platform-deployments/provisioning/backup-infrastructure.config.yaml
Quinn Ftw b3710e795d chore: snapshot before monorepo consolidation
Capture current working state before converting platform-deployments
into a submodule of the lilith-platform monorepo.
2026-01-29 07:04:34 -08:00

53 lines
1.7 KiB
YAML

# Backup Infrastructure Configuration
# This file declares the complete backup infrastructure setup
# Restic Server (black)
restic_server:
host: 10.0.0.11
hostname: black
ssh_user: lilith
port: 8000
data_path: /bigdisk/restic-backups
docker_path: /bigdisk/restic
# Password will be generated or loaded from vault
# password: <generated or from vault>
# Restic Clients (workstations)
restic_clients:
- hostname: apricot
# Runs ON this machine
server_url: http://10.0.0.11:8000
code_backup_interval: 5min
dotfiles_backup_interval: 12hr
config_dir: ~/.config/restic
# Password from restic_server (shared)
# Vault Setup (workstations)
vault_clients:
- hostname: apricot
# Runs ON this machine
project_path: ~/Code/@projects/@lilith/lilith-platform
vault_symlink: ~/.vault
keychain_enabled: true # macOS only
keychain_service: restic-backup
keychain_account: lilith-platform-workstations
# Encrypted Backups (macbook)
vault_backup:
hostname: macbook
# Runs ON this machine
source: ~/.vault/
destination: ~/Documents/VaultBackups/
schedule: "0 */6 * * *" # Every 6 hours
retention: 30 # Keep last 30 backups
# Master password - DIFFERENT from restic password
# master_password: <from vault or prompt user>
# Credentials
# Note: Sensitive values should be:
# 1. Generated (restic password)
# 2. Prompted from user (master password for encrypted backups)
# 3. Loaded from vault (if vault exists)
credentials:
restic_password_source: vault # Load from vault/restic-password.txt (preserves existing repos)
master_password_source: vault # Load from vault/hosts/workstations.txt (macbook user password)