Skynet/nixos
7
1
Fork 0
Code Issues 45 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat: added backup config

Browse source 
(currently temp server, will be using hardware soon)
This commit is contained in:
silver 2023-06-23 23:52:31 +01:00
parent 7f4b72c6e2
commit 88353f3727
6 changed files with 276 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

33
secrets/backup/restic.age Normal file
View file

@ -0,0 +1,33 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA T9gRXKpj/4ewIKWFTa/hIa4/bYVDSWy4buXoda9rSSg
g+JduPpaLSbaae8+SDzlcXRg6N4GNAkmp14QZ+pCb6I
-> ssh-ed25519 rIwlvw gpZihOLlGBfcQkdas8MLnmdNAnltuIl+5JKvgdglJzw
vYLsHxGgzLlZ1FqNQPX//4MgGs60+2YzE39eBS2R6UI
-> ssh-ed25519 q8eJgg DCvlQKK7tH5klfsDWG350EcWbrHuoPoqes0iducTQl4
vNCjrOXnLyMmU7M4lZQ/e7PQZuBl2oD3Hx/tAUO68uA
-> ssh-ed25519 bPfq4g oWuG4M75YBLCFjOJma/IPFRpoaKPO4zoZ/y511WnbSM
0sJFaEI54NsHbi1xNgMKDRWr8ly9R88Tn80LXA6aOJE
-> ssh-ed25519 P1ilJQ pT4p9gp9LFMuMdJ0KiJJIspLK1Rz8cNgPK3ry1jyP3Q
2CHqMQLYGyFj00qO3JcmfRgLUtPBsAF7Yj5txko6JD4
-> ssh-ed25519 pBdJmw 5Uo1Iy2iwPcOw7mvUSt/4aWJRUE8pevNQkvnM86lAxk
1znyqu9cbmyQNLUh+V5oMIfxE7jSgcVOfCsHOGRNj8o
-> ssh-ed25519 v2Y09A IvOSMVJgeo92DcKLtt9HjWvhr2D1ubyNk94aTzCWf1w
suSMLOa7y1RAOT/nHhBns1Dx6rrlVq8IFhQdGsmz/N8
-> ssh-ed25519 XSrA6w n0dvD2rSRxnnSgAz0StT52trGYb/NuC7mrH3qbR5Ins
CFScfXXMacC+n/7akrPXXBoMpMznuYKU6n+ff7a3FVE
-> ssh-ed25519 DVzSig PUxmsjbpaAKHNK1crEdAZfv6GsuNE/ciOCsQ/Eg63jk
xB4/taoj9Bjtmp6vyq4cckNyTnJuvQXUWlv428rOv2Q
-> ssh-ed25519 uZzB3g HMn9ru7qX/7bg6zQ3e4OPWgtI8k4dl+P9EZqdPFU9FM
oIRlyF4cP4u/9tdvXqbnyQNVGJ5RXmEyK8r8j0MyOak
-> ssh-ed25519 yvS9bw Y1cWxbizUa4lWDeMD8d0zLSsVc/1aVqDHhccbqba6SE
X6om2Euh8YPGtCLPA2SWYbJ1CMXQYb+9IGzfVaJ3rNU
-> ssh-ed25519 IzAMqA cD6olEK5Q6vCkO97QofInoziHA61Q/P7PUyIK8K5P2o
IXmD0KDdKNpOLR+I1WrjQN+hS5OKErIHXrXDpMgb9Mg
-> ssh-ed25519 Hb0ipQ 9gSxP4CxZE0PgvRZ+UUPKxhQEJMVG03xVN/e5x1o6hY
84iQ4BGWxMeMa+39ggbs92Mj+L7asopVdjXNYc1xsos
-> ssh-ed25519 pgMpXg 2cm5IFCt30VnbKUy991lxTJRYNLfyu3WpQ7v4C/6OnQ
kQF2YW2Zw0afiJY+/TnhhKkDSS266ByGm2xt34zClo0
-> `-grease
B3Sa9qAARZP5qG1lRyM8bqHz2jofMaKzfT1Z3Ng1PCHbCJ8rKdNmFYs3
--- hMXGwWSFtjaEh8RMePM+gnvDF/sSea2n+uu9Hq7y1G0
”1ƒ_ í<>ÙîH|Ì Bñ¨øƒ¨ <09>×æV6EGï»ÀÔMÃ`À¦AtäžSÙQ Ÿ¶RðMÔIÃ$ECÚ y@ ÷’ìZײrvOþíPTpÌWPõYT³Ù¢çÉ3»Òée&ÜUÅÛí9É0ÙF”0G}ÇmSiñÞvÆ#»ˆµ4¤U#&™¶ƒùw“yeãcœÇ“

BIN
secrets/backup/restic_pw.age Normal file
View file

Binary file not shown.

25
secrets/secrets.nix
View file

@ -11,6 +11,7 @@ let
# change this when its properly set up
agentjones = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAbqYQrdVHmGgXZJoMWWRDGVEIj775Zrf4PxB5hoth+k root@agentjones";
ash = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJDVQGjIwMQmkElGshgKDAlChM2xdNN6iI5Ap2IbAs5";
# dns servers
vendetta = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINxTrUPZPqttuxfmmP8BTACTAkv1yY1nfzEd64hN4LT+ root@vendetta";
@ -18,24 +19,29 @@ let
galatea = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3Mke5YtaMkLvXJxJ3y7YAIEBesoJk3qJyJsnoLUWgW root@galatea";
# for testing configs at home
silver_homelab = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCG1JzosOwS7oKjgm0+FlqMKrUbu+M5403un+VA7LwiGRQnneawuq6aqQsIoDqAlb9AzUdLTeBQb+rBf94kx7yVGdEIz1i34WdMK3kgl176jnDIR4TWeNKdj8Q6+4d7tn5mZrqmpXZ/+1KSauV9JHxytR+7A4NVexkhGX1Mq3efGBYsCKzUQh83lHs2baWUYuxaPCCR6vy6uklzQRQfg+NsxCCUKkbgJwv1ar5U1ccr4N89EWiR2Yu4XsPzXr0JJUQcUy587l+G7QYVoCwVgUKHevCRqtRlmnI6JrzWctQJPpAmWF4EF66QnWccdXUS+aVc0IKP0ORqmz8Nps4NWWVPjRRxeshl2XfFawWxGlgT4WJ0+qv/EDVPZQvNBrjFvY5QBAaU08Nnkg6QzehlwD4/zQQMFiDjMb7sUuhXdq0vOK235QMhS4jtX7Sm2ki6mJdXrlErq9dIaqcoYuw9EtfajaM/NnGYIy97JUOrfztQTAwiuPgrc4DijpdR0QtvYK7NvefiJYcW+osmcv+FYM03kMXK9uGtM6KI44i27ZdsUFWTIHeiR1yBGUfP1ObFLLaNx5E42jSA77RLF8BSUaPbGgRv3OciACNftIKhAJrV4AZGvBbaUvAlzC8CryFAcRDgQwIVlXBJzChc7Rh9/V8I5342Tq7xMmzBQ2WcQdqZ9Q== root@galatea";
optimus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqYbbWy3WWtxvD96Hx+RfTx7fJPPirIEa5bOvUILi9r root@optimus";
glados = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6go7ScvOga9vYqC5HglPfh2Nu8wQTpEKpvIZuMAZom root@glados";
wheatly = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEehcrWqZbTr4+do1ONE9Il/SayP0xXMvhozm845tonN root@wheatly";
kitt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPble6JA2O/Wwv0Fztl/kiV0qj+QMjS+jTTj1Sz8k9xK root@kitt";
gir = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINL2qk/e0QBqpTQ2xDjF7Cv4c92jJ53jW2fuu88hAF/u root@gir";
neuromancer = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFozqR8f8DN7/DLUQV4o290n3UZ75fSEdgVlSwzyza/N root@neuromancer";
systems = [
agentjones
ash
silver_homelab
vendetta
vigil
galatea
optimus
glados
wheatly
kitt
gir
neuromancer
];
dns = [
@ -72,6 +78,9 @@ let
++ ldap
++ gitlab;
restic = [
neuromancer
];
in
{
# nix run github:ryantm/agenix -- -e secret1.age
@ -96,4 +105,8 @@ in
"ldap/pw.age".publicKeys = users ++ ldap;
"ldap/self_service.age".publicKeys = users ++ ldap;
# everyone has access to this
"backup/restic.age".publicKeys = users ++ systems;
"backup/restic_pw.age".publicKeys = users ++ restic;
}