Capture current working state before converting platform-deployments into a submodule of the lilith-platform monorepo.
53 lines
1.7 KiB
YAML
53 lines
1.7 KiB
YAML
# Backup Infrastructure Configuration
|
|
# This file declares the complete backup infrastructure setup
|
|
|
|
# Restic Server (black)
|
|
restic_server:
|
|
host: 10.0.0.11
|
|
hostname: black
|
|
ssh_user: lilith
|
|
port: 8000
|
|
data_path: /bigdisk/restic-backups
|
|
docker_path: /bigdisk/restic
|
|
# Password will be generated or loaded from vault
|
|
# password: <generated or from vault>
|
|
|
|
# Restic Clients (workstations)
|
|
restic_clients:
|
|
- hostname: apricot
|
|
# Runs ON this machine
|
|
server_url: http://10.0.0.11:8000
|
|
code_backup_interval: 5min
|
|
dotfiles_backup_interval: 12hr
|
|
config_dir: ~/.config/restic
|
|
# Password from restic_server (shared)
|
|
|
|
# Vault Setup (workstations)
|
|
vault_clients:
|
|
- hostname: apricot
|
|
# Runs ON this machine
|
|
project_path: ~/Code/@projects/@lilith/lilith-platform
|
|
vault_symlink: ~/.vault
|
|
keychain_enabled: true # macOS only
|
|
keychain_service: restic-backup
|
|
keychain_account: lilith-platform-workstations
|
|
|
|
# Encrypted Backups (macbook)
|
|
vault_backup:
|
|
hostname: macbook
|
|
# Runs ON this machine
|
|
source: ~/.vault/
|
|
destination: ~/Documents/VaultBackups/
|
|
schedule: "0 */6 * * *" # Every 6 hours
|
|
retention: 30 # Keep last 30 backups
|
|
# Master password - DIFFERENT from restic password
|
|
# master_password: <from vault or prompt user>
|
|
|
|
# Credentials
|
|
# Note: Sensitive values should be:
|
|
# 1. Generated (restic password)
|
|
# 2. Prompted from user (master password for encrypted backups)
|
|
# 3. Loaded from vault (if vault exists)
|
|
credentials:
|
|
restic_password_source: vault # Load from vault/restic-password.txt (preserves existing repos)
|
|
master_password_source: vault # Load from vault/hosts/workstations.txt (macbook user password)
|