From 5039769d31e7b3b49613dcd5c601ae837cc31a4d Mon Sep 17 00:00:00 2001
From: fleaz <mail@felixbreidenstein.de>
Date: Wed, 11 May 2022 13:46:39 +0200
Subject: [PATCH] Added modules/borgbackup and enabled on all machines

---
 modules/borgbackup.nix | 35 +++++++++++++++++++++++++++++++++++
 roles/all.nix          |  1 +
 2 files changed, 36 insertions(+)
 create mode 100644 modules/borgbackup.nix

diff --git a/modules/borgbackup.nix b/modules/borgbackup.nix
new file mode 100644
index 0000000..7e2d1c3
--- /dev/null
+++ b/modules/borgbackup.nix
@@ -0,0 +1,35 @@
+{config,...}:
+{
+  programs.ssh.knownHosts = {
+    "borg.cysec.de" = { publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOwKHZZiJ/GgDmAbO2VdGNJIcBQKnFQNXBBzyrsK+ZE0"; };
+  };
+
+  services.borgbackup.jobs = {
+    home = {
+      paths = "/home";
+      exclude = [
+        "/home/fleaz/.cache"
+        "/home/fleaz/Downloads"
+        "/home/fleaz/VirtualBox VMs"
+        "/home/fleaz/repos"
+        "/home/fleaz/.config/Code"
+        "/home/fleaz/.config/Element"
+        "/home/fleaz/.config/Signal"
+        "/home/fleaz/.config/chromium"
+        "/home/fleaz/.config/discord"
+        "/home/fleaz/.thunderbird"
+        "/home/fleaz/.mozilla"
+        "/home/fleaz/.vscode"
+      ];
+      extraCreateArgs = "--stats";
+      repo = "fleaz@borg.cysec.de:${config.networking.hostName}";
+      environment = { BORG_RSH = "ssh -i /home/fleaz/.ssh/id_borgbackup"; };
+      encryption = {
+        mode = "repokey-blake2";
+        passCommand = "cat /etc/secrets/borgbackup.txt";
+      };
+      compression = "auto,zstd";
+      startAt = "hourly";
+    };
+  };
+}
diff --git a/roles/all.nix b/roles/all.nix
index de210ba..fa7f99f 100644
--- a/roles/all.nix
+++ b/roles/all.nix
@@ -12,6 +12,7 @@
     ../modules/steam.nix
     # ../modules/via.nix broken
     ../modules/virtualbox.nix
+    ../modules/borgbackup.nix
     #../secrets/remote-builder.nix
     ../users/fleaz.nix
   ];