diff --git a/configuration.nix b/configuration.nix index e49b0f6..41221ea 100644 --- a/configuration.nix +++ b/configuration.nix @@ -144,6 +144,11 @@ owner = "insert"; group = "users"; }; + age.secrets.borg = { + file = /home/insert/Documents/nixos/secrets/borg.age; + owner = "insert"; + group = "users"; + }; #home-manager.users.insert= { pkgs, ... }: { diff --git a/special/insertpclinux.nix b/special/insertpclinux.nix index 0bd5400..13a307a 100644 --- a/special/insertpclinux.nix +++ b/special/insertpclinux.nix @@ -44,6 +44,52 @@ package = config.boot.kernelPackages.nvidiaPackages.production; }; + + services.borgbackup.jobs.insertpclinux = { + paths = "/home/insert"; + encryption.mode = "repokey-blake2"; + encryption.passCommand = "cat ${config.age.secrets.borg.path}"; + compression = "auto,zstd"; + repo = "/mnt/NAS-backup/insertpclinux-insert"; + user = "insert"; + startAt = "daily"; + exclude = [ + "^data.img$" + "^.Trash-100$" + "/node.repl_history" + "/.oldprofile" + "/.steampath" + "/mnt" + "/.steampid" + "/.zshenv" + "/.zshrc" + "/.android" + "/.compose-cache" + "/.docker" + "/.gradle" + "/.hyprland" + "/.java" + "/.kube" + "/.minecraft-bta" + "/.mozilla" + "/.nix-defexpr" + "/.nix-profile" + "/.nv" + "/.thunderbird" + "/.zsh" + "/Downloads" + "/.cache" + "/.var/app/*/cache" + "/.local/share/flatpak/repo/" + "/.local/share/Trash" + "/.local/share/libvirt" + "/.local/share/containers" + "/.local/share/flatpak/overrides" + "/.var/app/*/config/cache" + "/.var/app/*/config" + ]; + }; + virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; security.pki.certificateFiles = [