Fix external backup again

Update website clerie.de
2022-06-12 21:51:19 +02:00 · 2022-06-12 21:49:36 +02:00
4 changed files with 35 additions and 31 deletions
--- a/hosts/clerie-backup/configuration.nix
+++ b/hosts/clerie-backup/configuration.nix
@ -89,6 +89,23 @@
      compression = "auto,lzma";
      startAt = "*-*-* 06:23:00";
    };
    backup-replication-external-drive = {
      paths = [
        "/mnt/clerie-backup"
      ];
      doInit = true;
      repo =  "borg@palladium.net.clerie.de:." ;
      encryption = {
        mode = "none";
      };
      environment = {
        BORG_RSH = "ssh -i /var/src/secrets/ssh/borg-backup-replication-external-drive";
        BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK = "yes";
        BORG_RELOCATED_REPO_ACCESS_IS_OK = "yes";
      };
      compression = "auto,lzma";
      startAt = "*-*-* 08:37:00";
    };
  };
  users.users.backup-replication = {
@ -96,7 +113,7 @@
    group = "backup-replication";
    openssh.authorizedKeys.keys = [
      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8kCLiDfVFKgoNvEoMb34jp2n1lQG+k7wigzc4qGmrROlWkJ46/Ym4UrSeQJAd6hwHTcKTZkeOrqDAjZZ+jlidpncJHT5VMW5Ah965pxbBq6Qh1Yz5tKj7nLAQ/+bwEH4qqBFNd796876n3pY/FqhwAHWONqWhLKzMXpFursMSITUPmRXcaPwJrgS9DIYspZ9bBhhRSdQ5N1SiGtaszOQwdevLnNYqdtFOBG4rt9SO6IBIHtaiTIHrrMGS2Lt3NMwkq+O+N+TGaKLjbwqtfUPfPOCmY0XH12OawjxHP9hZ+WH3dPtcu5p+VORciSybPvyh9qzXUrDeO4HDuii2GEFU8JFELYXdT/qBwdIMp82tkgww0zKbTJuc0y/9eR7LCXop4OALhR8+8xWDI9c1ccxu3T7S7zUI1OmTlR9i8rx85D4sz2dtp1jirDoW2KVuIdwe6G3NLfTL95FZRmveEQM3MO8MPpfzZ4EvaMbiQQd/c4VAmGovtSLQhySTpT6qSv0= root@backup-4"
-      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRANmJ2LYUr0Mavz/JJ7j+7p1zkqvizf6ZLt5XOJ2fj0enDuK7Dc5fxiESLGYTsLRVWuY4hNXVIL7aeJUj1LPf6LEX87APP4hb95t+TFxcES87tFfnFO48eiBbSd25Av2jmHGb6/wY2viYBxfk/vrLjPR6RgICqFsWFcz20bsWmc48FdzXYJCGJfKjHiW+Ut95VL+M/AlGBQHo33FNDyPXV4zh+MeWVkOFicwfh0k+4NH7Psj5n93m9szAlz306t5YZ32HnhSlvObkMk1Ugy6AzPKXrgKBu11pmatf7sFRx1ikYGUiKiezGjatt/8lYZfE8rQKQjwH+6LPt3ZPv06ncfKpH2vbZfonM0KhSsm1OIhJTse+X7ZMxizO6QqYM+BRJJGMbhH1g+6kFRsdlwakHNPE9YvG4NxZ1NxWTUr6F0gPhUEy61LkTnznt3ct1hgQR02KDQ+9i8PvaYeIIzZzRKufv4tV7OZkDLbN97tvAMkgpLjF+8fCg3qjn2Lckzc= root@palladium"
+      #"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRANmJ2LYUr0Mavz/JJ7j+7p1zkqvizf6ZLt5XOJ2fj0enDuK7Dc5fxiESLGYTsLRVWuY4hNXVIL7aeJUj1LPf6LEX87APP4hb95t+TFxcES87tFfnFO48eiBbSd25Av2jmHGb6/wY2viYBxfk/vrLjPR6RgICqFsWFcz20bsWmc48FdzXYJCGJfKjHiW+Ut95VL+M/AlGBQHo33FNDyPXV4zh+MeWVkOFicwfh0k+4NH7Psj5n93m9szAlz306t5YZ32HnhSlvObkMk1Ugy6AzPKXrgKBu11pmatf7sFRx1ikYGUiKiezGjatt/8lYZfE8rQKQjwH+6LPt3ZPv06ncfKpH2vbZfonM0KhSsm1OIhJTse+X7ZMxizO6QqYM+BRJJGMbhH1g+6kFRsdlwakHNPE9YvG4NxZ1NxWTUr6F0gPhUEy61LkTnznt3ct1hgQR02KDQ+9i8PvaYeIIzZzRKufv4tV7OZkDLbN97tvAMkgpLjF+8fCg3qjn2Lckzc= root@palladium"
    ];
  };
--- a/hosts/palladium/backup-scripts.nix
+++ b/hosts/palladium/backup-scripts.nix
@ -6,39 +6,18 @@ let
  DEVICE=/dev/disk/by-path/pci-0000:00:12.0-ata-2-part1
-  cryptsetup luksOpen ''${DEVICE} external-drive
+  ${pkgs.cryptsetup}/bin/cryptsetup luksOpen ''${DEVICE} external-drive
  mkdir -p /mnt/external-drive
  mount /dev/mapper/external-drive /mnt/external-drive
  '';
  cb-sync = pkgs.writeScriptBin "cb-sync" ''
  #!${pkgs.bash}/bin/bash
  set -e
  # Check, if the something is mounted in our sycdir
  if grep -qs '/mnt/external-drive' /proc/mounts
  then
    echo "fine"
  else
    echo "Please plug in a backup drive and mount it using cb-mount"
    exit 1
  fi
  SNAPSHOT_NAME=$(${pkgs.borgbackup}/bin/borg list --last 1 --short /mnt/palladium/clerie-backup)
  ${pkgs.borgbackup}/bin/borg mount /mnt/palladium/clerie-backup::$SNAPSHOT_NAME /mnt/clerie-backup-mount
  ${pkgs.bindfs}/bin/bindfs /mnt/clerie-backup-mount/mnt/clerie-backup /mnt/clerie-backup
  ${pkgs.borgbackup}/bin/borg create /mnt/external-drive/clerie-backup::$SNAPSHOT_NAME /mnt/clerie-backup
  umount /mnt/clerie-backup
  ${pkgs.borgbackup}/bin/borg unmoumt /mnt/clerie-backup-mount
  '';
  cb-unmount = pkgs.writeScriptBin "cb-unmount" ''
  #!${pkgs.bash}/bin/bash
  umount /mnt/external-drive
-  cryptsetup luksClose external-drive
+  ${pkgs.cryptsetup}/bin/cryptsetup luksClose external-drive
  '';
 in {
-  environment.systemPackages = with pkgs; [ pkgs.cryptsetup cb-mount cb-sync cb-unmount ];
+  environment.systemPackages = [ cb-mount cb-unmount ];
 }
--- a/hosts/palladium/configuration.nix
+++ b/hosts/palladium/configuration.nix
@ -27,11 +27,19 @@
    KERNEL=="sd?[0-9]", ENV{ID_MODEL}=="ST1000DM003-1SB102", ACTION=="add", RUN+="${pkgs.hdparm}/sbin/hdparm -S 24 /dev/%k"
  '';
-  services.borgbackup.repos.clerie-backup = {
+  services.borgbackup.repos = {
-    path = "/mnt/palladium/clerie-backup";
+    clerie-backup = {
-    authorizedKeysAppendOnly = [
+      path = "/mnt/palladium/clerie-backup";
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyk716RnbenPMkhLolyIkU8ywUSg8x7hjsXFFQoJx4I root@clerie-backup"
+      authorizedKeysAppendOnly = [
-    ];
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFyk716RnbenPMkhLolyIkU8ywUSg8x7hjsXFFQoJx4I root@clerie-backup"
      ];
    };
    external-drive = {
      path = "/mnt/external-drive/clerie-backup";
      authorizedKeysAppendOnly = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPuh74Esdp8JPgIZzM372DaCwtAl2QNtRratnIFG0NRB root@clerie-backup"
      ];
    };
  };
  clerie.monitoring = {
--- a/hosts/web-2/clerie.nix
+++ b/hosts/web-2/clerie.nix
@ -16,7 +16,7 @@
      root = fetchGit {
        url = "https://git.clerie.de/clerie/clerie.de.git";
        ref = "main";
-        rev = "23e7b06dc15a8dcc320b2db9508e2192d33236cb";
+        rev = "67738c06cff85e2cefbea87d45c277bd01a3778a";
      };
      locations."~ ^/.well-known/openpgpkey/hu/[a-z0-9]+/?$" = {
        extraConfig = ''
Author	SHA1	Message	Date
clerie	fd1d9a2252	Fix external backup again	2022-06-12 21:51:19 +02:00
clerie	5b6cadecbe	Update website clerie.de	2022-06-12 21:49:36 +02:00