add backup secrets to config for hosts
This commit is contained in:
parent
c43341a8b2
commit
3fccfe3b67
25 changed files with 242 additions and 75 deletions
11
nixos/modules/profiles/backup.nix
Normal file
11
nixos/modules/profiles/backup.nix
Normal file
|
@ -0,0 +1,11 @@
|
|||
{ config, secretsPath, ... }:
|
||||
{
|
||||
dadada.backupClient.bs = {
|
||||
enable = true;
|
||||
passphrasePath = config.age.secrets."${config.networking.hostName}-backup-passphrase.path";
|
||||
sshIdentityFile = config.age.secrets."${config.networking.hostName}-backup-ssh-key.path";
|
||||
};
|
||||
|
||||
age.secrets."${config.networking.hostName}-backup-passphrase".file = "${toString secretsPath}/${config.networking.hostName}-backup-passphrase.age";
|
||||
age.secrets."${config.networking.hostName}-backup-ssh-key".file = "${toString secretsPath}/${config.networking.hostName}n-backup-ssh-key.age";
|
||||
}
|
|
@ -4,10 +4,16 @@
|
|||
, ...
|
||||
}:
|
||||
with lib; {
|
||||
imports = [
|
||||
./backup.nix
|
||||
];
|
||||
|
||||
networking.domain = mkDefault "dadada.li";
|
||||
|
||||
services.fwupd.enable = mkDefault true;
|
||||
|
||||
age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
|
||||
fonts.fonts = mkDefault (with pkgs; [
|
||||
source-code-pro
|
||||
]);
|
||||
|
|
|
@ -1,9 +1,16 @@
|
|||
{ config
|
||||
, admins
|
||||
, pkgs
|
||||
, lib
|
||||
, ...
|
||||
}:
|
||||
with lib; {
|
||||
imports = [
|
||||
./backup.nix
|
||||
];
|
||||
|
||||
dadada.admin.users = admins;
|
||||
|
||||
networking.domain = mkDefault "dadada.li";
|
||||
networking.tempAddresses = "disabled";
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue