{ pkgs, config, ... }: let vars = import ../../vars.nix; arionPath = "/home/${vars.user}/.setup/hosts/franz/arion"; cfg = config.virtualisation.arion; in { # systemd.timers."restic-cron" = { # wantedBy = ["timers.target"]; # timerConfig = { # OnBootSec = "1m"; # OnUnitActiveSec = "1m"; # Unit = "restic-cron.service"; # }; # }; # # systemd.services."restic-cron" = { # path = [ # cfg.docker.client.package # cfg.package # pkgs.nix # pkgs.restic # pkgs.autorestic # ]; # script = '' # source /etc/profile # autorestic -c /home/ghoscht/.autorestic.yml --verbose cron >> /tmp/autorestic.log 2>&1 # ''; # serviceConfig = { # Type = "oneshot"; # User = "root"; # }; # }; services.cron = { enable = true; systemCronJobs = [ "*/5 * * * * root . /etc/profile; autorestic -c /home/ghoscht/.autorestic.yml --ci cron > /var/log/autorestic-bin.log" ]; }; environment.systemPackages = with pkgs; [autorestic restic]; sops.secrets."autorestic/zfs_key" = { owner = vars.user; }; sops.secrets."autorestic/eustachius_key" = { owner = vars.user; }; sops.secrets."autorestic/ntfy_access_token" = { owner = vars.user; }; sops.templates.".autorestic.yml" = { path = "/home/${vars.user}/.autorestic.yml"; owner = vars.user; mode = "0775"; content = '' version: 2 global: forget: keep-last: 5 keep-weekly: 1 keep-monthly: 12 keep-yearly: 7 keep-within: '14d' extras: default_hooks: &default_hooks success: - echo "Backup of $AUTORESTIC_LOCATION successful! Added $AUTORESTIC_FILES_ADDED_0 files and changed $AUTORESTIC_FILES_CHANGED_0 files with a total size of $AUTORESTIC_ADDED_SIZE_0. Processed $AUTORESTIC_PROCESSED_FILES_0 files with total size $AUTORESTIC_PROCESSED_SIZE_0 in $AUTORESTIC_PROCESSED_DURATION_0. Snapshot $AUTORESTIC_SNAPSHOT_ID_0" >> /var/log/autorestic-backup.log failure: - echo "Backup of $AUTORESTIC_LOCATION failed" >> /var/log/autorestic.log - 'curl -H "Authorization: Bearer ${config.sops.placeholder."autorestic/ntfy_access_token"}" -H "X-Tags: warning" -H "X-Title: Backup Failure" -d "Backup of location $AUTORESTIC_LOCATION failed" https://push.ghoscht.com/autorestic' locations: dashboard: from: /home/ghoscht/.docker/dashboard to: - zfs - eustachius forget: prune cron: '0 4 * * 0' # Every Sunday at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/dashboard/arion-compose.nix -p ${arionPath}/dashboard/arion-pkgs.nix stop after: - arion -f ${arionPath}/dashboard/arion-compose.nix -p ${arionPath}/dashboard/arion-pkgs.nix start dns: from: /home/ghoscht/.docker/dns to: - zfs - eustachius forget: prune cron: '0 4 * * 0' # Every Sunday at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/dns/arion-compose.nix -p ${arionPath}/dns/arion-pkgs.nix stop after: - arion -f ${arionPath}/dns/arion-compose.nix -p ${arionPath}/dns/arion-pkgs.nix start feed: from: /home/ghoscht/.docker/feed to: - zfs - eustachius forget: prune cron: '0 4 * * 0' # Every Sunday at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/feed/arion-compose.nix -p ${arionPath}/feed/arion-pkgs.nix stop after: - arion -f ${arionPath}/feed/arion-compose.nix -p ${arionPath}/feed/arion-pkgs.nix start git: from: /home/ghoscht/.docker/git to: - zfs - eustachius cron: '0 4 * * *' # Every Day at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/git/arion-compose.nix -p ${arionPath}/git/arion-pkgs.nix stop after: - arion -f ${arionPath}/git/arion-compose.nix -p ${arionPath}/git/arion-pkgs.nix start media: from: /home/ghoscht/.docker/media to: - zfs - eustachius cron: '0 4 * * *' # Every Day at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix stop after: - arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix start nextcloud: from: - /storage/dataset/docker/nextcloud/nextcloud_data/data - /home/ghoscht/.docker/nextcloud/ to: - zfs - eustachius cron: '0 4 * * *' # Every Day at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/nextcloud/arion-compose.nix -p ${arionPath}/nextcloud/arion-pkgs.nix stop after: - arion -f ${arionPath}/nextcloud/arion-compose.nix -p ${arionPath}/nextcloud/arion-pkgs.nix start smarthome: from: /home/ghoscht/.docker/smarthome to: - zfs - eustachius forget: prune cron: '0 4 * * 0' # Every Sunday at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/smarthome/arion-compose.nix -p ${arionPath}/smarthome/arion-pkgs.nix stop after: - arion -f ${arionPath}/smarthome/arion-compose.nix -p ${arionPath}/smarthome/arion-pkgs.nix start passwords: from: /home/ghoscht/.docker/passwords to: - zfs - eustachius cron: '0 4 * * *' # Every Day at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/passwords/arion-compose.nix -p ${arionPath}/passwords/arion-pkgs.nix stop after: - arion -f ${arionPath}/passwords/arion-compose.nix -p ${arionPath}/passwords/arion-pkgs.nix start push: from: /storage/dataset/docker/push/ to: - zfs - eustachius cron: '0 4 * * *' # Every Day at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/push/arion-compose.nix -p ${arionPath}/push/arion-pkgs.nix stop after: - arion -f ${arionPath}/push/arion-compose.nix -p ${arionPath}/push/arion-pkgs.nix start # matrix: # from: /home/ghoscht/.docker/matrix # to: # - zfs # - eustachius # forget: prune # cron: '0 4 * * 0' # Every Sunday at 4:00 # hooks: # <<: *default_hooks # before: # - arion -f ${arionPath}/matrix/arion-compose.nix -p ${arionPath}/matrix/arion-pkgs.nix stop # after: # - arion -f ${arionPath}/matrix/arion-compose.nix -p ${arionPath}/matrix/arion-pkgs.nix start music: from: /storage/dataset/data/media/music to: - eustachius cron: '0 4 * * 0' # Every Sunday at 4:00 hooks: <<: *default_hooks before: - arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix stop after: - arion -f ${arionPath}/media/arion-compose.nix -p ${arionPath}/media/arion-pkgs.nix start headscale: from: /home/ghoscht/.docker/headscale to: - zfs forget: prune cron: '55 3 * * *' # Every Day at 3:55 hooks: <<: *default_hooks before: - arion -f ${arionPath}/headscale/arion-compose.nix -p ${arionPath}/headscale/arion-pkgs.nix stop after: - arion -f ${arionPath}/headscale/arion-compose.nix -p ${arionPath}/headscale/arion-pkgs.nix start auth: from: /home/ghoscht/.docker/auth to: - zfs - eustachius forget: prune cron: '55 3 * * *' # Every Day at 3:55 hooks: <<: *default_hooks before: - arion -f ${arionPath}/auth/arion-compose.nix -p ${arionPath}/auth/arion-pkgs.nix stop after: - arion -f ${arionPath}/auth/arion-compose.nix -p ${arionPath}/auth/arion-pkgs.nix start infrastructure: from: /home/ghoscht/.docker/infrastructure to: - zfs - eustachius forget: prune cron: '55 3 * * *' # Every Day at 3:55 hooks: <<: *default_hooks before: - arion -f ${arionPath}/infrastructure/arion-compose.nix -p ${arionPath}/infrastructure/arion-pkgs.nix stop after: - arion -f ${arionPath}/infrastructure/arion-compose.nix -p ${arionPath}/infrastructure/arion-pkgs.nix start wiki: from: /home/ghoscht/.docker/wiki to: - zfs - eustachius forget: prune cron: '55 3 * * *' # Every Day at 3:55 hooks: <<: *default_hooks before: - arion -f ${arionPath}/wiki/arion-compose.nix -p ${arionPath}/wiki/arion-pkgs.nix stop after: - arion -f ${arionPath}/wiki/arion-compose.nix -p ${arionPath}/wiki/arion-pkgs.nix start stats: from: /home/ghoscht/.docker/stats to: - zfs - eustachius forget: prune cron: '55 3 * * *' # Every Day at 3:55 hooks: <<: *default_hooks before: - arion -f ${arionPath}/stats/arion-compose.nix -p ${arionPath}/stats/arion-pkgs.nix stop after: - arion -f ${arionPath}/stats/arion-compose.nix -p ${arionPath}/stats/arion-pkgs.nix start minio: from: /storage/dataset/docker/minio to: - zfs - eustachius cron: '55 3 * * *' # Every Day at 3:55 options: backup: exclude: - '*.pmtiles' hooks: <<: *default_hooks before: - arion -f ${arionPath}/minio/arion-compose.nix -p ${arionPath}/minio/arion-pkgs.nix stop after: - arion -f ${arionPath}/minio/arion-compose.nix -p ${arionPath}/minio/arion-pkgs.nix start nas: from: /storage/dataset/nas to: - zfs - eustachius cron: '55 3 * * *' # Every Day at 3:55 hooks: <<: *default_hooks backends: zfs: type: local path: /storage/dataset/backups key: '${config.sops.placeholder."autorestic/zfs_key"}' eustachius: type: rest path: http://100.64.0.3:8000/franz key: '${config.sops.placeholder."autorestic/eustachius_key"}' ''; }; }