Mailman backups

nixos/machines/bragi/configuration.nix

@@ -1,4 +1,4 @@
-{config, ...}: {
+{
   imports = [
     ./hardware-configuration.nix
     ../../roles
@@ -12,11 +12,4 @@
   # System configuration here
   networking.hostName = "bragi";
   system.stateVersion = "23.11";
-
-  sops.secrets.backupKey = {
-    sopsFile = ./backupKey.yaml;
-    owner = config.users.users.fsaccount.name;
-    inherit (config.users.users.fsaccount) group;
-    mode = "0400";
-  };
 }

nixos/machines/bragi/network.nix

@@ -10,7 +10,6 @@
       }
     ];
     defaultGateway = "192.168.1.137";
-    # https://www.hrz.tu-darmstadt.de/services/it_services/nameserver_dns/index.de.jsp
-    nameservers = ["130.83.22.63" "130.83.22.60" "130.83.56.60"];
+    nameservers = ["130.83.2.22" "130.83.56.60" "130.83.22.60" "130.82.22.63"];
   };
 }

nixos/modules/borgbackup.nix

@@ -128,7 +128,7 @@ in {
       jobs.fsaccount = {
         preHook = ''
           mkdir -p /home/fsaccount/sicherung # Create if it does not exist
-          ${pkgs.rsync}/bin/rsync --rsh='ssh -i /run/secrets/backupKey' --recursive --delete fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
+          ${pkgs.rsync}/bin/rsync -e 'ssh -i /run/secrets/backupKey' -r fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
         '';
         paths = "/home/fsaccount/sicherung";
         encryption.mode = "none"; # Otherwise the key is next to the backup or we have human interaction.
@@ -168,5 +168,11 @@ in {
         }
       ];
     };
+    sops.secrets.backupKey = {
+      sopsFile = ../machines/bragi/backupKey.yaml;
+      owner = config.users.users.fsaccount.name;
+      inherit (config.users.users.fsaccount) group;
+      mode = "0400";
+    };
   };
 }