2 files changed, 40 insertions, 0 deletions

diff --git a/config/borg-backup.nix b/config/borg-backup.nix
new file mode 100644
index 0000000..40c8fd9
--- /dev/null
+++ b/config/borg-backup.nix
@@ -0,0 +1,39 @@
+# To initialize repo
+# borg init --encryption=keyfile /staging/backup
+# Key file also stored in pass
+{ config, lib, pkgs, ... }:
+let
+  repo = /staging/backup
+in
+{
+  systemd.services.borg-backup = {
+    description = "Run backups.";
+    path = with pkgs [ borgbackup ];
+    startAt = "*-*-* 02:30:00";
+    environment = {
+      BORG_KEYS_DIR = "/opt/secret/borg-backup-keys/";
+      REPOSITORY = "/staging/backup";
+    };
+    serviceConfig = {
+      RemainAfterExit = true;
+    };
+    script = ''
+      echo "Creating backup"
+      borg create -v --stats                     \
+        --compression lzma,6                     \
+        $REPOSITORY::'storage-{now:%Y-%m-%d}'    \
+        /storage
+
+      borg create -v --stats                     \
+        --compression lzma,6                     \
+        $REPOSITORY::'{hostname}-{now:%Y-%m-%d}' \
+        /opt /home
+
+      echo "Pruning old versions"
+      borg prune -v --list $REPOSITORY --prefix 'storage-' \
+        --keep-daily=7 --keep-weekly=4 --keep-monthly=6  
+      borg prune -v --list $REPOSITORY --prefix '{hostname}-' \
+        --keep-daily=7 --keep-weekly=4 --keep-monthly=6  
+    '';
+  };
+};
diff --git a/machines/container-shape.nix b/machines/container-shape.nix
index 2a194a0..5bee62b 100644
--- a/machines/container-shape.nix
+++ b/machines/container-shape.nix
@@ -12,6 +12,7 @@
     ../config/web-server.nix
     ../config/mail-server.nix
     ../config/dns.nix
+    ../config/borg-backup.nix
   ];
 
   users.defaultUserShell = lib.mkForce pkgs.bash;