SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2025-01-23 09:16:49 +00:00
Code Issues Projects Releases Wiki Activity

Fix restic password init.

Browse source
This commit is contained in:
Inex Code 2022-07-13 18:16:02 +03:00
parent c5e0713481
commit 47d63f2fcf
6 changed files with 1 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
api/api-module.nix
View file

@ -31,18 +31,6 @@ in
Enable Swagger UI Enable Swagger UI
''; '';
}; };
b2AccountId = mkOption {
type = types.str;
description = ''
B2 account ID
'';
};
b2AccountKey = mkOption {
type = types.str;
description = ''
B2 account key
'';
};
b2Bucket = mkOption { b2Bucket = mkOption {
type = types.str; type = types.str;
description = '' description = ''
@ -66,8 +54,6 @@ in
PYTHONUNBUFFERED = "1"; PYTHONUNBUFFERED = "1";
AUTH_TOKEN = cfg.token; AUTH_TOKEN = cfg.token;
ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0"); ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0");
B2_ACCOUNT_ID = cfg.b2AccountId;
B2_ACCOUNT_KEY = cfg.b2AccountKey;
B2_BUCKET = cfg.b2Bucket; B2_BUCKET = cfg.b2Bucket;
RESTIC_PASSWORD = cfg.resticPassword; RESTIC_PASSWORD = cfg.resticPassword;
} // config.networking.proxy.envVars; } // config.networking.proxy.envVars;

2
api/api.nix
View file

@ -4,8 +4,6 @@
enable = true; enable = true;
token = config.services.userdata.api.token; token = config.services.userdata.api.token;
enableSwagger = config.services.userdata.api.enableSwagger; enableSwagger = config.services.userdata.api.enableSwagger;
b2AccountId = config.services.userdata.backblaze.accountId;
b2AccountKey = config.services.userdata.backblaze.accountKey;
b2Bucket = config.services.userdata.backblaze.bucket; b2Bucket = config.services.userdata.backblaze.bucket;
resticPassword = config.services.userdata.resticPassword; resticPassword = config.services.userdata.resticPassword;
}; };

7
backup/restic.nix
View file

@ -26,11 +26,4 @@ in
isSystemUser = true; isSystemUser = true;
group = "restic"; group = "restic";
}; };
environment.etc."restic/resticPasswd".text = ''
${cfg.resticPassword}
'';
environment.etc."restic/s3Passwd".text = ''
AWS_ACCESS_KEY_ID=${cfg.backblaze.accountId}
AWS_SECRET_ACCESS_KEY=${cfg.backblaze.accountKey}
'';
} }

2
files.nix
View file

@ -54,7 +54,7 @@ in
chmod 0400 /root/.config/rclone/rclone.conf chmod 0400 /root/.config/rclone/rclone.conf
chown root:root /root/.config/rclone/rclone.conf chown root:root /root/.config/rclone/rclone.conf
cat /etc/nixos/userdata/userdata.json | jq -r '.resticPassword' > /var/lib/restic/pass cat /etc/nixos/userdata/userdata.json | ${jq} -r '.resticPassword' > /var/lib/restic/pass
chmod 0400 /var/lib/restic/pass chmod 0400 /var/lib/restic/pass
chown restic /var/lib/restic/pass chown restic /var/lib/restic/pass
''; '';

8
variables-module.nix
View file

@ -96,14 +96,6 @@ in
description = "Bucket name used for userdata backups"; description = "Bucket name used for userdata backups";
type = types.nullOr types.str; type = types.nullOr types.str;
}; };
accountId = mkOption {
description = "Backblaze B2 Account ID";
type = types.nullOr types.str;
};
accountKey = mkOption {
description = "Backblaze B2 Account Key.";
type = types.nullOr types.str;
};
}; };
cloudflare = { cloudflare = {
apiKey = mkOption { apiKey = mkOption {

2
variables.nix
View file

@ -21,8 +21,6 @@ in
}; };
backblaze = { backblaze = {
bucket = lib.attrsets.attrByPath [ "backblaze" "bucket" ] "" jsonData; bucket = lib.attrsets.attrByPath [ "backblaze" "bucket" ] "" jsonData;
accountId = lib.attrsets.attrByPath [ "backblaze" "accountId" ] "" jsonData;
accountKey = lib.attrsets.attrByPath [ "backblaze" "accountKey" ] "" jsonData;
}; };
cloudflare = { cloudflare = {
apiKey = lib.attrsets.attrByPath [ "cloudflare" "apiKey" ] "" jsonData; apiKey = lib.attrsets.attrByPath [ "cloudflare" "apiKey" ] "" jsonData;