forked from Fachschaft/nixConfig
Compare commits
3 commits
3f096f5205
...
85f3bde55d
Author | SHA1 | Date | |
---|---|---|---|
85f3bde55d | |||
f0bd165b0c | |||
7c1baf8d1d |
3 changed files with 11 additions and 9 deletions
|
@ -1,4 +1,4 @@
|
||||||
{
|
{config, ...}: {
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../roles
|
../../roles
|
||||||
|
@ -12,4 +12,11 @@
|
||||||
# System configuration here
|
# System configuration here
|
||||||
networking.hostName = "bragi";
|
networking.hostName = "bragi";
|
||||||
system.stateVersion = "23.11";
|
system.stateVersion = "23.11";
|
||||||
|
|
||||||
|
sops.secrets.backupKey = {
|
||||||
|
sopsFile = ./backupKey.yaml;
|
||||||
|
owner = config.users.users.fsaccount.name;
|
||||||
|
inherit (config.users.users.fsaccount) group;
|
||||||
|
mode = "0400";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,6 +10,7 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
defaultGateway = "192.168.1.137";
|
defaultGateway = "192.168.1.137";
|
||||||
nameservers = ["130.83.2.22" "130.83.56.60" "130.83.22.60" "130.82.22.63"];
|
# https://www.hrz.tu-darmstadt.de/services/it_services/nameserver_dns/index.de.jsp
|
||||||
|
nameservers = ["130.83.22.63" "130.83.22.60" "130.83.56.60"];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -121,7 +121,7 @@ in {
|
||||||
jobs.fsaccount = {
|
jobs.fsaccount = {
|
||||||
preHook = ''
|
preHook = ''
|
||||||
mkdir -p /home/fsaccount/sicherung # Create if it does not exist
|
mkdir -p /home/fsaccount/sicherung # Create if it does not exist
|
||||||
${pkgs.rsync}/bin/rsync -e 'ssh -i /run/secrets/backupKey' -r fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
|
${pkgs.rsync}/bin/rsync --rsh='ssh -i /run/secrets/backupKey' --recursive --delete fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
|
||||||
'';
|
'';
|
||||||
paths = "/home/fsaccount/sicherung";
|
paths = "/home/fsaccount/sicherung";
|
||||||
encryption.mode = "none"; # Otherwise the key is next to the backup or we have human interaction.
|
encryption.mode = "none"; # Otherwise the key is next to the backup or we have human interaction.
|
||||||
|
@ -161,11 +161,5 @@ in {
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
sops.secrets.backupKey = {
|
|
||||||
sopsFile = ../machines/bragi/backupKey.yaml;
|
|
||||||
owner = config.users.users.fsaccount.name;
|
|
||||||
inherit (config.users.users.fsaccount) group;
|
|
||||||
mode = "0400";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue