Emitter: Enable remote burp backups to Rupert
This commit is contained in:
parent
4cd0b3d1c3
commit
754445e11a
|
@ -37,6 +37,34 @@
|
||||||
gitUser = "fruchti";
|
gitUser = "fruchti";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super: {
|
||||||
|
burp = (super.burp.overrideAttrs (old: {
|
||||||
|
postInstall = ''
|
||||||
|
mv $out/sbin/burp $out/sbin/burp-untunneled
|
||||||
|
cat > $out/sbin/burp <<-EOF
|
||||||
|
#!/${pkgs.bash}/bin/bash
|
||||||
|
${pkgs.openssh}/bin/ssh -i /secrets/id_burp_remote -o IdentitiesOnly=yes -o ExitOnForwardFailure=yes -L 4971:localhost:4971 burp-remote@rupert.gvfr.de -f true
|
||||||
|
$out/sbin/burp-untunneled \$@
|
||||||
|
EOF
|
||||||
|
chmod +x $out/sbin/burp
|
||||||
|
'';
|
||||||
|
}));
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
services.burp = {
|
||||||
|
client = {
|
||||||
|
enable = true;
|
||||||
|
# Because of the port forward, the server will be localhost
|
||||||
|
server = "localhost";
|
||||||
|
frequency = "2:00";
|
||||||
|
passwordFile = "/secrets/burp_client_password";
|
||||||
|
sslKeyPasswordFile = "/secrets/burp_ssl_key_password";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It’s perfectly fine and recommended to leave
|
# on your system were taken. It’s perfectly fine and recommended to leave
|
||||||
|
|
Loading…
Reference in a new issue