It uses a restic@.service so you end up with restic@repo.service. Then if you do need to override anything, you can use a drop in file instead of changing the whole service. I think that's much more native than creating many services.
Another thing is that it uses AmbientCapabilities=CAP_DAC_READ_SEARCH so the user can read all files, like root does. This means the service can run with a regular user instead of root.
In https://github.com/ekohl/puppet-restic/pull/1 I started to write my own module before I found yours. It's mostly based on https://tdem.in/post/restic-with-systemd/ and that uses an interesting approach, which I like a lot more than yours.
It uses a
restic@.serviceso you end up withrestic@repo.service. Then if you do need to override anything, you can use a drop in file instead of changing the whole service. I think that's much more native than creating many services.Another thing is that it uses
AmbientCapabilities=CAP_DAC_READ_SEARCHso the user can read all files, like root does. This means the service can run with a regular user instead of root.Would you be open to changing to this approach?