configuration
flake
hosts
_iso
aluminium
astatine
backup-4
backup.nix
configuration.nix
hardware-configuration.nix
restic-server.nix
secrets.json
ssh.pub
beryllium
carbon
clerie-backup
dn42-il-gw1
dn42-il-gw5
dn42-il-gw6
dn42-ildix-clerie
dn42-ildix-service
gatekeeper
hydra-1
hydra-2
krypton
mail-2
monitoring-3
nonat
osmium
palladium
porter
storage-2
tungsten
web-2
zinc
lib
modules
pkgs
users
.gitignore
README.md
flake.lock
flake.nix
30 lines
708 B
Nix
30 lines
708 B
Nix
{ ... }:
|
|
|
|
{
|
|
services.restic.server = {
|
|
enable = true;
|
|
privateRepos = true;
|
|
dataDir = "/mnt/backup-4/magenta";
|
|
listenAddress = "[::1]:43242";
|
|
};
|
|
|
|
# restic rest server does not support --htpasswd-file in the current version of nixpkgs
|
|
# until then we copy the secrets to the common location
|
|
sops.secrets.restic-server-magenta-htpasswd = {
|
|
path = "/mnt/backup-4/magenta/.htpasswd";
|
|
owner = "restic";
|
|
group = "restic";
|
|
};
|
|
|
|
services.nginx.virtualHosts."magenta.backup.clerie.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://[::1]:43242/";
|
|
extraConfig = ''
|
|
client_max_body_size 10G;
|
|
'';
|
|
};
|
|
};
|
|
}
|