X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=modules%2Fprivate%2Fsystem%2Fbackup-2.nix;fp=modules%2Fprivate%2Fsystem%2Fbackup-2.nix;h=181f45598e9ce8766c7daaff12414f63d7667e02;hp=1f226c0bdff723c766a5bc1d732c1c12ded00ee7;hb=bd5c5d4e23ebd3863a960976767ed4a83dfd07fe;hpb=042ada3bfc4a139a4bae60d5e5d549e41c02bca4

diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix
index 1f226c0..181f455 100644
--- a/modules/private/system/backup-2.nix
+++ b/modules/private/system/backup-2.nix
@@ -7,6 +7,22 @@
   };
   # ssh-keyscan backup-2 | nix-shell -p ssh-to-age --run ssh-to-age
   secrets.ageKeys = [ "age1kk3nr27qu42j28mcfdag5lhq0zu2pky7gfanvne8l4z2ctevjpgskmw0sr" ];
+  secrets.keys = [
+    {
+      dest = "rsync_backup/identity";
+      user = "backup";
+      group = "backup";
+      permissions = "0400";
+      text = config.myEnv.rsync_backup.ssh_key.private;
+    }
+    {
+      dest = "rsync_backup/identity.pub";
+      user = "backup";
+      group = "backup";
+      permissions = "0444";
+      text = config.myEnv.rsync_backup.ssh_key.public;
+    }
+  ];
   boot.kernelPackages = pkgs.linuxPackages_latest;
   myEnv = import ../../../nixops/secrets/environment.nix;
 
@@ -54,8 +70,8 @@
   services.rsyncBackup = {
     mountpoint = "/backup2";
     profiles = config.myEnv.rsync_backup.profiles;
-    ssh_key_public = config.myEnv.rsync_backup.ssh_key.public;
-    ssh_key_private = config.myEnv.rsync_backup.ssh_key.private;
+    ssh_key_public = config.secrets.fullPaths."rsync_backup/identity.pub";
+    ssh_key_private = config.secrets.fullPaths."rsync_backup/identity";
   };
 
   myServices.mailRelay.enable = true;