From 03d7b2495ce81c0f0a8bfa4203d85d7695742288 Mon Sep 17 00:00:00 2001
From: Tyler Starr <starrtyler88@gmail.com>
Date: Sun, 21 Jul 2024 20:47:43 -0700
Subject: [PATCH] passwordless login for kestrel restic backup

---
 home/dot_aliases                   | 2 +-
 provision/hosts/default/backup.nix | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/home/dot_aliases b/home/dot_aliases
index c744a4e9..1b5eff26 100644
--- a/home/dot_aliases
+++ b/home/dot_aliases
@@ -3,7 +3,7 @@
 
 # nixos
 alias nu="cd ~/.local/share/chezmoi/provision && \
-          sudo nixos-rebuild switch --flake .#$(hostname) && \
+          sudo nixos-rebuild switch --impure --flake .#$(hostname) && \
           cd -"
 # sway
 alias s='sway'
diff --git a/provision/hosts/default/backup.nix b/provision/hosts/default/backup.nix
index e0d5dee2..29be7b0b 100644
--- a/provision/hosts/default/backup.nix
+++ b/provision/hosts/default/backup.nix
@@ -1,5 +1,10 @@
 { config, pkgs, user, lib, ... }:
 {
+  # Password-less logins for backup
+  users.users."${user}".openssh.authorizedKeys.keyFiles = [
+    config.age.secrets."ssh/kestrel/id_ed25519.pub".path
+  ];
+
   environment.systemPackages = with pkgs; [
     restic # Fast and secure backup program
   ];