mirrors_public/oddlama_nixos-extra-modules
1
1
Fork 1
mirror of https://github.com/oddlama/nixos-extra-modules.git synced 2025-10-10 22:00:39 +02:00
Code Activity

feat(restic): add hetzner storage box hostkey

Browse source
This commit is contained in:
oddlama 2024-01-15 02:44:26 +01:00
parent 3057e049e7
commit cab2f4b040
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/restic.nix
View file

@ -5,10 +5,15 @@
}: let
inherit
(lib)
flatten
flip
mapAttrsToList
mkEnableOption
mkIf
mkOption
optional
types
unique
;
in {
options.services.restic.backups = mkOption {
@ -47,14 +52,24 @@ in {
config = let
subuser = "${submod.config.hetznerStorageBox.mainUser}-sub${toString submod.config.hetznerStorageBox.subUid}";
url = "${subuser}@${subuser}.your-storagebox.de";
url = "${subuser}@${submod.config.hetznerStorageBox.mainUser}.your-storagebox.de";
in
mkIf submod.config.hetznerStorageBox.enable {
repository = "sftp://${url}:23/";
extraOptions = [
"sftp.command='ssh -s sftp -p 23 -i ${config.age.secrets.${submod.config.hetznerStorageBox.sshAgeSecret}.path} ${url}'"
"sftp.command='ssh -p23 ${url} -i ${config.age.secrets.${submod.config.hetznerStorageBox.sshAgeSecret}.path} -s sftp'"
];
};
}));
};
config.services.openssh.knownHosts.hetzner-storage-boxes = let
hetznerStorageBoxHostnames =
unique (flatten (flip mapAttrsToList config.services.restic.backups
(_: backupCfg: optional backupCfg.hetznerStorageBox.enable "[${backupCfg.hetznerStorageBox.mainUser}.your-storagebox.de]:23")));
in
mkIf (hetznerStorageBoxHostnames != []) {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs";
hostNames = hetznerStorageBoxHostnames;
};
}