kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity

feat(restic): run on makanek, prometheus

Browse Source
This commit is contained in:
Kierán Meinhardt
2022-01-18 23:28:53 +01:00
parent bdc5c147dd
commit 30c2bfe598
5 changed files with 34 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
systems/zaatar/backup.nix
View File

@@ -1,8 +1,7 @@
{ lib, ... }:
let
resticPort = 3571;
niveumLib = import <niveum/lib>;
inherit (niveumLib) retiolumAddresses;
inherit (niveumLib) retiolumAddresses restic;
firewall = niveumLib.firewall lib;
in
{
@@ -11,13 +10,13 @@ in
appendOnly = true;
dataDir = "/backup/restic";
prometheus = true;
extraFlags = [ "--no-auth" "--prometheus-no-auth" ]; # auth is done via firewall
listenAddress = ":${toString resticPort}";
extraFlags = [ "--no-auth" ]; # auth is done via firewall
listenAddress = ":${toString restic.port}";
};
networking.firewall =
let
dport = resticPort;
dport = restic.port;
protocol = "tcp";
rules = [
(firewall.accept { inherit dport protocol; source = retiolumAddresses.kabsa.ipv4; })