63 lines
1.6 KiB
Nix
63 lines
1.6 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
pkgsUnstable,
|
|
inputs,
|
|
...
|
|
}:
|
|
|
|
{
|
|
network.routingType = "dynamic";
|
|
network.hardwareAddress = "BC:24:11:38:1C:54";
|
|
network.staticAddresses = [
|
|
"/24"
|
|
"/64"
|
|
];
|
|
qemu.enable = true;
|
|
spice.enable = true;
|
|
|
|
syncthingserver.enable = true;
|
|
|
|
sops.secrets."borgmatic_ping_urls/local" = { };
|
|
sops.secrets."borgmatic_ping_urls/remote" = { };
|
|
sops.secrets."borgmatic_pass/local" = { };
|
|
sops.secrets."borgmatic_pass/remote" = { };
|
|
|
|
services.borgmatic = {
|
|
enable = true;
|
|
enableConfigCheck = true;
|
|
|
|
configurations.local = {
|
|
source_directories = [ "/mnt/data/syncthing" ];
|
|
repositories = [
|
|
{
|
|
label = "local";
|
|
path = "ssh://borg@borg-01.tail755c5.ts.net/./";
|
|
}
|
|
];
|
|
encryption_passcommand = ''cat ${config.sops.secrets."borgmatic_pass/local".path}'';
|
|
|
|
keep_daily = 7;
|
|
keep_weekly = 4;
|
|
keep_monthly = 12;
|
|
keep_yearly = 3;
|
|
|
|
unknown_unencrypted_repo_access_is_ok = false;
|
|
|
|
ssh_command = "ssh -i /etc/borgmatic.d/borg-local";
|
|
|
|
healthchecks = {
|
|
ping_url = "https://hc.its-et.me/ping/PlGPBqq-0rLI4N4ya3jYmg/backup-syncthing";
|
|
};
|
|
};
|
|
};
|
|
|
|
base.userSSHKeys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXuLe99meMiylrJQKz8/WqgHQWA8aJ/IZL+1SAVs8n2 etorres@xenon"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPWS4JI7h2B89m8bFT4CUzNmWViVy74CLDQXdhgxVnBk etorres@radon"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPYYgxTbQTKrsR9DD0py/7j4xl3IoBSCzmRjRHuBjSGT etorres@erics-mac"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHO6b1xHRIUUsGj1w21t1p4RDkPWHGu4FhxRsjEXZH56 etorres@iphone"
|
|
];
|
|
}
|