From 522e5d4fa9184f212d3748e020a04e79d219a3f3 Mon Sep 17 00:00:00 2001
From: Asmir A <asmir.abdulahovic@gmail.com>
Date: Fri, 5 Apr 2024 23:03:01 +0200
Subject: [PATCH] magpie/borgbackup: add periodic backup service

---
 magpie/configuration.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/magpie/configuration.nix b/magpie/configuration.nix
index 73afc89..cb7ddf2 100644
--- a/magpie/configuration.nix
+++ b/magpie/configuration.nix
@@ -232,6 +232,21 @@
     };
   };
 
+  services.borgbackup.jobs."borgbase" = {
+    paths = [
+      "/var/lib/gitea"
+    ];
+    exclude = [];
+    repo = "ssh://na9fqv67@na9fqv67.repo.borgbase.com/./repo";
+    encryption = {
+      mode = "repokey-blake2";
+      passCommand = "${pkgs.coreutils-full}/bin/cat ${config.sops.secrets."borgbase_enc_key".path}";
+    };
+    environment.BORG_RSH = "${pkgs.openssh}/bin/ssh -i ${config.sops.secrets."borgbase_ssh_key".path}";
+    compression = "auto,zstd";
+    startAt = "daily";
+  };
+
   /*
   needed for sendmail mail functionality
   */
@@ -274,6 +289,14 @@
     sopsFile = ./secrets/wg_privkey.yaml;
   };
 
+  sops.secrets."borgbase_enc_key" = {
+    sopsFile = ./secrets/borgbase_enc_key.yaml;
+  };
+
+  sops.secrets."borgbase_ssh_key" = {
+    sopsFile = ./secrets/borgbase_ssh_key.yaml;
+  };
+
   networking.hostName = "magpie";
 
   networking.firewall.enable = true;