overhaul of backup system

2025-11-08 21:14:34 +00:00 · 2025-11-08 21:14:34 +00:00 · 912308dced
commit 912308dced
parent 2bdeadfa7a
19 changed files with 226 additions and 196 deletions
--- a/services/lldap.nix
+++ b/services/lldap.nix
@ -3,37 +3,15 @@
 in {
  age.secrets."hidden_service/lldap".file = ../secrets/hidden_service/lldap;

-  services = {
-    lldap = {
-      enable = true;
-      settings = {
-        http_url = "https://login.distrust.network";
-        http_port = lldapPort;
-        ldap_user_email = "root@distrust.network";
-        ldap_user_dn = "root";
-        ldap_base_dn = "dc=distrust,dc=network";
-        ldap_user_pass = "VERY_SECURE";
-      };
-    };
-    borgbackup.jobs."lldap" = {
-      repo = "ssh://u506783@u506783.your-storagebox.de:23/./lldap";
-      environment = {
-        BORG_RSH = "ssh -i ${config.age.secrets."borg_ed25519".path} -o 'StrictHostKeyChecking=no'";
-      };
-      paths = [
-        "/var/lib/lldap"
-      ];
-      encryption = {
-        mode = "keyfile";
-        passCommand = "cat ${config.age.secrets."borg_pass".path}";
-      };
-      compression = "auto,lzma";
-      startAt = "daily";
-      prune.keep = {
-        daily = 7;
-        weekly = 4;
-        monthly = -1;
-      };
+  services.lldap = {
+    enable = true;
+    settings = {
+      http_url = "https://login.distrust.network";
+      http_port = lldapPort;
+      ldap_user_email = "root@distrust.network";
+      ldap_user_dn = "root";
+      ldap_base_dn = "dc=distrust,dc=network";
+      ldap_user_pass = "VERY_SECURE";
    };
  };

@ -46,5 +24,11 @@ in {
    virtualHostConfig = ''
      reverse_proxy localhost:${toString lldapPort}
    '';
+    backup = {
+      enable = true;
+      paths = [
+        "/var/lib/lldap"
+      ];
+    };
  };
 }