add backup secrets to config for hosts

This commit is contained in:
Tim Schubert 2022-08-07 12:50:07 +02:00
parent c43341a8b2
commit 3fccfe3b67
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
25 changed files with 242 additions and 75 deletions

View file

@ -0,0 +1,11 @@
{ config, secretsPath, ... }:
{
dadada.backupClient.bs = {
enable = true;
passphrasePath = config.age.secrets."${config.networking.hostName}-backup-passphrase.path";
sshIdentityFile = config.age.secrets."${config.networking.hostName}-backup-ssh-key.path";
};
age.secrets."${config.networking.hostName}-backup-passphrase".file = "${toString secretsPath}/${config.networking.hostName}-backup-passphrase.age";
age.secrets."${config.networking.hostName}-backup-ssh-key".file = "${toString secretsPath}/${config.networking.hostName}n-backup-ssh-key.age";
}

View file

@ -4,10 +4,16 @@
, ...
}:
with lib; {
imports = [
./backup.nix
];
networking.domain = mkDefault "dadada.li";
services.fwupd.enable = mkDefault true;
age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
fonts.fonts = mkDefault (with pkgs; [
source-code-pro
]);

View file

@ -1,9 +1,16 @@
{ config
, admins
, pkgs
, lib
, ...
}:
with lib; {
imports = [
./backup.nix
];
dadada.admin.users = admins;
networking.domain = mkDefault "dadada.li";
networking.tempAddresses = "disabled";