root/the_prg_server_configuration_old
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implented Google Cloud Backups of the databases, and also encrypying them before being pushed to cloud. Let us hope that I didn't heck it up.

Browse source
This commit is contained in:
Root User 2026-02-07 22:56:51 +01:00
parent 458d0d865a
commit 20e27f799c
Signed by: root
GPG key ID: 087F0A95E5766D72
7 changed files with 193 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

15
nix-system-configs/modules/secrets-config/sops-database.nix
View file

@ -25,4 +25,19 @@
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
# This will generate a new key if the key specified above does not exist
sops.age.generateKey = true;
# Secrets key stuff
sops.secrets."backup_gpg_key" = {
format = "yaml";
sopsFile = ../../secrets/database/secrets.yaml;
owner = "root";
mode = "0400";
};
# Declare the GCS service account secret
sops.secrets."gcloud_bucket" = {
format = "json";
sopsFile = ../../secrets/database/gcloud_bucket.json;
owner = "root";
mode = "0400";
};
}