Gabe/nix-config
1
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity

Restic: made modular backup declerations.

Browse source 
Required tree-wide re-wiring of the host option.
Now, rather than each host having a monolithic restic.nix file,
the hosts restic.nix file just specifies the password and url of the
restic repository. Eatch module then definies specific paths to backup
and any pre and post commands that need to be performed.
Each backed up service gets an independent systemd backup service and
timer.
This commit is contained in:
Gabe Venberg 2025-04-13 15:27:25 +02:00
parent cf33c036dd
commit 48c60629ab
36 changed files with 307 additions and 1476 deletions
Download patch file Download diff file Expand all files Collapse all files

6
configs/nixos/sshd.nix
View file

@ -2,8 +2,8 @@
config,
pkgs,
inputs,
configLib,
lib,
myLib,
...
}: {
services.openssh = {
@ -18,10 +18,10 @@
users.users.root.openssh.authorizedKeys.keys = lib.mkDefault (
if inputs ? nix-secrets
then (configLib.dirToStrings "${inputs.nix-secrets}/public-keys")
then (myLib.dirToStrings "${inputs.nix-secrets}/public-keys")
else []
);
# if it can log into root, it should also be able to log in to the main user.
users.users.${config.host.user}.openssh.authorizedKeys.keys =
users.users.${config.host.details.user}.openssh.authorizedKeys.keys =
config.users.users.root.openssh.authorizedKeys.keys;
}