From 1cd9f1e52d76d46db14a7d84b34a8ab1bc9d3c05 Mon Sep 17 00:00:00 2001 From: clerie Date: Mon, 1 May 2023 15:34:43 +0200 Subject: [PATCH] hosts/backup-4: use secrets --- hosts/backup-4/restic-server.nix | 9 +++++++++ .../secrets/restic-server-magenta-htpasswd.age | Bin 0 -> 506 bytes hosts/backup-4/ssh.pub | 1 + 3 files changed, 10 insertions(+) create mode 100644 hosts/backup-4/secrets/restic-server-magenta-htpasswd.age create mode 100644 hosts/backup-4/ssh.pub diff --git a/hosts/backup-4/restic-server.nix b/hosts/backup-4/restic-server.nix index 97fcc47..86a4794 100644 --- a/hosts/backup-4/restic-server.nix +++ b/hosts/backup-4/restic-server.nix @@ -8,6 +8,15 @@ listenAddress = "[::1]:43242"; }; + # restic rest server does not support --htpasswd-file in the current version of nixpkgs + # until then we copy the secrets to the common location + age.secrets.restic-server-magenta-htpasswd = { + path = "/mnt/clerie-backup/magenta/.htpasswd"; + symlink = false; + owner = "restic"; + group = "restic"; + }; + services.nginx.virtualHosts."magenta.backup.clerie.de" = { enableACME = true; forceSSL = true; diff --git a/hosts/backup-4/secrets/restic-server-magenta-htpasswd.age b/hosts/backup-4/secrets/restic-server-magenta-htpasswd.age new file mode 100644 index 0000000000000000000000000000000000000000..00241d935190f2e1f7c14ad681b640072ab331b8 GIT binary patch literal 506 zcmZ9_J&%)M007`qC)v+Ijp=+1QlNY^mze7ZEpVmu1zIR3MrhwsdQe)RP>6{xx|kRp zoXpwPm`j|TOm4V17-RHYT#Y|LJsrHki>uEccq|8^a5fCHdF%$W>p|#X367vQ3Q;sc z;fSCpyi(v(g(TBLQyUCqT4Q=5o2@um7wAPT(V~15S452U8|loZjZtnuma>XbC!k`yWP)iM{J%ly)thOdH)rfL8Rmf%cGMP;v)*c6 z0)m<263ipJ9EX?*^`f7v09mEJ7iDy&;zBVRWFX>OK-F_f=}t>@sz6zEuvIUsx)tZ& zR`1`wiR*%nIw7CNI=DUNg7HEL zDXh=8@cCrq*NvoBae}zI*B&Ap@839AVywG!`t$pdbil3mx8(be*XyhH^OsLfnWGOU zWfpXMcg5Yye>c}(_BYGVUfImS>#z0$?c0S