91 lines
2.3 KiB
TOML
91 lines
2.3 KiB
TOML
# Cryptpad backup
|
|
|
|
[secrets."backup/cryptpad/backup_restic_password"]
|
|
type = 'user'
|
|
description = 'Restic password to encrypt backups'
|
|
|
|
[secrets."backup/cryptpad/backup_aws_secret_access_key"]
|
|
type = 'user'
|
|
description = 'Backup AWS secret access key'
|
|
|
|
[secrets."backup/cryptpad/backup_restic_repository"]
|
|
type = 'user'
|
|
description = 'Restic repository'
|
|
example = 's3:https://s3.garage.tld'
|
|
|
|
[secrets."backup/cryptpad/backup_aws_access_key_id"]
|
|
type = 'user'
|
|
description = 'Backup AWS access key ID'
|
|
|
|
|
|
# Consul backup
|
|
|
|
[secrets."backup/consul/backup_restic_password"]
|
|
type = 'user'
|
|
description = 'Restic password to encrypt backups'
|
|
|
|
[secrets."backup/consul/backup_aws_secret_access_key"]
|
|
type = 'user'
|
|
description = 'Backup AWS secret access key'
|
|
|
|
[secrets."backup/consul/backup_restic_repository"]
|
|
type = 'user'
|
|
description = 'Restic repository'
|
|
example = 's3:https://s3.garage.tld'
|
|
|
|
[secrets."backup/consul/backup_aws_access_key_id"]
|
|
type = 'user'
|
|
description = 'Backup AWS access key ID'
|
|
|
|
|
|
# Postgresql backup
|
|
|
|
[secrets."backup/psql/aws_secret_access_key"]
|
|
type = 'user'
|
|
description = 'Minio secret key'
|
|
|
|
[secrets."backup/psql/aws_access_key_id"]
|
|
type = 'user'
|
|
description = 'Minio access key'
|
|
|
|
[secrets."backup/psql/crypt_public_key"]
|
|
type = 'user'
|
|
description = 'A public key to encypt backups with age'
|
|
|
|
[secrets."backup/psql/crypt_private_key"]
|
|
type = 'user'
|
|
description = 'a private key to decript backups from age'
|
|
|
|
|
|
# SSH target config (do we still use this?)
|
|
|
|
[secrets."backup/target_ssh_host"]
|
|
type = 'user'
|
|
description = 'Hostname of the backup target host'
|
|
|
|
[secrets."backup/target_ssh_port"]
|
|
type = 'user'
|
|
description = 'SSH port number to connect to the target host'
|
|
|
|
[secrets."backup/target_ssh_dir"]
|
|
type = 'user'
|
|
description = 'Directory where to store backups on target host'
|
|
|
|
[secrets."backup/target_ssh_user"]
|
|
type = 'user'
|
|
description = 'SSH username to log in as on the target host'
|
|
|
|
[secrets."backup/target_ssh_fingerprint"]
|
|
type = 'user'
|
|
description = 'SSH fingerprint of the target machine (format: copy here the corresponding line from your known_hosts file)'
|
|
|
|
[secrets."backup/id_ed25519"]
|
|
type = 'user'
|
|
multiline = true
|
|
description = 'Private ed25519 key of the container doing the backup'
|
|
|
|
[secrets."backup/id_ed25519.pub"]
|
|
type = 'user'
|
|
description = 'Public ed25519 key of the container doing the backup (this key must be in authorized_keys on the backup target host)'
|
|
|