add zfsunlock for vno1-oh2

This commit is contained in:
Motiejus Jakštys 2023-07-24 12:50:17 +03:00
parent f5d3249fa0
commit 5b44216b4b
2 changed files with 14 additions and 0 deletions

View File

@ -7,6 +7,7 @@ rec {
"vno1-oh2.servers.jakst" = {
extraHostNames = ["dl.jakstys.lt" "vno1-oh2.jakstys.lt"];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHtYsaht57g2sp6UmLHqsCK+fHjiiZ0rmGceFmFt88pY";
initrdPubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEzt0eaSRTAfM2295x4vACEd5VFqVeYJPV/N9ZUq+voP";
publicIP = "88.223.107.21";
};
"hel1-a.servers.jakst" = {

View File

@ -18,6 +18,19 @@ in {
stateVersion = "22.11";
timeZone = "UTC";
services = {
zfsunlock = {
enable = true;
targets."vno1-oh2.servers.jakst" = {
sshEndpoint = myData.hosts."vno1-oh2.servers.jakst".publicIP;
pingEndpoint = "vno1-oh2.servers.jakst";
remotePubkey = myData.hosts."vno1-oh2.servers.jakst".initrdPubKey;
pwFile = config.age.secrets.zfs-passphrase-vno1-oh2.path;
startAt = "*-*-* *:00/5:00";
};
};
};
base = {
users.passwd = {
root.passwordFile = config.age.secrets.root-passwd-hash.path;