From 16684ae050766810e7df158f82da3abbb1b2329a Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Mon, 13 Mar 2023 16:37:36 +0100 Subject: borg: uniworx.de --- hosts/vidhar/borg/default.nix | 23 +++++++++++++++++------ hosts/vidhar/borg/uniworx.de/append.srv01.pub | 1 + hosts/vidhar/borg/uniworx.de/root.pub | 1 + 3 files changed, 19 insertions(+), 6 deletions(-) create mode 100644 hosts/vidhar/borg/uniworx.de/append.srv01.pub create mode 100644 hosts/vidhar/borg/uniworx.de/root.pub (limited to 'hosts/vidhar/borg') diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix index d6d64ec8..9a51b103 100644 --- a/hosts/vidhar/borg/default.nix +++ b/hosts/vidhar/borg/default.nix @@ -65,12 +65,23 @@ in { }; }; - services.borgbackup.repos.jotnar = { - path = "/srv/backup/borg/jotnar"; - authorizedKeysAppendOnly = let - dir = ./jotnar; - toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}"); - in filter (v: v != null) (mapAttrsToList toAuthKey (builtins.readDir dir)); + services.borgbackup.repos = { + jotnar = { + path = "/srv/backup/borg/jotnar"; + authorizedKeysAppendOnly = let + dir = ./jotnar; + toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}"); + in filter (v: v != null) (mapAttrsToList toAuthKey (builtins.readDir dir)); + }; + "uniworx.de" = { + path = "/srv/backups/borg/uniworx.de"; + authorizedKeys = [ + (builtins.readFile ./uniworx.de/root.pub) + ]; + authorizedKeysAppendOnly = [ + (builtins.readFile ./uniworx.de/append.srv01.pub) + ]; + }; }; # systemd.services."check-borg@${utils.escapeSystemdPath "/srv/backup/borg/jotnar"}" = checkBorgUnit; diff --git a/hosts/vidhar/borg/uniworx.de/append.srv01.pub b/hosts/vidhar/borg/uniworx.de/append.srv01.pub new file mode 100644 index 00000000..708a4191 --- /dev/null +++ b/hosts/vidhar/borg/uniworx.de/append.srv01.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJ73H+PNT0SC1ClnUmEtiBkd325oeay/8j+wsbteBOt borg@srv01.uniworx.de diff --git a/hosts/vidhar/borg/uniworx.de/root.pub b/hosts/vidhar/borg/uniworx.de/root.pub new file mode 100644 index 00000000..d7ea1394 --- /dev/null +++ b/hosts/vidhar/borg/uniworx.de/root.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH+ozTqBxzWkWmCY8ODfPvUgatWA2g8FgJQvQn8sR0AY root@srv01.uniworx.de -- cgit v1.2.3