{ pkgs, config, ... }: let # Backup home script backup-home = pkgs.writeShellApplication { name = "backup-home"; runtimeInputs = with pkgs; [ coreutils curl jq libnotify restic ]; text = '' echo "========== BACKUP HOME STARTING ==========" export RESTIC_PASSWORD="gunter.home.2rjus.net" export RESTIC_REPOSITORY="rest:http://10.69.12.52:8000/gunter.home.2rjus.net" SECRET_PATH="$XDG_CONFIG_HOME/sops-nix/secrets/gotify_backup_home" if ! [ -f "$SECRET_PATH" ]; then notify-send -u critical "Backup issue" "Secret file for gotify token does not exist" else GOTIFY_TOKEN=$(<"$SECRET_PATH") if [ -z "$GOTIFY_TOKEN" ]; then notify-send -u critical "Backup issue" "No Gotify token found" fi fi # Send start notification notify-send -e -t 3000 "Backup started" "Backup of /home/torjus started" retval=$? if [ $retval -ne 0 ]; then echo "Failed to send notification" fi # Do the backup echo "========== BACKUP TASK STARTING ==========" SECONDS=0 restic backup /home/torjus \ --exclude '/home/torjus/.cache' \ --exclude '/home/torjus/.local/share/Steam' \ --exclude '/home/torjus/.local/share/containers' \ --exclude '/home/torjus/.var' \ --exclude '/home/torjus/.local/share/lutris' \ --exclude '/home/torjus/.npm' \ --exclude '/home/torjus/.factorio/mods' \ --exclude '/home/torjus/.zoom' \ --exclude '/home/torjus/git/nixpkgs' retval=$? if [ $retval -ne 0 ]; then notify-send -u critical "Backup failed" "Backup of /home/torjus failed" retval=$? if [ $retval -ne 0 ]; then curl "https://gotify.t-juice.club/message?token=$GOTIFY_TOKEN" \ -F "title=Backup of home@gunter failed!" \ -F "message=Please check status of backup-home service" fi fi BACKUP_DURATION="$SECONDS" echo "========== BACKUP TASK COMPLETE ==========" # Remove old snapshots and prune echo "========== PRUNE TASK STARTING ==========" restic forget -d 7 -w 4 -m 6 --keep-within 1d --prune echo "========== PRUNE TASK COMPLETE ==========" # Gather statistics echo "========== STATS TASK STARTING ==========" stats=$(restic stats --json) stats_raw=$(restic stats --mode=raw-data --json) raw_size=$(jq -r '.total_size' <<< "$stats_raw" \ | numfmt --to=iec --suffix=B --format="%.2f") total_size=$(jq -r '.total_size' <<< "$stats" \ | numfmt --to=iec --suffix=B --format="%.2f") total_files=$(jq -r '.total_file_count' <<< "$stats" \ | numfmt --to=iec) total_snapshots=$(jq -r '.snapshots_count' <<< "$stats") message="$total_files files\n$total_snapshots snapshots\n$raw_size ($total_size)" echo "========== STATS TASK COMPLETE ==========" # Send completion notification notify-send -i checkmark -e -t 10000 \ "Backup of /home/torjus completed in ''${BACKUP_DURATION}s (''${SECONDS}s total)" "$message" retval=$? if [ $retval -ne 0 ]; then echo "Failed to send notification" exit $retval fi echo "========== BACKUP HOME COMPLETE ==========" ''; }; in { sops.secrets."gotify_backup_home" = { }; systemd.user.services.backup-home = { Unit = { Description = "Backup home directory"; After = [ "network.target" "sops-nix.service" ]; }; Service = { Type = "oneshot"; ExecStart = "${backup-home}/bin/backup-home"; }; }; systemd.user.timers.backup-home = { Unit = { Description = "Backup home directory"; After = [ "network.target" ]; }; Timer = { OnCalendar = "*-*-* *:00:00"; Persistent = true; }; Install = { WantedBy = [ "timers.target" "graphical-session.target" ]; }; }; }