cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

secrets/chunk: add missing secrets and rewrite everything to new structure

Browse source
This commit is contained in:
cy 2024-12-16 23:20:51 -05:00
parent 029e608eaa
commit 3d927f8372
11 changed files with 123 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

10
hosts/chunk/borg.nix
View file

@ -1,4 +1,8 @@
{pkgs, ...}: {
{
pkgs,
config,
...
}: {
services.borgbackup.jobs = {
crashRsync = {
paths = ["/root" "/home" "/var/backup" "/var/lib" "/var/log" "/opt" "/etc" "/vw-data"];
@ -6,7 +10,7 @@
repo = "de3911@de3911.rsync.net:borg/crash";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /run/secrets/borg/crash";
passCommand = "cat ${config.sops.secrets."borg/rsyncnet".path}";
};
environment = {
BORG_RSH = "ssh -i /home/yt/.ssh/id_ed25519";
@ -18,7 +22,7 @@
# warnings are often not that serious
failOnWarnings = false;
postHook = ''
${pkgs.curl}/bin/curl -u $(cat /run/secrets/ntfy) -d "chunk: backup completed with exit code: $exitStatus
${pkgs.curl}/bin/curl -u $(cat ${config.sops.secrets."services/ntfy".path}) -d "chunk: backup completed with exit code: $exitStatus
$(journalctl -u borgbackup-job-crashRsync.service|tail -n 5)" \
https://ntfy.cything.io/chunk
'';