From ab5ae35f6ff703fd4e87a92e79bc8182f672782b Mon Sep 17 00:00:00 2001
From: David Crompton <davidcrompton1192@gmail.com>
Date: Sat, 19 Aug 2023 23:18:01 -0400
Subject: [PATCH] Backup Config

---
 machines/hippocampus/backup.nix             | 50 +++++++++++++++++++++
 machines/hippocampus/backups/gitea.nix      |  6 +++
 machines/hippocampus/backups/postgresql.nix |  7 +++
 3 files changed, 63 insertions(+)
 create mode 100644 machines/hippocampus/backup.nix
 create mode 100644 machines/hippocampus/backups/gitea.nix
 create mode 100644 machines/hippocampus/backups/postgresql.nix

diff --git a/machines/hippocampus/backup.nix b/machines/hippocampus/backup.nix
new file mode 100644
index 0000000..563a0a5
--- /dev/null
+++ b/machines/hippocampus/backup.nix
@@ -0,0 +1,50 @@
+{ config, lib, pkgs, ...}: let
+  secretPerm = {
+    owner = "root";
+    mode = "0400";
+  };
+in {
+  imports = [
+    ./backups/postgresql.nix
+    ./backups/gitea.nix
+  ];
+
+  sops.secrets."restic/repo" = secretPerm;
+
+  sops.secrets."restic/passwd" = secretPerm;
+  
+  sops.secrets."restic/backblaze" = secretPerm;
+  
+  services.restic.backups.hippocampus = {
+    user = "root";
+    initialize = true;
+    timerConfig = {
+      OnCalendar = "03:00";
+      Persistent = true;
+    };
+
+    passwordFile = config.sops.secrets."restic/passwd".path;
+    
+    paths = [
+      "/etc/group"
+      "/etc/machine-id"
+      "/etc/passwd"
+      "/etc/subgid"
+      "/home"
+      "/root"
+      "/var/backup"
+      "/var/lib"
+      "/jelly/conf"
+    ];
+
+    # USE REPOSITORYFILE
+    repositoryFile = config.sops.secrets."restic/repo".path;
+    environmentFile = config.sops.secrets."restic/backblaze".path;
+
+    pruneOpts = [
+      "--keep-daily 2"
+      "--keep-weekly 4"
+      "--keep-yearly 8"
+    ];
+  };
+}
diff --git a/machines/hippocampus/backups/gitea.nix b/machines/hippocampus/backups/gitea.nix
new file mode 100644
index 0000000..4c36208
--- /dev/null
+++ b/machines/hippocampus/backups/gitea.nix
@@ -0,0 +1,6 @@
+{ ... }: {
+  services.gitea.dump = {
+    enable = true;
+    interval = "2:45";
+  };
+}
diff --git a/machines/hippocampus/backups/postgresql.nix b/machines/hippocampus/backups/postgresql.nix
new file mode 100644
index 0000000..7d69711
--- /dev/null
+++ b/machines/hippocampus/backups/postgresql.nix
@@ -0,0 +1,7 @@
+{ config, lib, pkgs, ... }: {
+  services.postgresqlBackup = {
+    enable = true;
+    startAt = "*-*-* 02:45:00";
+    location = "/var/backup/postgresql";
+  };
+}