feat: migrate backup destination to dedicated rest-server

- Migrate restic backup destination on nixos and vps to y2q rest-server
- Split host-specific restic env secrets

hosts/vps/modules/services/restic.nix

@@ -1,51 +1,32 @@
 { config, ... }:
 
-let
-  paths = [
-    "/var/lib/zipline"
-    "/var/lib/postgresql"
-    "/var/lib/forgejo"
-    "/var/lib/trilium"
-    "/var/lib/bitwarden_rs"
-  ];
-in {
+{
   sops.secrets = {
     "restic/password" = {};
-    "restic/env" = {};
-    "restic/rclone-config" = {};
+    "restic/env/vps" = {};
   };
 
-  services.restic.backups.b2 = {
+  services.restic.backups.y2q = {
     initialize = true;
     inhibitsSleep = true;
     passwordFile = config.sops.secrets."restic/password".path;
-    paths = paths;
-    repository = "s3:https://s3.us-east-005.backblazeb2.com/restic-backups-vps";
-    environmentFile = config.sops.secrets."restic/env".path;
+    paths = [
+      "/var/lib/zipline"
+      "/var/lib/postgresql"
+      "/var/lib/forgejo"
+      "/var/lib/trilium"
+      "/var/lib/bitwarden_rs"
+    ];
+    repository = "rest:http://restic.ts.700457.xyz/vps/";
+    environmentFile = config.sops.secrets."restic/env/vps".path;
     pruneOpts = [
+      "--keep-hourly 3"
       "--keep-daily 7"
       "--keep-weekly 3"
       "--keep-monthly 3"
     ];
     timerConfig = {
-      OnCalendar = "daily";
-      Persistent = true;
-    };
-  };
-  services.restic.backups.nextcloud = {
-    initialize = true;
-    inhibitsSleep = true;
-    passwordFile = config.sops.secrets."restic/password".path;
-    paths = paths;
-    repository = "rclone:nextcloud:restic/vps";
-    rcloneConfigFile = config.sops.secrets."restic/rclone-config".path;
-    pruneOpts = [
-      "--keep-daily 7"
-      "--keep-weekly 4"
-      "--keep-monthly 6"
-    ];
-    timerConfig = {
-      OnCalendar = "daily";
+      OnCalendar = "hourly";
       Persistent = true;
     };
   };