From bd5c5d4e23ebd3863a960976767ed4a83dfd07fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Fri, 15 Oct 2021 00:59:34 +0200
Subject: Move backups to flake

---
 modules/private/system/backup-2.nix | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

(limited to 'modules/private')

diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix
index 1f226c0..181f455 100644
--- a/modules/private/system/backup-2.nix
+++ b/modules/private/system/backup-2.nix
@@ -7,6 +7,22 @@
   };
   # ssh-keyscan backup-2 | nix-shell -p ssh-to-age --run ssh-to-age
   secrets.ageKeys = [ "age1kk3nr27qu42j28mcfdag5lhq0zu2pky7gfanvne8l4z2ctevjpgskmw0sr" ];
+  secrets.keys = [
+    {
+      dest = "rsync_backup/identity";
+      user = "backup";
+      group = "backup";
+      permissions = "0400";
+      text = config.myEnv.rsync_backup.ssh_key.private;
+    }
+    {
+      dest = "rsync_backup/identity.pub";
+      user = "backup";
+      group = "backup";
+      permissions = "0444";
+      text = config.myEnv.rsync_backup.ssh_key.public;
+    }
+  ];
   boot.kernelPackages = pkgs.linuxPackages_latest;
   myEnv = import ../../../nixops/secrets/environment.nix;
 
@@ -54,8 +70,8 @@
   services.rsyncBackup = {
     mountpoint = "/backup2";
     profiles = config.myEnv.rsync_backup.profiles;
-    ssh_key_public = config.myEnv.rsync_backup.ssh_key.public;
-    ssh_key_private = config.myEnv.rsync_backup.ssh_key.private;
+    ssh_key_public = config.secrets.fullPaths."rsync_backup/identity.pub";
+    ssh_key_private = config.secrets.fullPaths."rsync_backup/identity";
   };
 
   myServices.mailRelay.enable = true;
-- 
cgit v1.2.3