feat: add boot config for orion

2025-07-08 19:58:52 +03:00 · 2025-07-08 19:58:52 +03:00 · 1ff00246d3
commit 1ff00246d3
parent 90013674f6
2 changed files with 94 additions and 0 deletions
--- a/hosts/orion/backups.nix
+++ b/hosts/orion/backups.nix
@ -0,0 +1,93 @@
+{
+  config,
+  lib,
+  inputs,
+  secretsDir,
+  ...
+}:
+{
+  imports = [ inputs.ataraxiasjel-nur.nixosModules.rustic ];
+
+  sops.secrets.rustic-vps-pass.sopsFile = secretsDir + /rustic.yaml;
+  sops.secrets.rustic-backups-s3-env.sopsFile = secretsDir + /rustic.yaml;
+  services.rustic.backups =
+    let
+      label = "hypervisor-nas";
+    in
+    rec {
+      nas-backup = {
+        backup = true;
+        prune = false;
+        initialize = true;
+        environmentFile = config.sops.secrets.rustic-backups-s3-env.path;
+        extraEnvironment = {
+          https_proxy = "http://10.10.10.6:8888";
+        };
+        pruneOpts = [ "--repack-cacheable-only=false" ];
+        timerConfig = {
+          OnCalendar = "05:00";
+          Persistent = true;
+        };
+        settings = {
+          repository = {
+            repository = "opendal:s3";
+            password-file = config.sops.secrets.rustic-nas-pass.path;
+            options = {
+              root = label;
+              bucket = "ataraxia-rustic-backups";
+              region = "eu-central-003";
+              endpoint = "https://s3.eu-central-003.backblazeb2.com";
+            };
+          };
+          repository.options = {
+            timeout = "2min";
+            retry = "5";
+          };
+          backup = {
+            host = config.networking.hostName;
+            label = label;
+            ignore-devid = true;
+            group-by = "label";
+            skip-identical-parent = true;
+            globs = [
+              "!/media/nas/**/cache"
+              "!/media/nas/**/.cache"
+              "!/media/nas/**/log"
+              "!/media/nas/**/logs"
+              "!/media/nas/media-stack/configs/lidarr/config/MediaCover"
+              "!/media/nas/media-stack/configs/qbittorrent/downloads"
+              "!/media/nas/media-stack/configs/recyclarr/repositories"
+              "!/srv/gitea"
+              "!/srv/wiki"
+            ];
+            snapshots = [
+              {
+                sources = [
+                  "/srv /media/nas/containers"
+                  "/media/nas/media-stack/configs"
+                ];
+              }
+            ];
+          };
+          forget = {
+            filter-labels = [ label ];
+            group-by = "label";
+            prune = true;
+            keep-daily = 4;
+            keep-weekly = 2;
+            keep-monthly = 0;
+          };
+        };
+      };
+      nas-prune = lib.recursiveUpdate nas-backup {
+        backup = false;
+        prune = true;
+        initialize = false;
+        createWrapper = false;
+        timerConfig = {
+          OnCalendar = "Tue, 07:00";
+          Persistent = true;
+        };
+      };
+    };
+}
--- a/hosts/orion/default.nix
+++ b/hosts/orion/default.nix
@ -9,6 +9,7 @@
    inputs.srvos.nixosModules.server
    inputs.srvos.nixosModules.mixins-terminfo

+    ./boot.nix
    ./disk-config.nix
  ];