.hive/modules/home/borg.nix

{
  config,
  pkgs,
  ...
}: let
  defaultChecks = [
    {
      name = "repository";
      frequency = "2 weeks";
    }
    {
      name = "archives";
      frequency = "4 weeks";
    }
    {
      name = "data";
      frequency = "6 weeks";
    }
    {
      name = "extract";
      frequency = "6 weeks";
    }
  ];
  passwordFile = "${config.home.homeDirectory}/.config/borg/password";
  encCmd = ''cat ${passwordFile}'';
  repo = "ssh://borg.jroeger.de/./comfy-station";
in {
  sops.secrets = {
    "borg/password" = {
      sopsFile = ../../secrets/jonas/borg.yaml;
      key = "password";
      path = passwordFile;
    };
  };

  services.borgmatic.enable = true;
  services.borgmatic.frequency = "hourly";

  programs.borgmatic.enable = true;
  programs.borgmatic.backups = {
    workspaces = {
      location = {
        sourceDirectories = ["${config.xdg.userDirs.extraConfig.XDG_WORKSPACES_DIR}"];
        repositories = [repo];
        excludeHomeManagerSymlinks = true;
        extraConfig = {
          archive_name_format = "{hostname}-workspaces-{now}";
          exclude_patterns = [
            "*/.venv"
            "__pycache__"
          ];
        };
      };
      retention = {
        keepDaily = 7;
        keepHourly = 12;
        keepWeekly = 4;
        keepMonthly = 6;
      };
      storage = {
        encryptionPasscommand = encCmd;
      };
      consistency.checks = defaultChecks;
    };
    media = {
      location = {
        sourceDirectories = [
          "${config.xdg.userDirs.documents}"
          "${config.xdg.userDirs.music}"
          "${config.xdg.userDirs.pictures}"
          "${config.xdg.userDirs.videos}"
        ];
        repositories = [repo];
        excludeHomeManagerSymlinks = true;
        extraConfig = {
          archive_name_format = "{hostname}-media-{now}";
        };
      };
      retention = {
        keepDaily = 7;
        keepWeekly = 2;
        keepMonthly = 6;
      };
      storage = {
        encryptionPasscommand = encCmd;
      };
      consistency.checks = defaultChecks;
    };
    sec = {
      location = {
        sourceDirectories = [
          "${config.xdg.configHome}/sops"
        ];
        repositories = [repo];
        excludeHomeManagerSymlinks = true;
        extraConfig = {
          archive_name_format = "{hostname}-sec-{now}";
        };
      };
      retention = {
        keepDaily = 7;
        keepWeekly = 2;
        keepMonthly = 6;
      };
      storage = {
        encryptionPasscommand = encCmd;
      };
      consistency.checks = defaultChecks;
    };
    var = {
      location = {
        sourceDirectories = [
          "${config.xdg.userDirs.desktop}"
          "${config.xdg.userDirs.download}"
        ];
        repositories = [repo];
        excludeHomeManagerSymlinks = true;
        extraConfig = {
          archive_name_format = "{hostname}-var-{now}";
        };
      };
      retention = {
        keepDaily = 7;
        keepWeekly = 2;
        keepMonthly = 6;
      };
      storage = {
        encryptionPasscommand = encCmd;
      };
      consistency.checks = defaultChecks;
    };
  };
}