Setup borg backup on fusion
This commit is contained in:
parent
d33096c296
commit
ff2e176b1b
|
@ -25,6 +25,11 @@ creation_rules:
|
||||||
- age:
|
- age:
|
||||||
- *nathan
|
- *nathan
|
||||||
- *levitation
|
- *levitation
|
||||||
|
- path_regex: secrets/fusion
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *nathan
|
||||||
|
- *fusion
|
||||||
- path_regex: secrets/oracles
|
- path_regex: secrets/oracles
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
|
|
|
@ -2,7 +2,16 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
# Sops setup for this machine
|
# Sops setup for this machine
|
||||||
sops.secrets = { };
|
sops.secrets = {
|
||||||
|
"borg-ssh-key" = {
|
||||||
|
sopsFile = ../../secrets/levitation/borg.yaml;
|
||||||
|
format = "yaml";
|
||||||
|
};
|
||||||
|
"borg-password" = {
|
||||||
|
sopsFile = ../../secrets/levitation/borg.yaml;
|
||||||
|
format = "yaml";
|
||||||
|
};
|
||||||
|
};
|
||||||
# Setup system configuration
|
# Setup system configuration
|
||||||
nathan = {
|
nathan = {
|
||||||
services = {
|
services = {
|
||||||
|
@ -10,6 +19,12 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
acme = true;
|
acme = true;
|
||||||
};
|
};
|
||||||
|
borg = {
|
||||||
|
enable = true;
|
||||||
|
extraExcludes = [ "/var/log" ];
|
||||||
|
passwordFile = config.sops.secrets."borg-password".path;
|
||||||
|
sshKey = config.sops.secrets."borg-ssh-key".path;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
config = {
|
config = {
|
||||||
setupGrub = false;
|
setupGrub = false;
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
borg-ssh-key: ENC[AES256_GCM,data:J7QYJM5TI+m8uuqYU0xoWoEWV+c+QKAgWyXLhmoOZUiWTfiExqSLRlTvGYPKxoU7aGVediVTOfr7vSE3YbD40rxSj386xPTZPNmwlq29fuhNX4PXbDjNVKaVHpcLkC60doxnrM2DojVxuOY1jw9evB0nNhi/2Ex+eF73o3IX9q19ulUeMLS/DxvkuospeVasXnjH1VrWmgIf0C325bmF1yIA7C7IT2uDQFbkl/ch+R3EYE5LY9PiKZ1y0FbPUaGBxYZaPT8LHzRY10PS8Xz9ac3HoyW/7y1roWa5bqDRaSz4B4D4KYcGmHMrvqGdzTzu5/ctUdVMutwYlIYihm6s3AgglbjION1aYUJkJ96Dbhs3dALiGLfS1AVW16KBl648CBNek2Orwr27XmaOZBMED42cZnamANBSyW1peLIuPK0A/PrKw04R2UqZCfSXoclwFcnOi5O95Fx+ZH4kmVgAqH95CkmykfUjwdQdClCQEGEMjXo7fjzTmpc8W68wTvhOppfCnNYRAGHtGFICmEgXReMnzhHJ7d4CM0yY,iv:OtvnfkqCVGjZAnfAAHnfL+nTwccQHY/OsHfs8ILjZy8=,tag:TxZMP4MiED9vdqLy0X5vsQ==,type:str]
|
||||||
|
borg-password: ENC[AES256_GCM,data:Mi5s3MakaN+YBUS0hJEgBi/KdftWFec4FucsEnMBrpBXsqYwpqrYelEejR0hyfKdLt2lAkmm,iv:/8Nhr4vv+IVJh5+odXE2e/u0ixRdGvnPh3FO58y9fFA=,tag:vm18v7nOJIr3gU92f7PvKQ==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1ud80054jwf6ff7xx65ta6g7qxx2flc24r5gyyfjz43kvppjutqyskr2qm2
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3V01sRCtCU2tpdmhYaVQ1
|
||||||
|
SDZkd0RzTk1JSjNKTEo5MHF0aHlxczdlN1JvCnQyYVFiS1l5OXZhU3NFQjZtYkxR
|
||||||
|
UXpCR3czWkdDanpTNjMyd2cwcW8wVE0KLS0tIHZoZUtpTWEveFM5R2J6Y3h5KzI0
|
||||||
|
ZTdWejJIM1BOQ0VlUEU2MTBxQTFkc2sKs5FVtMLLBbC+3IM17xNzEKxrb7+5jO35
|
||||||
|
AeC+fy+ygwfTVTvlfZirE2WlaVtxsOHLHCyO8YUXH76nEJ7BmK0etA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1fe57fel46lk5n9t34lh5nl909gk88trwy9ttgxqk3up9d83wxsnsdmuu3a
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQNjltdHhzeForM1lsVVVs
|
||||||
|
Y0I2TzZJNTRQSjBCT3N1VUhPY3ZoalVSbUMwCmJySmtDUzhXNUhWeGhkNklOOVJq
|
||||||
|
SlpONzBjRzFOWlhmZW94TUYyTE1oMjgKLS0tIDBBSDIyc3pCbEsrTm9sQ3NMSUZt
|
||||||
|
alhxa2lSOG4rdkphR0Jray9qaEpxZjgKXSvvWbMM+vo1giYzXLzJCgLyPiMdolqt
|
||||||
|
MgvmvazUyPsrli5SgjoaqsTc4Lc8Bk3b8dYVDEvhrYcFUOnLWkYc5Q==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2022-11-29T05:17:22Z"
|
||||||
|
mac: ENC[AES256_GCM,data:fP8oCY8+tUY2cNWGepiSVmKeRZjfr0GB9H7BKUL+Y5mKW4Wa8Pn1LVfKyVQJXR7aLIQh60HFekIdxOoHzGbfKF4zePvQ/zduuNAIMBtcGMucXdrbbCzG7dxeYORQaT9Ggap+r8rsHRYNWMDuygiVJS+dD5CazWRzpK4PHGbXSZw=,iv:lbFzydL3BbgXGuYh0fYqQlJfOvB9zkMbosUwO3QF7yY=,tag:RSNnNmUvYpfteLBDtls8LQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.7.3
|
Loading…
Reference in New Issue