Get Restic backups working.

Disable jj and add ~/.local/bin to path.
Add localsend.
2025-04-18 19:38:24 -05:00 · 2025-04-18 19:38:03 -05:00 · 2025-04-18 19:37:24 -05:00 · 2025-04-18 19:36:47 -05:00
4 changed files with 59 additions and 34 deletions
--- a/roles/restic.nix
+++ b/roles/restic.nix
@ -1,32 +1,38 @@
 { config, pkgs, ... }:

 {
-  services.restic.backups.home = {
-    paths = [ "/home/.zfs/snapshot/restic" ];
+  services.restic.backups.system = {
+    paths = [
+      "/home/.zfs/snapshot/restic"
+      "/var/.zfs/snapshot/restic"
+    ];
    repository = "s3:s3.us-west-001.backblazeb2.com/nolans-nixos-backups/${config.networking.hostName}";
    environmentFile = config.age.secrets."restic_b2_${config.networking.hostName}".path;
    passwordFile = config.age.secrets."restic_password_${config.networking.hostName}".path;
    initialize = true;
-    backupPrepareCommand = "${pkgs.zfs}/bin/zfs snapshot zpool/home@restic";
-    backupCleanupCommand = "${pkgs.zfs}/bin/zfs destroy zpool/home@restic";
-    timerConfig = {
-      OnCalendar = "hourly";
-      Persistent = true;
-    };
-  };
-  services.restic.backups.var = {
-    paths = [ "/var/.zfs/snapshot/restic" ];
-    repository = "s3:s3.us-west-001.backblazeb2.com/nolans-nixos-backups/${config.networking.hostName}";
-    environmentFile = config.age.secrets."restic_b2_${config.networking.hostName}".path;
-    passwordFile = config.age.secrets."restic_password_${config.networking.hostName}".path;
-    initialize = true;
-    backupPrepareCommand = "${pkgs.zfs}/bin/zfs snapshot zpool/var@restic";
-    backupCleanupCommand = "${pkgs.zfs}/bin/zfs destroy zpool/var@restic";
-    timerConfig = {
-      OnCalendar = "hourly";
-      Persistent = true;
-    };
+    backupPrepareCommand = ''
+      #!${pkgs.bash}/bin/sh
+      ${pkgs.zfs}/bin/zfs snapshot zpool/home@restic
+      ${pkgs.zfs}/bin/zfs snapshot zpool/var@restic
+    '';
+    backupCleanupCommand = ''
+      #!${pkgs.bash}/bin/sh
+      ${pkgs.zfs}/bin/zfs destroy zpool/home@restic
+      ${pkgs.zfs}/bin/zfs destroy zpool/var@restic
+    '';
+    timerConfig.OnCalendar = "hourly";
+    pruneOpts = [
+      "--keep-daily 7"
+      "--keep-weekly 5"
+      "--keep-monthly 12"
+      "--keep-yearly 2"
+    ];
  };
+
+  systemd.tmpfiles.rules = [
+    "d /mnt/restic 0700 root root"
+  ];
+
  age.secrets."restic_b2_${config.networking.hostName}".file =
    ../secrets/restic_b2_${config.networking.hostName}.age;
  age.secrets."restic_password_${config.networking.hostName}".file =
--- a/users/nolan/desktop-minimal.nix
+++ b/users/nolan/desktop-minimal.nix
@ -10,6 +10,8 @@
    packages = with pkgs; [ unstable.firefoxpwa ];
  };

+  programs.localsend.enable = true;
+
  home-manager.users.nolan = {
    programs = {
      firefox = {
--- a/users/nolan/desktop.nix
+++ b/users/nolan/desktop.nix
@ -44,15 +44,15 @@
          credential.helper = "${pkgs.git.override { withLibsecret = true; }}/bin/git-credential-libsecret";
        };
      };
-      jujutsu = {
-        enable = true;
-        settings = {
-          user = {
-            name = "Nolan Darilek";
-            email = "nolan@thewordnerd.info";
-          };
-        };
-      };
+      # jujutsu = {
+      #   enable = true;
+      #   settings = {
+      #     user = {
+      #       name = "Nolan Darilek";
+      #       email = "nolan@thewordnerd.info";
+      #     };
+      #   };
+      # };
      obs-studio = {
        enable = true;
        plugins = with pkgs.obs-studio-plugins; [
@ -65,4 +65,8 @@
      };
    };
  };
+
+  environment.sessionVariables = {
+    PATH = [ "$HOME/.local/bin" ];
+  };
 }
--- a/users/root.nix
+++ b/users/root.nix
@ -1,7 +1,20 @@
 { config, pkgs, ... }:

 {
-  users.users.root.openssh.authorizedKeys.keys = [
+  users.users.root = {
+    openssh.authorizedKeys.keys = [
      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPk6C4eOYzTZ8XOuUA2tErGnSTLS/l9kRDl9+5Ql+m7VtaH/KRFbu6x+C0QAIKOrRcQOjpGYUjL1aIn0HCcoEW2PSihDmOHC+W8cy8ucScy4fPI5KpFFqTZU336Fje+NS4n587gcoaa5LjKcr2KZy/ljgzl4eNSRIqy85khfH4puxsj7LwTIqsZoqDhtD/jSqaKP1C2wuYSsijLF85UnRcT9jErnL757yUv/4xb4Is+gB0zan9GiBXRca4lzb0mY8rmMXmKhc2lm/mu8ogZRdYX5R2JP1AukzYGSdOFs4iUauihgvakuou9AugD2CC+ygYIEbWkUjwKfT9nRN93Qi9 id_rsa"
    ];
+    shell = pkgs.fish;
+  };
+
+  programs.fish.enable = true;
+
+  home-manager.users.root.home = {
+    shellAliases = {
+      "systemctl" = "systemctl --no-ager -l";
+      "journalctl" = "journalctl --no-pager -l";
+    };
+    stateVersion = "24.11";
+  };
 }
Author	SHA1	Message	Date
Nolan Darilek	56ca8bd17a	Get Restic backups working.	2025-04-18 19:38:24 -05:00
Nolan Darilek	db901f2bf5	Disable jj and add ~/.local/bin to path.	2025-04-18 19:38:03 -05:00
Nolan Darilek	f6bbe8f4d9	Add localsend.	2025-04-18 19:37:24 -05:00
Nolan Darilek	e1912f1f1a	Switch root to fish and add shell aliases.	2025-04-18 19:36:47 -05:00