3 files changed, 24 insertions, 1 deletions

diff --git a/modules/core/users.nix b/modules/core/users.nix
index b1a30ed..d498e09 100644
--- a/modules/core/users.nix
+++ b/modules/core/users.nix
@@ -1,6 +1,7 @@
 { lib, pkgs, inputs, ... }:
 {
   programs.zsh.enable = true;
+  users.defaultUserShell = pkgs.zsh;
 
   security.sudo.execWheelOnly = lib.mkDefault true;
   security.sudo.wheelNeedsPassword = lib.mkDefault false;
diff --git a/modules/snorlax/syncoid.nix b/modules/snorlax/syncoid.nix
index 5328652..435e040 100644
--- a/modules/snorlax/syncoid.nix
+++ b/modules/snorlax/syncoid.nix
@@ -23,6 +23,6 @@
   services.syncoid.sshKey = config.age.secrets.syncoid-key.path;
   services.syncoid.commonArgs = ["--no-sync-snap"];
   services.syncoid.commands = {
-    "data/safe/persist".target = "ubuntu@185.107.88.38:backup/snorlax";
+    "data/safe/persist".target = "transfer@backup.jras.nl:backup/snorlax";
   };
 }
diff --git a/node/backup.jras.nl/default.nix b/node/backup.jras.nl/default.nix
index 515a4db..2857536 100644
--- a/node/backup.jras.nl/default.nix
+++ b/node/backup.jras.nl/default.nix
@@ -34,4 +34,26 @@
       }
     ];
   };
+
+  users.users.transfer = {
+    openssh.authorizedKeys.keyFiles = [ ../../public/syncoid-key.pub ];
+    createHome = true;
+    home = "/persist/home/transfer";
+    isSystemUser = true;
+    useDefaultShell = true;
+    group = "users";
+  };
+
+  services.openssh.settings.AllowUsers = [ "transfer" ];
+  services.sanoid.enable = true;
+  services.sanoid.datasets = {
+    "backup" = {
+      autoprune = true;
+      autosnap = false;
+      hourly = 72;
+      daily = 7;
+      monthly = 1;
+      yearly = 1;
+    };
+  };
 }