add btrbk.nix

2025-01-14 14:59:10 -08:00 · 2025-01-14 14:59:10 -08:00 · 485550d07c
commit 485550d07c
parent d5d7aa7105
1 changed files with 52 additions and 0 deletions
--- a/nixos/common/services/btrbk.nix
+++ b/nixos/common/services/btrbk.nix
@ -0,0 +1,52 @@
+{ hostname, pkgs, ... }: {
+
+  sops.secrets."btrbk/ssh_key" = {
+    sopsFile = ../../../secrets/secrets.yaml;
+    owner = "btrbk";
+    group = "btrbk";
+  };
+
+  security.sudo = {
+    enable = true;
+    extraRules = [
+      {
+        commands = [
+          {
+            command = "${pkgs.coreutils-full}/bin/test";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "${pkgs.coreutils-full}/bin/readlink";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "${pkgs.btrfs-progs}/bin/btrfs";
+            options = [ "NOPASSWD" ];
+          }
+        ];
+        users = [ "btrbk" ];
+      }
+    ];
+  };
+
+  services.btrbk = {
+    instances."synology" = {
+      onCalendar = "daily"; 
+      settings = {
+        snapshot_preserve_min = "7d";
+        snapshot_preserve = "7d 4w 6m";
+        target_preserve   = "7d 4w 6m";
+        ssh_identity = "/run/secrets/btrbk/ssh_key";
+        ssh_user = "btrbk"; 
+        stream_compress = "gzip";
+        volume."/" = {
+          target = "ssh://synology/volume1/BTRFS_Receives/${hostname}/";
+          subvolume = {
+            root = {};
+            nixos = {};
+          };
+        };
+      };
+    };
+  };
+}