40 lines
1 KiB
Nix
40 lines
1 KiB
Nix
{ config, lib, pkgs, sops, secrets, ... }:
|
|
|
|
{
|
|
# --- sops secret integration ---
|
|
sops.secrets."rclone.conf" = {
|
|
sopsFile = secrets + "/rclone.yaml";
|
|
format = "yaml";
|
|
};
|
|
|
|
# --- user service ---
|
|
systemd.user.services."rclone-backup" = {
|
|
Unit = {
|
|
Description = "Encrypted rclone backup to Google Drive";
|
|
After = [ "network-online.target" ];
|
|
};
|
|
|
|
Service = {
|
|
Type = "oneshot";
|
|
ExecStart = ''
|
|
${pkgs.rclone}/bin/rclone sync \
|
|
/home/thiago/Documents \
|
|
gcrypt:backup \
|
|
--config ${config.sops.secrets."rclone.conf".path} \
|
|
--log-file=${config.home.homeDirectory}/.local/share/rclone-backup.log \
|
|
--log-level INFO
|
|
'';
|
|
};
|
|
};
|
|
|
|
# --- timer (every 6 h) ---
|
|
systemd.user.timers."rclone-backup" = {
|
|
Unit.Description = "Periodic encrypted backup to Google Drive";
|
|
Timer = {
|
|
OnBootSec = "10m";
|
|
OnUnitActiveSec = "6h";
|
|
Persistent = true;
|
|
};
|
|
Install.WantedBy = [ "timers.target" ];
|
|
};
|
|
}
|