lytedev/nix
1
0
Fork 1
Code Issues Pull requests 1 Actions Packages Projects Releases Wiki Activity

Tweak backups - pretty sure passwords are wrong
Some checks failed
/ check (push) Failing after 29s
Details

Browse source
This commit is contained in:
Daniel Flanagan 2024-09-11 12:03:55 -05:00
parent 524a34d819
commit cf2f2ecf0a
1 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
nixos/beefcake.nix
View file

@ -589,7 +589,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
"10-backups" = { "10-backups" = {
"/storage/postgres" = { "/storage/postgres" = {
"d" = { "d" = {
mode = "0770"; mode = "0750";
user = "postgres"; user = "postgres";
group = "postgres"; group = "postgres";
}; };
@ -675,9 +675,20 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
group = "restic"; group = "restic";
openssh.authorizedKeys.keys = [] ++ config.users.users.daniel.openssh.authorizedKeys.keys; openssh.authorizedKeys.keys = [] ++ config.users.users.daniel.openssh.authorizedKeys.keys;
}; };
systemd.tmpfiles.settings = {
"10-caddy" = {
"/storage/backups/local" = {
"d" = {
mode = "0750";
user = "root";
group = "wheel";
};
};
};
};
services.restic.backups = let services.restic.backups = let
defaults = { defaults = {
passwordFile = "/root/restic-remotebackup-password"; passwordFile = config.sops.secrets.restic-rascal-passphrase;
paths = paths =
config.services.restic.commonPaths config.services.restic.commonPaths
++ [ ++ [
@ -692,7 +703,6 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
local = local =
defaults defaults
// { // {
passwordFile = "/root/restic-localbackup-password";
repository = "/storage/backups/local"; repository = "/storage/backups/local";
}; };
rascal = rascal =