From 17cc2f8e44cc716ecbcf0395c6eb35b9f1244ff5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20H=C3=BCbner?= <michael.huebner@ptspaper.de>
Date: Tue, 29 Jul 2025 15:18:36 +0200
Subject: [PATCH] Add backup user

---
 git_system.nix | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/git_system.nix b/git_system.nix
index fcd2e37..bc3fafe 100644
--- a/git_system.nix
+++ b/git_system.nix
@@ -23,6 +23,21 @@ in
     ./shared/ssh.nix
   ];
 
+  services.openssh.settings.AllowUsers = [ "backup" ];
+
+  users.users = {
+    # connection only via ssh key
+    backup = {
+      isNormalUser = true;
+      home = "/home/backup";
+      description = "User used to copy the forgejo backup into PTS network";
+      extraGroups = [ "forgejo" ];
+      openssh.authorizedKeys.keys = [
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVdIrB5ytrzIVv+Zpmr5pesRj/aXGqS+gKd8wTL2tg4S8LYbyFWhos8uy+uAraU/vP1+ffxxQCKrjivxm53bZDpAXJKZyVV/defvJcOSQ2uhKM3c8LbTt/YR2AjoyTuOjj57ZFqQCDqEVIkFwbGuxCr4VclZpPD5Ny3StCTy9K8WJgKQ8pvXicB3msgy4hD3xL957F1wAFpyVufKrb45hrZyKfOLIgPTg/4l3sPVzBlsPUL4ZCkE2Gfmdtr2VUJ0ykZz9J8cJq59IN3nppqb2oqnwqcLWwhFy4U70SXCkwd0KtMICajp6H7qg73SUJPqgJewYRSLUiw4IxyD7Di1NU7WsPS+hS6QlTRFQKX3IaAkL26hXUgz8F1L9bd2CfVQxLQguFTS54hoFqcx/eNHtKiBvHBURJnBQDnpkQQbxaZ7D87TO6siuQklCUwaLvC8mjLv+D1+pXeJRZhEKefgkkYzd8A+SmTVuczfqTxP6PaMcx0plzj2uCmC03FcwWClDo1jcX3HpyCxLSBnyYWvzngHcropgqgrJbZYMluEBRn0SWMWbeiAxdyCCaxbL7buVKwwyR7/eoNG24lwWE2lqC6aV8wODg+Z+OVano1budInSJm85pabhEaZU52s2ETDFk6GbJr67Mka0NlrOaq/MrXtMpUTamfexnIXN53YNSrQ== ptspaper\d.rockstroh_adm@PTS-Filesrv03"
+      ];
+    };
+  };
+
   security.acme = {
     defaults.email = "michael.huebner@ptspaper.de";
     acceptTerms = true;