ b/services/default.nix @@ -3,7 +3,6 @@ { imports = [ ./vaultwarden.nix - ./borg-backup.nix ./fail2ban.nix ./fava.nix ./gitea