commit 5b44216b4b3915ea14b7e6c7bf2efa174d7fcb63 (tree) parent f5d3249fa0ec071361694243d0f923e53623fb55 Author: Motiejus Jakštys <motiejus@jakstys.lt> Date: Mon, 24 Jul 2023 12:50:17 +0300 add zfsunlock for vno1-oh2 Diffstat:
| M | data.nix | | | 1 | + |
| M | hosts/hel1-a/configuration.nix | | | 13 | +++++++++++++ |
2 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/data.nix b/data.nix @@ -7,6 +7,7 @@ rec { "vno1-oh2.servers.jakst" = { extraHostNames = ["dl.jakstys.lt" "vno1-oh2.jakstys.lt"]; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHtYsaht57g2sp6UmLHqsCK+fHjiiZ0rmGceFmFt88pY"; + initrdPubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEzt0eaSRTAfM2295x4vACEd5VFqVeYJPV/N9ZUq+voP"; publicIP = "88.223.107.21"; }; "hel1-a.servers.jakst" = { diff --git a/hosts/hel1-a/configuration.nix b/hosts/hel1-a/configuration.nix @@ -18,6 +18,19 @@ in { stateVersion = "22.11"; timeZone = "UTC"; + services = { + zfsunlock = { + enable = true; + targets."vno1-oh2.servers.jakst" = { + sshEndpoint = myData.hosts."vno1-oh2.servers.jakst".publicIP; + pingEndpoint = "vno1-oh2.servers.jakst"; + remotePubkey = myData.hosts."vno1-oh2.servers.jakst".initrdPubKey; + pwFile = config.age.secrets.zfs-passphrase-vno1-oh2.path; + startAt = "*-*-* *:00/5:00"; + }; + }; + }; + base = { users.passwd = { root.passwordFile = config.age.secrets.root-passwd-hash.path;