21 lines
518 B
Nix
21 lines
518 B
Nix
{ ... }:
|
|
|
|
{
|
|
services.restic.server = {
|
|
enable = true;
|
|
privateRepos = true;
|
|
dataDir = "/data/backup";
|
|
listenAddress = "[::]:43242";
|
|
};
|
|
|
|
# restic rest server does not support --htpasswd-file in the current version of nixpkgs
|
|
# until then we copy the secrets to the common location
|
|
sops.secrets.restic-server-backup-htpasswd = {
|
|
path = "/data/backup/.htpasswd";
|
|
owner = "restic";
|
|
group = "restic";
|
|
};
|
|
|
|
networking.firewall.interfaces.wg-b-palladium.allowedTCPPorts = [ 43242 ];
|
|
}
|