From d1c7a721cc77cb0ce18cdec0200bd87a4d2e3ece Mon Sep 17 00:00:00 2001 From: dadada Date: Tue, 19 Jul 2022 20:27:59 +0200 Subject: [PATCH] backupClient: add option for SSH identity file --- nixos/modules/backup.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/nixos/modules/backup.nix b/nixos/modules/backup.nix index adb2c15..c741663 100644 --- a/nixos/modules/backup.nix +++ b/nixos/modules/backup.nix @@ -37,12 +37,19 @@ in bs = { enable = mkEnableOption "Enable backup to BS location"; passphrasePath = mkOption { - type = with types; nullOr str; + type = types.str; description = '' The path to the passphrase file. ''; default = "/var/lib/borgbackup/bs/passphrase"; }; + sshIdentityFile = mkOption { + type = types.str; + description = '' + Path to the SSH key that is used to transmit the backup. + ''; + default = "/var/lib/borgbackup/bs/id_ed25519"; + }; }; }; }; @@ -56,7 +63,7 @@ in }; }; - services.borgbackup.jobs.gs = mkIf cfg.gs { + services.borgbackup.jobs.gs = { paths = "/"; exclude = backupExcludes; repo = "/backup/${config.networking.hostName}"; @@ -76,13 +83,13 @@ in startAt = "monthly"; } // mkIf cfg.bs.enable { - services.borgbackup.jobs.bs = mkIf cfg.bs { + services.borgbackup.jobs.bs = { paths = "/"; exclude = backupExcludes; repo = "borg@backup0.dadada.li:/mnt/storage/backup/${config.networking.hostName}"; doInit = false; environment = { - BORG_RSH = "ssh -i /var/lib/borgbackup/bs/id_ed25519 -o 'StrictHostKeyChecking accept-new' -o 'TCPKeepAlive=yes'"; + BORG_RSH = "ssh -i ${cfg.bs.sshIdentityFile} -o 'StrictHostKeyChecking accept-new' -o 'TCPKeepAlive=yes'"; }; encryption = { mode = "repokey";