1 { pkgs, lib, config, inputs, ... }:
3 inherit (builtins) readFile;
4 inherit (config.users) users;
9 shell = users.root.shell;
10 openssh.authorizedKeys.keys = [
11 (readFile (inputs.secrets + "/machines/losurdo/ssh/backup.ssh-ed25519.pub"))
12 ] ++ users."julm".openssh.authorizedKeys.keys;
14 system.activationScripts.backup = ''
15 ${pkgs.zfs}/bin/zfs allow -u ${users.backup.name} bookmark,hold,send rpool
16 ${pkgs.zfs}/bin/zfs allow -u ${users.backup.name} receive,create,mount,rollback rpool/backup
38 use_template = [ "local" ];
42 use_template = [ "local" ];
46 "rpool/var/public-inbox" = {
47 use_template = [ "local" ];
51 use_template = [ "local" ];
55 use_template = [ "local" ];
59 "rpool/home/julm/mail" = {
60 use_template = [ "local" ];
64 "rpool/home/julm/log" = {
65 use_template = [ "local" ];
70 "rpool/backup/losurdo/home/julm/work" = {
71 use_template = [ "remote" ];
74 "rpool/backup/losurdo/var/postgresql" = {
75 use_template = [ "remote" ];