Home

dotnix @main - refs - log -
-
https://git.jolheiser.com/dotnix.git
My nix dotfiles
tree log patch
feat: backup ugit repos Signed-off-by: jolheiser <john.olheiser@gmail.com>
Signature
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEgqEQpE3xoo1QwJO/uFOtpdp7v3oFAmXdURkACgkQuFOtpdp7 v3p9nxAArwvycinsE6b2ahb2AvjNcASbn0bSAHt1xZ/b0ftNbe086o/Wxg9hTa3J tP7MNogaczmMGId+8+J/Z7CKYleQSMeIgW5KEeFn5ZN5n3H7Ukp5CPEAEJeRkIl6 NlBMVqUbKNTgCUv60CtxltRFW0K7MBdTrjUOOv+cXvB0ieUz4/d525Mm4n+Q5sI/ ld3KGqvRrGH/MUGbLMg/VGJmNd7/UrBDlbcJ6q0st4jdLsD272EQjWi3DB6qAH2f 4eK4nJAmCLu66fPNk4JUorLqtCieadZ9AYa6rPL/cHpKVeTwwM6qd3u7LY3Cj1s1 B+DGD3YVL6r3ydvt9kwIFobGdnMQ0ozLLYm2DlAxbyk0/qPWbveD4FO+EmaDMDTo MGXeqJFOF3yh/J74L2+xHKdO+SXm60cci71AZCdzNEjX3vNmhXU0Omx+PqKyTZOH RBL/7mQRX+nslMJwb7hEyDHrvHmwixs7ez8MYHyEMCC223ITxoylMdlP+VKvDkMZ uMn30hWuAeEMULPAkfGnpMbo2Xz2QOhsCCSC1pa83x1yzVRLatztnvTA7mdi+KhJ rQxloFwoh66xSGj+eqyFzNe/2e6XkXmZFrjRNp0LhHvQVwQOSbHX90fAHppMe0Z2 Yb0mnVFC9n3H0NqNVZezl/Ny1ZKeg681TXQ/kgsWynya8EU1z1A= =0T4B -----END PGP SIGNATURE-----
jolheiser <john.olheiser@gmail.com>
9 months ago
7 changed files, 57 additions(+), 1 deletions(-)
M flake.nix -> flake.nix
diff --git a/flake.nix b/flake.nix
index dde5f48d2302bf2a255847c06ad9e7d66795b7a6..5cc6df182cb712c7f9b4712caf92f16c916ab762 100644
--- a/flake.nix
+++ b/flake.nix
@@ -244,6 +244,8 @@         };
         dragonwell = {
           imports = [
 {
+      owner = username;
+{
         jolheiser = {
             inputs.ugit.nixosModules.default
             ./machines/dragonwell
M machines/dragonwell/default.nix -> machines/dragonwell/default.nix
diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index 1828604d5d816c62ab6206594259a7139535f060..14d13f6e4b5d049514cd7421ee9c61d75999851a 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -2,7 +2,7 @@ let
   username = "jolheiser";
   key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
 in {
-  imports = [./caddy.nix ./golink.nix ./gotosocial.nix ./ugit.nix ./hardware.nix];
+  imports = [./caddy.nix ./golink.nix ./gotosocial.nix ./restic.nix ./ugit.nix ./hardware.nix];
 
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;
I machines/dragonwell/restic.nix
diff --git a/machines/dragonwell/restic.nix b/machines/dragonwell/restic.nix
new file mode 100644
index 0000000000000000000000000000000000000000..ffe0bf2bb9e65842c6106498f13006cc16aa5763
--- /dev/null
+++ b/machines/dragonwell/restic.nix
@@ -0,0 +1,19 @@
+{config, ...}: {
+  age.secrets = {
+    restic-env.file = ../../secrets/personal/restic-env.age;
+    restic-pass.file = ../../secrets/personal/restic-pass.age;
+    restic-repo.file = ../../secrets/personal/restic-repo.age;
+  };
+  services.restic.backups.dragonwell = {
+    initialize = true;
+    environmentFile = config.age.secrets.restic-env.path;
+    passwordFile = config.age.secrets.restic-pass.path;
+    repositoryFile = config.age.secrets.restic-repo.path;
+    paths = ["/var/lib/ugit/repos"];
+    pruneOpts = ["--keep-daily 7" "--keep-weekly 2" "--keep-monthly 2"];
+    timerConfig = {
+      OnCalendar = "daily";
+      Persistent = true;
+    };
+  };
+}
I secrets/personal/restic-env.age
diff --git a/secrets/personal/restic-env.age b/secrets/personal/restic-env.age
new file mode 100644
index 0000000000000000000000000000000000000000..bd913d088e8cf03d4c02952d47084a78f6bc31ff
--- /dev/null
+++ b/secrets/personal/restic-env.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 E8j6/g 1HJtBNf8fXHgPxE/igj2b6z9o4Etlp+GHoLo8L6YnRs
+v+Sh2QlLbfixF7YkHTHM1luL4/SGlFzhNqQASH1UGDk
+-> ssh-ed25519 f31uNA 7HHWKFc59n5Y2UJ+qaNoYDfLJZbry/pZRvIFR4DWBWc
+DXcG+KGcE8JMPQt8cv4ted6vtkBf+u2uZsyPm4MMkwI
+-> psKyV-grease "MM~T(~g tK+-AO4 >-T !n090?K|
+Dtc2xPmFxFcTTC48EGs6awFQszoIjNY
+--- 7U9PGgjHxlCoYcyS5Mke4lhCcdqkQLjc9M5UycDSYWk
+�2�� 5͈��vUC��&���v5���R��ܹq��-˺Z��[ U%�k�r�V֙,�Q#jZ��y�nJd9��~z^��\ފ�Byv�/qI��Q"�U����	�d+�A���g���� ����l�E�-�
\ No newline at end of file
I secrets/personal/restic-pass.age
diff --git a/secrets/personal/restic-pass.age b/secrets/personal/restic-pass.age
new file mode 100644
index 0000000000000000000000000000000000000000..d130979306bba017676a6dc156c7878d57d9635a
--- /dev/null
+++ b/secrets/personal/restic-pass.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 E8j6/g IxilZcPJYM7QuBM+2/NTzzv4YNJVI41FvmTlkL+KoUw
+P7RK+wlfEdBeGVIU52QG43sRDJ9KxF0/6TarT9W+wbc
+-> ssh-ed25519 f31uNA pQCg9BCiIk//YdV3AHr3w2Y84K6MwH/HK/k7w4EapQQ
+9EySD+N5XEz/w4AyRBsLioYhr6PaPOkckMLhE7LONdk
+-> M-grease d_4>8< / 1V($
+yc2NhRg1u6HU1bAVVTqdi4qKyHdPINhhZt7HUPubLWR0KJyPb2Aaz6c66UmMu8La
+49kh/q2eAcgQ+GVOHUSc6ZYEf+WD
+--- YX4Fl76QjEubDmrpQcVx1ihZiVY2hQJhzrnIlxNlEHw
+�{��t��i��Hљ��xŦ��At+epVJ�ˬ��L��pY�
+L��
\ No newline at end of file
I secrets/personal/restic-repo.age
diff --git a/secrets/personal/restic-repo.age b/secrets/personal/restic-repo.age
new file mode 100644
index 0000000000000000000000000000000000000000..5a81ece3687b04d8e1751d2f62cc10670f26b8cc
--- /dev/null
+++ b/secrets/personal/restic-repo.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 E8j6/g /mv0fp9Xhz82GMijyXu4zKyNsW11q2fxJ6zD3MU6O2Q
+6o/t8ahIXklhZ3ILUfOKiGns74qhny+80dcrFu/+tNY
+-> ssh-ed25519 f31uNA DuKL8kZ2xuwICNLHzoOirxfzbzh3zHR6qW4LPnMhgCk
+GNsyRaJlIxJjL2Ccnn5hkRzLrDr/pvbNrVidf9646dQ
+-> Ztf-grease v
+rvC+ciAnVae8fNwFllFCMyxjSXHx391gDjXnrf1TWl/UXaIpwvlcbPeSPedig52U
+6bQM9Z3UW+zfAugHBb2q3BukVSkDFfFw8RAAxHbC1sleAbFAsgtCSjCjG0tn+irI
+dxE
+--- 7K9dTBILUGSBVi0dsn48ImjpAALL+8fR+eoPMo6Pbvw
+5w�)@+Fn��jg�_����I��xNӤ"��]/2V�BO/� ����҈g������w�d.���@�3tV���^�w���`���0н��t
\ No newline at end of file
M secrets/secrets.nix -> secrets/secrets.nix
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 0cf619b5e1d7566ff587099241b2de24d504e501..a38e355a12892158e7b2730e1a9fce693358aab7 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -19,4 +19,8 @@   "work/pip.conf.age".publicKeys = [jolheiser chai masala];
   "work/pypirc.age".publicKeys = [jolheiser chai masala];
   "work/cifs.age".publicKeys = [jolheiser chai masala];
   jolheiser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrPUqk9v7FE7OgMDaOMdlnItiXSDkmS+eU94RzQFiMS";
+  jolheiser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrPUqk9v7FE7OgMDaOMdlnItiXSDkmS+eU94RzQFiMS";
+  "personal/restic-pass.age".publicKeys = [jolheiser dragonwell];
+  "personal/restic-repo.age".publicKeys = [jolheiser dragonwell];
+  jolheiser = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrPUqk9v7FE7OgMDaOMdlnItiXSDkmS+eU94RzQFiMS";
 let