From 49bc50ae3992ea0b15be7ddfed7b8157751deb29 Mon Sep 17 00:00:00 2001
From: Cilly Leang <mini@cilly.moe>
Date: Fri, 19 Jun 2026 09:54:05 +1000
Subject: [PATCH 1/2] alyssum/restic: init

---
 hosts/alyssum/default.nix |   3 ++-
 hosts/alyssum/restic.nix  |  30 ++++++++++++++++++++++++++++++
 secrets.nix               |   4 ++++
 secrets/restic_env.age    |  10 ++++++++++
 secrets/restic_pass.age   | Bin 0 -> 497 bytes
 secrets/restic_url.age    |   9 +++++++++
 6 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 hosts/alyssum/restic.nix
 create mode 100644 secrets/restic_env.age
 create mode 100644 secrets/restic_pass.age
 create mode 100644 secrets/restic_url.age

diff --git a/hosts/alyssum/default.nix b/hosts/alyssum/default.nix
index 06c415f..255380a 100644
--- a/hosts/alyssum/default.nix
+++ b/hosts/alyssum/default.nix
@@ -33,8 +33,9 @@
 
     ./filesystem.nix
     ./kernel.nix
-    ./networking.nix
     ./home.syncthing.nix
+    ./networking.nix
+    ./restic.nix
     ./samba.nix
 
     ../../users/hana
diff --git a/hosts/alyssum/restic.nix b/hosts/alyssum/restic.nix
new file mode 100644
index 0000000..081bf72
--- /dev/null
+++ b/hosts/alyssum/restic.nix
@@ -0,0 +1,30 @@
+{ config, ... }: {
+  age.secrets.restic_env.file = ../../secrets/restic_env.age;
+  age.secrets.restic_pass.file = ../../secrets/restic_pass.age;
+  age.secrets.restic_url.file = ../../secrets/restic_url.age;
+
+  services.restic.backups."flower" = {
+    initialize = true;
+    createWrapper = true;
+    progressFps = "0.016666";
+
+    environmentFile = config.age.secrets.restic_env.path;
+    passwordFile = config.age.secrets.restic_pass.path;
+    repositoryFile = config.age.secrets.restic_url.path;
+
+    paths = ["/flower"];
+    timerConfig = {
+      # every 30mns
+      OnCalendar = "*-*-* *:00,30:00";
+      Persistent = true;
+    };
+    bleh = [
+      "--keep-last 24"
+      "--keep-hourly 24"
+      "--keep-daily 7"
+      "--keep-weekly 5"
+      "--keep-monthly 12"
+      "--keep-yearly 75"
+    ];
+  };
+}
diff --git a/secrets.nix b/secrets.nix
index b1f55e5..d7ac2cc 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -12,6 +12,10 @@ in {
   "secrets/passwd_smbkujira.age".publicKeys = [ alyssum rin ];
   "secrets/wpa_conf.age".publicKeys = [ alyssum blossom rin ];
 
+  "secrets/restic_env.age".publicKeys = [ alyssum dandelion rin ];
+  "secrets/restic_pass.age".publicKeys = [ alyssum dandelion rin ];
+  "secrets/restic_url.age".publicKeys = [ alyssum dandelion rin ];
+
   "secrets/acme_dns.age".publicKeys = [ alyssum dandelion hazel rin ];
   "secrets/navidrome_env.age".publicKeys = [ alyssum dandelion rin ];
   "secrets/slskd_env.age".publicKeys = [ anemone dandelion rin ];
diff --git a/secrets/restic_env.age b/secrets/restic_env.age
new file mode 100644
index 0000000..1917eef
--- /dev/null
+++ b/secrets/restic_env.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 kOMSPw CYNG6K56RVMY5KP3vTczaCG9DVL3Ryv7QtqRzrdONh4
+VKH43RjHzP2TcyK8bEO8pZzZZeXqNXEDNq4JCkhMXlQ
+-> ssh-ed25519 bRFqeQ AmuEljYrO5qqhaJQONYxQZTlaid2qNt+kktiMRDSKl4
+u+KzYFuEx+UCBfdcpup0fbEp1vGMP24nE3MwvcjhTSc
+-> ssh-ed25519 U9FXlg IKN6gdqtD0FDOBk5vXuLD7AYuRtCGsIe5CYMJwyvcG4
+f5lkALvyjz1X94JmnG4u9kZ0S1TgZeBv+uxumFPChzQ
+--- 3LBfI6E7NfSK1F42/cQkUzrpry6OWCeW/67YOpZe00k
+8Ägé†Òî9(<Ý9OT.L_C2ûXT¿1Lô‡=¨3ÓÞØWCÓo¾ze?4ƒsUÁ.Ã<zø¤ëI…ºèyŠÔÕ,bPü?žžå(Òb»¬?7„é„dÕƒU€*-<Ãòì¤¯aDÖ‰±éþ^,?3¼Ü	ðE²ább«
+vHÇ
\ No newline at end of file
diff --git a/secrets/restic_pass.age b/secrets/restic_pass.age
new file mode 100644
index 0000000000000000000000000000000000000000..d9a68892045a9c441c4e19722d877707602d15e1
GIT binary patch
literal 497
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7_V*1AC|58|DonJj
zbPG(&OU|><&q_>o3rg|y%+vSGF>?2|^hj}wEU66g2sKO(_2tUVC<)JZ_eu3n%c%;~
zFHSY^FfjMhcMVF@_78EZFxS@hu&Bx|Do8BNaYeT+DafrbHBdp{)6gW}+&41K%OIr4
zx60WxH^oceBex(iw4f}*D9yt!B_OrH#7y7c$b`$!uO!#4BsnC?v7$W1FF(8>GATK+
zBCE_PB`VBOKQhhKurMRbFVQ&D%mCfCP)oOnoOFfK!eZl+tlV_hoCsIn@(edK1GixF
z0>>(&{4{sp<ch-l9805;OkeH5AOo&M55rQ+6vqGy$6|xLAcIVOkMM}H!~i2xxBL=!
zQ!_u~L<_?VUzai$OHVFcU0sFns1mcZLc<hapNtCQ)TrQ~{PeOwv*M_f!qP;4L#MLB
zjASR5B=5keylk#zKkIb_7TZ=FSG}}|z3xlbuFp5GIz3<VO7vE7Y$8Yb!pZ%4tLmQ2
zea-dSK;!H;mY0V9e!niy{`oJT;R++)R*4Gzc|tz^a<R8`-m7^oy~kgEqIzH0+P!QN
OK{Z!Hm+GZkz5)O*e6UFX

literal 0
HcmV?d00001

diff --git a/secrets/restic_url.age b/secrets/restic_url.age
new file mode 100644
index 0000000..0d3a2d1
--- /dev/null
+++ b/secrets/restic_url.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 kOMSPw l9/BY4rhuzGl/MRKjJ6Hyz2AGpsIZlDojQhSzJ8IxzY
+tEGqxZOEWHZvTazrDoC4uTOyuT7fgRKXxumxpjdE89o
+-> ssh-ed25519 bRFqeQ XQ1wRRwOP1bIiEX/Dh4tkHB3vF1OdZcLNTtVVM1oWgU
+S6qXQsPNY0bGaUz+iLoJ0GBL26FtM4h/sgxqvIwOS3g
+-> ssh-ed25519 U9FXlg pmY+R/M38tLi1dq2ll9FDv6uaGv8XlkE99NoAemtlGY
+FGZodar5ESxmOZYDZ0F8P1FXNzkEpqT6jyJgzY5wLc0
+--- ig7eZey8XraBclyUEJRv1lJUyiOjqsfGc8Q+jjbAuvQ
+e˜Ä¶Š@‰zYþäö¶µtÒÁØ÷Vï4%s29>§íªéÿé–‡(y8Â% ªj|PÓÑ¨:»©:å-˜Y´I±Òä )CÌ¹ÝI%yÙ¸:îLC¯f¨q_
\ No newline at end of file

From 9724f1d7317d4b06f731a00ca53853b593c9ed97 Mon Sep 17 00:00:00 2001
From: Cilly Leang <mini@cilly.moe>
Date: Fri, 19 Jun 2026 09:55:28 +1000
Subject: [PATCH 2/2] user/git: enable push.autoSetupRemote

---
 modules/user/git.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/user/git.nix b/modules/user/git.nix
index ca2762e..77f6b72 100644
--- a/modules/user/git.nix
+++ b/modules/user/git.nix
@@ -11,6 +11,7 @@
       core.abbrev = 11;
       safe.directory = "/home/rin/Projects/flakes";
       init.defaultBranch = "master";
+      push.autoSetupRemote = true;
     };
   };
 }