Christoph Heiss
2cb5597d77
All checks were successful
flake / build (push) Successful in 3m26s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
35 lines
975 B
Nix
35 lines
975 B
Nix
{ config, lib, my, pkgs, secrets, ... }:
|
|
|
|
{
|
|
services.postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_16;
|
|
enableTCPIP = lib.mkDefault false;
|
|
initdbArgs = [ "--data-checksums" ];
|
|
};
|
|
|
|
services.postgresqlBackup = {
|
|
enable = true;
|
|
backupAll = true;
|
|
compression = "zstd";
|
|
startAt = "*-*-* 04:00:00"; # daily at 04:00
|
|
};
|
|
|
|
users.users.postgres.extraGroups = [ "restic-backup" ];
|
|
|
|
services.restic.backups.postgresql-16 = {
|
|
environmentFile = secrets."restic/rest-env".path;
|
|
initialize = true;
|
|
repository =
|
|
"${my.homelab.services.restic.repositoryBase}/${config.networking.hostName}";
|
|
passwordFile = secrets."restic/repo-password".path;
|
|
user = "postgres";
|
|
paths = [ "/var/backup/postgresql/all.sql.zstd" ];
|
|
timerConfig.OnCalendar = "*-*-* 4:30:00"; # daily at 04:30
|
|
backupCleanupCommand = my.mkResticBackupNotificationCmd {
|
|
name = "postgresql-16";
|
|
inherit pkgs secrets;
|
|
};
|
|
};
|
|
}
|