summaryrefslogtreecommitdiff
path: root/joeyconfig.hs
diff options
context:
space:
mode:
Diffstat (limited to 'joeyconfig.hs')
-rw-r--r--joeyconfig.hs26
1 files changed, 13 insertions, 13 deletions
diff --git a/joeyconfig.hs b/joeyconfig.hs
index 48b34392..11744001 100644
--- a/joeyconfig.hs
+++ b/joeyconfig.hs
@@ -486,26 +486,26 @@ keysafe = host "keysafe.joeyh.name" $ props
& Tor.installed
& Tor.hiddenServiceAvailable "keysafe" (Port 4242)
`requires` Tor.hiddenServiceData "keysafe" hostContext
- -- This is optional, but may as well act as a tor bridge
- -- to use spare bandwidth capacity.
- & Tor.isBridge
- & Tor.named "keysafe1"
& Tor.bandwidthRate (Tor.PerMonth "750 GB")
-- keysafe installed manually until package is available
- & Obnam.backupEncrypted "/var/lib/keysafe" (Cron.Times "42 9 * * *")
- [ "--repository=sftp://2318@usw-s002.rsync.net/~/keysafe.obnam"
- , "--client-name=keysafe.joeyh.name"
- , Obnam.keepParam [Obnam.KeepDays 7, Obnam.KeepWeeks 4]
- ] Obnam.OnlyClient (Gpg.GpgKeyId "98147487")
- `requires` rootsshkey
- `requires` Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
- where
- rootsshkey = Ssh.userKeys (User "root")
+ & Gpg.keyImported (Gpg.GpgKeyId "98147487") (User "root")
+ & Ssh.knownHost hosts "usw-s002.rsync.net" (User "root")
+ & Ssh.userKeys (User "root")
(Context "keysafe.joeyh.name")
[ (SshEd25519, "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEx8bK9ZbXVEgEvxQeXLjnr9cGa/QvoB459aglP529My root@keysafe")
]
+ -- Note that this is not an incremental backup; it uploads the
+ -- whole content every time. So, only run weekly.
+ & Cron.niceJob "keysafe backup" Cron.Weekly (User "root") "/" backupcmd
+ where
+ backupdir = "/var/backups/keysafe"
+ rsyncnetbackup = "sftp://2318@usw-s002.rsync.net/~/keysafe"
+ backupcmd = unwords
+ [ "keysafe --backup-server", backupdir
+ , "&& rsync -a --delete --max-delete 3 ", backupdir , rsyncnetbackup
+ ]
iabak :: Host
iabak = host "iabak.archiveteam.org" $ props