restic: Add restic-auth authentication wrapper

This commit is contained in:
Simon Bruder 2020-12-21 12:54:33 +01:00
parent 3d146db55c
commit 931c7ee91b
No known key found for this signature in database
GPG key ID: 6F03E0000CC5B62F

View file

@ -45,6 +45,15 @@ let
];
excludesFile = pkgs.writeText "exludes.txt" (builtins.concatStringsSep "\n" excludes);
maybePath = path: (lib.optional (builtins.pathExists path) (toString path));
# script to use restic as user without dealing with authentication
authScript = pkgs.writeShellScriptBin "restic-auth" ''
. <(pass nixos/machines/${config.networking.hostName}/restic-s3 | sed 's/^/export /')
${pkgs.restic}/bin/restic \
--password-command="pass nixos/machines/${config.networking.hostName}/restic-password" \
--repo "${repository}" \
$@
'';
in
{
options.sbruder.restic = {
@ -91,5 +100,9 @@ in
"IOSchedulingClass" = "best-effort";
"IOSchedulingPriority" = 7;
};
environment.systemPackages = [
authScript
];
};
}