{ config, lib, pkgs, ... }: { boot = { loader.grub.zfsSupport = true; zfs = { extraPools = ["zarchive"]; requestEncryptionCredentials = ["zactive/main"]; package = pkgs.zfs_unstable; }; }; services.zfs = { autoScrub.enable = true; trim.enable = true; }; services.zrepl = { enable = true; settings = { global = { logging = [ { type = "syslog"; level = "info"; format = "human"; } ]; }; jobs = let archiveBaseName = "archive"; backupBaseName = "backup"; pushConfig = name: snapshot: grid: { type = "push"; name = "push-${name}"; connect = { type = "local"; listener_name = "${name}-listener"; client_identity = config.networking.hostName; }; filesystems."zactive/main/home" = true; send.encrypted = true; snapshotting = snapshot; pruning = { keep_sender = [ { type = "grid"; regex = "^zrepl-.*"; grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "24x1h" "7x1d" "4x1w"]; } ]; keep_receiver = [ { type = "grid"; regex = "^zrepl-.*"; grid = lib.concatStringsSep " | " grid; } ]; }; replication.protection = { initial = "guarantee_resumability"; incremental = "guarantee_incremental"; }; }; sinkConfig = name: dataset: { type = "sink"; name = "sink-${name}"; serve = { type = "local"; listener_name = "${name}-listener"; }; root_fs = dataset; recv.placeholder.encryption = "off"; }; in [ (pushConfig archiveBaseName { type = "periodic"; prefix = "zrepl-"; interval = "1h"; } ["1x1h(keep=all)" "30x1d" "52x1w"]) (pushConfig backupBaseName {type = "manual";} ["1x1h(keep=all)" "8x13w"]) (sinkConfig archiveBaseName "zarchive/snapshot") (sinkConfig backupBaseName "zbackup/snapshot") ]; }; }; }