diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix
index 892f6dee8c7b341b8d3b5eeee30a87ca225bd741..088d9e8c79422b82d638a42aeab5da1fcf14f536 100644
--- a/morph/grid/local/grid.nix
+++ b/morph/grid/local/grid.nix
@@ -84,7 +84,6 @@ let
imports = [
gridlib.storage
grid-module
- gridlib.borgbackup
];
config = {
grid.monitoringvpnIPv4 = "172.23.23.12";
diff --git a/morph/lib/borgbackup.nix b/morph/lib/borgbackup.nix
index e0655d598c98c6e505d1404189a09e04ffc25099..1dc48dd17478a57e5b24964652774da3b4161103 100644
--- a/morph/lib/borgbackup.nix
+++ b/morph/lib/borgbackup.nix
@@ -5,9 +5,22 @@
{ lib, config, ...}:
let
+ cfg = config.services.private-storage.borgbackup;
inherit (config.grid) publicKeyPath privateKeyPath;
+
in {
- config = {
+ options.services.private-storage.borgbackup = {
+ enable = lib.mkEnableOption "Borgbackup daily backup job";
+ paths = lib.mkOption {
+ type = lib.types.listOf lib.types.str;
+ description = ''
+ A list of directories to back up using Borg.
+ '';
+ default = [ "/storage" ];
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
deployment = {
secrets = {
"borgbackup-repopath" = {
@@ -33,7 +46,7 @@ in {
services.borgbackup.jobs = {
daily = {
- paths = [ "/storage" ];
+ paths = cfg.paths;
repo = lib.fileContents config.deployment.secrets.borgbackup-repopath.source;
encryption = {
mode = "repokey-blake2";
diff --git a/morph/lib/storage.nix b/morph/lib/storage.nix
index 83c12f55cc077abb683482b8435dbcbd5025be10..1fd8c26ce3db81ae405025d97abe6068ce2a6903 100644
--- a/morph/lib/storage.nix
+++ b/morph/lib/storage.nix
@@ -7,6 +7,7 @@ in {
# Any extra NixOS modules to load on this server.
imports = [
./monitoringvpn-client.nix
+ ./borgbackup.nix
];
options.grid.storage = {
@@ -46,6 +47,8 @@ in {
services.private-storage.monitoring.exporters.node.enable = true;
services.private-storage.monitoring.exporters.tahoe.enable = true;
+ services.private-storage.borgbackup.enable = true;
+
# Turn on the Private Storage (Tahoe-LAFS) service.
services.private-storage = {
# Yep. Turn it on.