diff options
Diffstat (limited to 'hosts/vidhar')
-rw-r--r-- | hosts/vidhar/borg/default.nix | 23 | ||||
-rw-r--r-- | hosts/vidhar/borg/uniworx.de/append.srv01.pub | 1 | ||||
-rw-r--r-- | hosts/vidhar/borg/uniworx.de/root.pub | 1 |
3 files changed, 19 insertions, 6 deletions
diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix index d6d64ec8..9a51b103 100644 --- a/hosts/vidhar/borg/default.nix +++ b/hosts/vidhar/borg/default.nix | |||
@@ -65,12 +65,23 @@ in { | |||
65 | }; | 65 | }; |
66 | }; | 66 | }; |
67 | 67 | ||
68 | services.borgbackup.repos.jotnar = { | 68 | services.borgbackup.repos = { |
69 | path = "/srv/backup/borg/jotnar"; | 69 | jotnar = { |
70 | authorizedKeysAppendOnly = let | 70 | path = "/srv/backup/borg/jotnar"; |
71 | dir = ./jotnar; | 71 | authorizedKeysAppendOnly = let |
72 | toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}"); | 72 | dir = ./jotnar; |
73 | in filter (v: v != null) (mapAttrsToList toAuthKey (builtins.readDir dir)); | 73 | toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}"); |
74 | in filter (v: v != null) (mapAttrsToList toAuthKey (builtins.readDir dir)); | ||
75 | }; | ||
76 | "uniworx.de" = { | ||
77 | path = "/srv/backups/borg/uniworx.de"; | ||
78 | authorizedKeys = [ | ||
79 | (builtins.readFile ./uniworx.de/root.pub) | ||
80 | ]; | ||
81 | authorizedKeysAppendOnly = [ | ||
82 | (builtins.readFile ./uniworx.de/append.srv01.pub) | ||
83 | ]; | ||
84 | }; | ||
74 | }; | 85 | }; |
75 | 86 | ||
76 | # systemd.services."check-borg@${utils.escapeSystemdPath "/srv/backup/borg/jotnar"}" = checkBorgUnit; | 87 | # systemd.services."check-borg@${utils.escapeSystemdPath "/srv/backup/borg/jotnar"}" = checkBorgUnit; |
diff --git a/hosts/vidhar/borg/uniworx.de/append.srv01.pub b/hosts/vidhar/borg/uniworx.de/append.srv01.pub new file mode 100644 index 00000000..708a4191 --- /dev/null +++ b/hosts/vidhar/borg/uniworx.de/append.srv01.pub | |||
@@ -0,0 +1 @@ | |||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJ73H+PNT0SC1ClnUmEtiBkd325oeay/8j+wsbteBOt borg@srv01.uniworx.de | |||
diff --git a/hosts/vidhar/borg/uniworx.de/root.pub b/hosts/vidhar/borg/uniworx.de/root.pub new file mode 100644 index 00000000..d7ea1394 --- /dev/null +++ b/hosts/vidhar/borg/uniworx.de/root.pub | |||
@@ -0,0 +1 @@ | |||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH+ozTqBxzWkWmCY8ODfPvUgatWA2g8FgJQvQn8sR0AY root@srv01.uniworx.de | |||