restic: add timer option

config/hosts/florp/configuration.nix

@@ -16,9 +16,14 @@
   kyouma.restic = {
     enable = true;
     remoteUser = "zh3485s1";
+    timerConfig = {
+      OnCalendar = "hourly";
+      Persistent = true;
+    };
     paths = [
       "/var/lib/akkoma"
       "/var/lib/postgresql"
+      "/var/lib/secrets"
     ];
   };
   systemd.network.networks."98-eth-default" = {

config/services/akkoma/default.nix

@@ -238,11 +238,10 @@
   services.nginx = {
     clientMaxBodySize = "256m";
     commonHttpConfig = ''
-      access_log /var/log/nginx/access.log;
-      error_log /var/log/nginx/err.log warn;
+      access_log off;
 
       proxy_cache_path /var/cache/nginx/akkoma-media-cache
-        levels= keys_zone=akkoma_media_cache:32m max_size=64g
+        levels= keys_zone=akkoma_media_cache:64m max_size=64g
         inactive=1y use_temp_path=off;
     '';
   };

modules/restic/default.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: let
+{ config, lib, pkgs, utils, ... }: let
   cfg = config.kyouma.restic;
 in {
   options.kyouma.restic = let
@@ -40,6 +40,14 @@ in {
       type = types.nonEmptyStr;
       default = "${config.networking.hostName}-backup";
     };
+    timerConfig = mkOption {
+      description = "timer config";
+      type = with types; nullOr (attrsOf utils.systemdUtils.unitOptions.unitOption);
+      default = {
+        OnCalendar = "daily";
+        Persistent = true;
+      };
+    };
   };
   config = lib.mkIf cfg.enable {
     sops.secrets."restic/${cfg.remoteUser}/password" = {
@@ -50,7 +58,7 @@ in {
     };
 
     services.restic.backups."${config.networking.hostName}-${cfg.remote}" = {
-      inherit (cfg) paths user pruneOpts;
+      inherit (cfg) paths user pruneOpts timerConfig;
       initialize = true;
       repository = "sftp:${cfg.remoteUser}@${cfg.remote}:${cfg.repo}";
       passwordFile = config.sops.secrets."restic/${cfg.remoteUser}/password".path;