{ inputs, ... }: { flake.modules.homeManager.restic = { config, pkgs, lib, ... }: let cfg = config.restic; in { options.restic = { repoName = lib.mkOption { description = "Name of the restic repo to use"; type = lib.types.str; default = "john-ubuntu"; }; passwordFile = lib.mkOption { description = "String path to the restic password file"; type = lib.types.str; }; paths = lib.mkOption { description = "List of string paths to include in the backup"; type = lib.types.listOf lib.types.str; default = [ ]; }; }; config = { services.restic = { enable = true; backups.${cfg.repoName} = { passwordFile = cfg.passwordFile; paths = cfg.paths; repository = "rest:https://soteria.john-stream.com/${cfg.repoName}"; extraBackupArgs = [ "--tls-client-cert ${config.mtls.certDir}/${config.mtls.bundleFilename}" "--cacert ${config.mtls.certDir}/root_ca.crt" ]; timerConfig = { OnCalendar = "00:05"; Persistent = true; RandomizedDelaySec = "5h"; }; runCheck = true; pruneOpts = [ "--keep-last 10" "--keep-hourly 8" "--keep-daily 14" "--keep-weekly 8" "--keep-monthly 12" ]; exclude = [ ".cache" ".devenv" ".rustup" ".cargo" ".venv" ".pyenv" ".vscode*" "data/postgres" "build" "__pycache__" "*.log" "*.egg-info" "*.csv" "*.m4a" ".local/share/Steam" ".local/share/Trash" "dist" "/home/*/Pictures" "/home/*/Videos" "/home/*/go" "/home/*/snap" "/home/john/john-nas" ]; }; }; }; }; }