Add backup target for Haless

master
Sven Slootweg pirms 4 gadiem
vecāks b23b4e9ea9
revīzija c204dceb7a

@ -50,10 +50,15 @@ in {
createHome = true;
home = "/home/backup-f0x";
};
backup-haless = {
createHome = true;
home = "/home/backup-haless";
};
};
users.extraGroups = {
backup-f0x = { members = [ "backup-f0x" ]; };
backup-haless = { members = [ "backup-haless" ]; };
};
services.borgbackup.repos = {
@ -71,6 +76,18 @@ in {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDeMWPR38zXAbURVTJs+yGDnld5kO7bcgp/70l4wJG0k borg-backup@luna"
];
};
"haless" = {
allowSubRepos = true;
path = "/home/backup-haless";
user = "backup-haless";
group = "backup-haless";
authorizedKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzV5dI01NhwuL6ayiO0STcSQiDf7lEtu63NuLZKQUdZVuVHIqyt3Gquks2OI1NZGrJdXA315yw89ZqyMo+z7gSGHEV6P0fAXKW6G78JOFWsA5lGpaLxTsZ6Q7r0Z9FMqDvA5Jlsyznyj9hhO1cz01WPLzB92ypd9ifldtrAQIYQItxGXOuRkBJiShuIRqtr4Q2chXiOoRZKb4v4Gyt/UPxTpvfM/zcOz0zi1d4ijSbLqgIUJhxvrWADfdgEQ77unepDoD+HT51QBX7dj8RuYivxLSA3vpfNeCgt2CYBf6FYnmWkWSnN1RCtQPJNxsMuLzC2ZBbIkz0tDgcIBPbHxGr sven@linux-rfa7.site"
];
authorizedKeysAppendOnly = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFAOpXsDxE7SXeSw/kjgzdwEkNsL9REMabMqYVPM9rem root@machine-haless-03.cryto.net"
];
};
};
};
@ -119,6 +136,26 @@ in {
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.borgbackup.jobs.system = {
paths = "/";
exclude = [
"/nix"
"/boot"
"/sys"
"/run"
"/tmp"
"/dev"
"/proc"
];
repo = "backup-haless@machine-borg2-01.cryto.net:haless-03";
encryption = {
mode = "repokey-blake2";
passphrase = (import ../private/machine-haless-03.cryto.net/borg-passphrase.nix);
};
compression = "auto,zlib";
startAt = "daily";
};
services.nginx = {
enable = true;
virtualHosts = {

Notiek ielāde…
Atcelt
Saglabāt