john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restic mtls opts

Browse Source
This commit is contained in:
John Lancaster
2026-03-17 12:43:40 -05:00
parent f8c40ff627
commit d9fcbe68ad
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
modules/services/restic/restic.nix
View File

@@ -34,15 +34,17 @@
RESTIC_TLS_CLIENT_CERT = mtlsClientCert; RESTIC_TLS_CLIENT_CERT = mtlsClientCert;
}; };
# This is necessary because the restic service in home manager doesn't otherwise expose these options.
systemd.user.services."restic-backups-${cfg.repoName}".Service.Environment = [
"RESTIC_CACERT=${caCert}"
"RESTIC_TLS_CLIENT_CERT=${mtlsClientCert}"
];
services.restic = { services.restic = {
enable = true; enable = true;
backups.${cfg.repoName} = { backups.${cfg.repoName} = {
repository = resticRepository; repository = resticRepository;
passwordFile = cfg.passwordFile; passwordFile = cfg.passwordFile;
extraBackupArgs = [
"--tls-client-cert ${mtlsClientCert}"
"--cacert ${caCert}"
];
paths = cfg.paths; paths = cfg.paths;
timerConfig = { timerConfig = {
OnCalendar = "00:05"; OnCalendar = "00:05";
@@ -83,6 +85,7 @@
]; ];
}; };
}; };
}; };
}; };
} }