add borgstor
This commit is contained in:
parent
377030d0c0
commit
866347b042
2
data.nix
2
data.nix
@ -10,6 +10,8 @@ rec {
|
||||
# "upstream" user. We need a way to configure the uidgid,
|
||||
# so creating users explicitly.
|
||||
node_exporter = 503;
|
||||
|
||||
borgstor = 504;
|
||||
};
|
||||
|
||||
ports = {
|
||||
|
@ -449,7 +449,6 @@
|
||||
inotify = "yes";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
systemd.services = {
|
||||
|
@ -62,6 +62,12 @@
|
||||
services = {
|
||||
node_exporter.enable = true;
|
||||
|
||||
borgstor = {
|
||||
enable = true;
|
||||
dataDir = "/data/borg";
|
||||
sshKeys = [myData.hosts."vno1-oh2.servers.jakst".publicKey];
|
||||
};
|
||||
|
||||
postfix = {
|
||||
enable = true;
|
||||
saslPasswdPath = config.age.secrets.sasl-passwd.path;
|
||||
|
33
modules/services/borgstor/default.nix
Normal file
33
modules/services/borgstor/default.nix
Normal file
@ -0,0 +1,33 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
myData,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
options.mj.services.borgstor = with lib.types; {
|
||||
enable = lib.mkEnableOption "Enable borg storage user";
|
||||
dataDir = lib.mkOption {type = path;};
|
||||
sshKeys = lib.mkOption {type = listOf str;};
|
||||
};
|
||||
|
||||
config = with config.mj.services.borgstor;
|
||||
lib.mkIf enable {
|
||||
users.users.borgstor = {
|
||||
description = "Borg Storage";
|
||||
home = dataDir;
|
||||
useDefaultShell = true;
|
||||
group = "borgstor";
|
||||
isSystemUser = true;
|
||||
createHome = false;
|
||||
uid = myData.uidgid.borgstor;
|
||||
openssh.authorizedKeys.keys =
|
||||
map (
|
||||
k: "command=\"${pkgs.borgbackup}/bin/borg serve --restrict-to-path ${dataDir}\",restrict ${k}"
|
||||
)
|
||||
sshKeys;
|
||||
};
|
||||
|
||||
users.groups.borgstor.gid = myData.uidgid.borgstor;
|
||||
};
|
||||
}
|
@ -5,6 +5,7 @@
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
./borgstor
|
||||
./deployerbot
|
||||
./friendlyport
|
||||
./gitea
|
||||
|
Loading…
Reference in New Issue
Block a user