1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
{ secrets, config, ctucxConfig, lib, ...}:
let
backups = {
audiobooks = "/nix/persist/home/katja/syncthing/Audiobooks";
documents = "/nix/persist/home/katja/syncthing/Documents";
music-orig = "/nix/persist/home/katja/syncthing/Music (Originals)";
music = "/nix/persist/home/katja/syncthing/Music";
pictures = "/nix/persist/home/katja/syncthing/Pictures";
media = "/nix/persist/home/katja/syncthing/Media (legacy)";
bahn-richtlinien = "/nix/persist/home/katja/syncthing/Bahn-Richtlinien";
};
in {
imports = [ ctucxConfig.services.syncthingNginx ];
services.syncthing = {
dataDir = "/nix/persist/home/katja/syncthing";
configDir = "/nix/persist/home/katja/.config/syncthing";
};
age.secrets = lib.mapAttrs' (
name: path: lib.nameValuePair "restic-syncthing-${name}" {
file = secrets."${config.networking.hostName}".restic."syncthing-${name}";
}
) backups;
systemd.services = lib.mapAttrs' (
name: path: lib.nameValuePair "restic-backup-syncthing-${name}" {
serviceConfig.ProtectHome = lib.mkForce false;
}
) backups;
restic-backups = lib.mapAttrs' (
name: path: lib.nameValuePair "syncthing-${name}" {
user = "katja";
passwordFile = config.age.secrets."restic-syncthing-${name}".path;
paths = [ path ];
targets = [ "wanderduene.ctu.cx" ];
}
) backups;
}