ugit

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12


diff --git a/flake.nix b/flake.nix
index dde5f48d2302bf2a255847c06ad9e7d66795b7a6..5cc6df182cb712c7f9b4712caf92f16c916ab762 100644
--- a/flake.nix
+++ b/flake.nix
@@ -243,6 +243,7 @@           };
         };
         dragonwell = {
           imports = [
+            inputs.agenix.nixosModules.default
             inputs.golink.nixosModules.default
             inputs.ugit.nixosModules.default
             ./machines/dragonwell

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13


diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index 1828604d5d816c62ab6206594259a7139535f060..14d13f6e4b5d049514cd7421ee9c61d75999851a 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -2,7 +2,7 @@ let
   username = "jolheiser";
   key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
 in {
-  imports = [./caddy.nix ./golink.nix ./gotosocial.nix ./ugit.nix ./hardware.nix];
+  imports = [./caddy.nix ./golink.nix ./gotosocial.nix ./restic.nix ./ugit.nix ./hardware.nix];
 
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25


diff --git a/machines/dragonwell/restic.nix b/machines/dragonwell/restic.nix
new file mode 100644
index 0000000000000000000000000000000000000000..ffe0bf2bb9e65842c6106498f13006cc16aa5763
--- /dev/null
+++ b/machines/dragonwell/restic.nix
@@ -0,0 +1,19 @@
+{config, ...}: {
+  age.secrets = {
+    restic-env.file = ../../secrets/personal/restic-env.age;
+    restic-pass.file = ../../secrets/personal/restic-pass.age;
+    restic-repo.file = ../../secrets/personal/restic-repo.age;
+  };
+  services.restic.backups.dragonwell = {
+    initialize = true;
+    environmentFile = config.age.secrets.restic-env.path;
+    passwordFile = config.age.secrets.restic-pass.path;
+    repositoryFile = config.age.secrets.restic-repo.path;
+    paths = ["/var/lib/ugit/repos"];
+    pruneOpts = ["--keep-daily 7" "--keep-weekly 2" "--keep-monthly 2"];
+    timerConfig = {
+      OnCalendar = "daily";
+      Persistent = true;
+    };
+  };
+}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16


diff --git a/secrets/personal/restic-env.age b/secrets/personal/restic-env.age
new file mode 100644
index 0000000000000000000000000000000000000000..bd913d088e8cf03d4c02952d47084a78f6bc31ff
--- /dev/null
+++ b/secrets/personal/restic-env.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 E8j6/g 1HJtBNf8fXHgPxE/igj2b6z9o4Etlp+GHoLo8L6YnRs
+v+Sh2QlLbfixF7YkHTHM1luL4/SGlFzhNqQASH1UGDk
+-> ssh-ed25519 f31uNA 7HHWKFc59n5Y2UJ+qaNoYDfLJZbry/pZRvIFR4DWBWc
+DXcG+KGcE8JMPQt8cv4ted6vtkBf+u2uZsyPm4MMkwI
+-> psKyV-grease "MM~T(~g tK+-AO4 >-T !n090?K|
+Dtc2xPmFxFcTTC48EGs6awFQszoIjNY
+--- 7U9PGgjHxlCoYcyS5Mke4lhCcdqkQLjc9M5UycDSYWk
+�2�� 5͈��vUC��&���v5���R��ܹq��-˺Z��[ U%�k�r�V֙,�Q#jZ��y�nJd9��~z^��\ފ�Byv�/qI��Q"�U����	�d+�A���g���� ����l�E�-�
\ No newline at end of file

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18


diff --git a/secrets/personal/restic-pass.age b/secrets/personal/restic-pass.age
new file mode 100644
index 0000000000000000000000000000000000000000..d130979306bba017676a6dc156c7878d57d9635a
--- /dev/null
+++ b/secrets/personal/restic-pass.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 E8j6/g IxilZcPJYM7QuBM+2/NTzzv4YNJVI41FvmTlkL+KoUw
+P7RK+wlfEdBeGVIU52QG43sRDJ9KxF0/6TarT9W+wbc
+-> ssh-ed25519 f31uNA pQCg9BCiIk//YdV3AHr3w2Y84K6MwH/HK/k7w4EapQQ
+9EySD+N5XEz/w4AyRBsLioYhr6PaPOkckMLhE7LONdk
+-> M-grease d_4>8< / 1V($
+yc2NhRg1u6HU1bAVVTqdi4qKyHdPINhhZt7HUPubLWR0KJyPb2Aaz6c66UmMu8La
+49kh/q2eAcgQ+GVOHUSc6ZYEf+WD
+--- YX4Fl76QjEubDmrpQcVx1ihZiVY2hQJhzrnIlxNlEHw
+�{��t��i��Hљ��xŦ��At+epVJ�ˬ��L��pY�
+L��
\ No newline at end of file

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18


diff --git a/secrets/personal/restic-repo.age b/secrets/personal/restic-repo.age
new file mode 100644
index 0000000000000000000000000000000000000000..5a81ece3687b04d8e1751d2f62cc10670f26b8cc
--- /dev/null
+++ b/secrets/personal/restic-repo.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 E8j6/g /mv0fp9Xhz82GMijyXu4zKyNsW11q2fxJ6zD3MU6O2Q
+6o/t8ahIXklhZ3ILUfOKiGns74qhny+80dcrFu/+tNY
+-> ssh-ed25519 f31uNA DuKL8kZ2xuwICNLHzoOirxfzbzh3zHR6qW4LPnMhgCk
+GNsyRaJlIxJjL2Ccnn5hkRzLrDr/pvbNrVidf9646dQ
+-> Ztf-grease v
+rvC+ciAnVae8fNwFllFCMyxjSXHx391gDjXnrf1TWl/UXaIpwvlcbPeSPedig52U
+6bQM9Z3UW+zfAugHBb2q3BukVSkDFfFw8RAAxHbC1sleAbFAsgtCSjCjG0tn+irI
+dxE
+--- 7K9dTBILUGSBVi0dsn48ImjpAALL+8fR+eoPMo6Pbvw
+5w�)@+Fn��jg�_����I��xNӤ"��]/2V�BO/� ����҈g������w�d.���@�3tV���^�w���`���0н��t
\ No newline at end of file

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12


diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 0cf619b5e1d7566ff587099241b2de24d504e501..a38e355a12892158e7b2730e1a9fce693358aab7 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -18,4 +18,7 @@   "work/netrc.age".publicKeys = [jolheiser chai masala];
   "work/pip.conf.age".publicKeys = [jolheiser chai masala];
   "work/pypirc.age".publicKeys = [jolheiser chai masala];
   "work/cifs.age".publicKeys = [jolheiser chai masala];
+  "personal/restic-env.age".publicKeys = [jolheiser dragonwell];
+  "personal/restic-pass.age".publicKeys = [jolheiser dragonwell];
+  "personal/restic-repo.age".publicKeys = [jolheiser dragonwell];
 }

Home