MarcoPolo · March 7, 2021 20:00
diff --git a/lazyssh-config.hcl b/lazyssh-config.hcl
 server {
  listen = "0.0.0.0:7922"  # The default

  # Set this to the contents of lazyssh_host_key generated above.
  host_key = <<-EOF
 -----BEGIN OPENSSH PRIVATE KEY-----
 ...
 -----END OPENSSH PRIVATE KEY-----
  EOF

  # Set this to the contents of lazyssh_client_key.pub generated above.
  authorized_key = <<-EOF
    ssh-ed25519 ...
  EOF
 }

 target "archiver" "aws_ec2" {

  # NixOS https://nixos.org/download.html#nixos-amazon
  image_id = "ami-0fb7bd4a43261c6b2"

  user_data = <<-USEREOF
  /* SSH Host information. Multiline comment so this isn't evaluated when inside configuration.nix. Note that SSH_HOST_ED25519_KEY is all on one line.
  SSH_HOST_ED25519_KEY:-----BEGIN OPENSSH PRIVATE KEY-----|line1|line2|...|-----END OPENSSH PRIVATE KEY-----
  SSH_HOST_ED25519_KEY_PUB:ssh-ed25519 ... root@archiver
  */
  {pkgs, ...}:
  {
    imports = [ <nixpkgs/nixos/modules/virtualisation/amazon-image.nix> ];
    ec2.hvm = true;
    ec2.efi = false;
    boot.supportedFilesystems = [ "zfs" ];
    environment.systemPackages = (with pkgs; [ lz4 ]);
    # Randomly generated
    networking.hostId = "796774C8";
    # This may fail initially since the backup dataset hasn't been created
    fileSystems."/backup" = {
      device = "rpool/backup";
      fsType = "zfs";
    };
  }

  USEREOF

  instance_type = "t3.micro"
  region = "us-west-2"
  profile = "default"

  # Name of the key pair to launch with. (Required)
  key_name = "YOUR_AWS_KEYPAIR"

  # The amount of time the EC2 instance will
  # linger before it is terminated. The default is to terminate the instance
  # immediately when the last connection is closed.
  linger = "60s"

  # Root drive backed by EBS. This is for the machine to run, this is not where backups are stored.
  ebs_block_device {
    # Name of the EBS volume. (Required)
    device_name = "/dev/xvda"

    # Whether to delete the volume on instance termination.
    delete_on_termination = true

    # Whether to encrypt the volume.
    encrypted = true

    # KMS key ID used to encrypt the volume.
    kms_key_id = "00000000-0000-0000-0000-000000000000"

    # Size in GiB.
    volume_size = 40

    # Type of volume. One of: standard, gp2, io1, io2
    volume_type = "io2"

    # Provisioned IOPS. Required for volume types `io1` and `io2`.
    iops = 400
  }

  placement {
    availability_zone = "us-west-2d"
  }

  attach_volume {
    device_name = "/dev/xvdb"
    volume_id = "vol-BACKUPVOLID"
  }
 }
	server {
	listen = "0.0.0.0:7922" # The default

	# Set this to the contents of lazyssh_host_key generated above.
	host_key = <<-EOF
	-----BEGIN OPENSSH PRIVATE KEY-----
	...
	-----END OPENSSH PRIVATE KEY-----
	EOF

	# Set this to the contents of lazyssh_client_key.pub generated above.
	authorized_key = <<-EOF
	ssh-ed25519 ...
	EOF
	}

	target "archiver" "aws_ec2" {

	# NixOS https://nixos.org/download.html#nixos-amazon
	image_id = "ami-0fb7bd4a43261c6b2"

	user_data = <<-USEREOF
	/* SSH Host information. Multiline comment so this isn't evaluated when inside configuration.nix. Note that SSH_HOST_ED25519_KEY is all on one line.
	SSH_HOST_ED25519_KEY:-----BEGIN OPENSSH PRIVATE KEY-----\|line1\|line2\|...\|-----END OPENSSH PRIVATE KEY-----
	SSH_HOST_ED25519_KEY_PUB:ssh-ed25519 ... root@archiver
	*/
	{pkgs, ...}:
	{
	imports = [ <nixpkgs/nixos/modules/virtualisation/amazon-image.nix> ];
	ec2.hvm = true;
	ec2.efi = false;
	boot.supportedFilesystems = [ "zfs" ];
	environment.systemPackages = (with pkgs; [ lz4 ]);
	# Randomly generated
	networking.hostId = "796774C8";
	# This may fail initially since the backup dataset hasn't been created
	fileSystems."/backup" = {
	device = "rpool/backup";
	fsType = "zfs";
	};
	}

	USEREOF

	instance_type = "t3.micro"
	region = "us-west-2"
	profile = "default"

	# Name of the key pair to launch with. (Required)
	key_name = "YOUR_AWS_KEYPAIR"

	# The amount of time the EC2 instance will
	# linger before it is terminated. The default is to terminate the instance
	# immediately when the last connection is closed.
	linger = "60s"

	# Root drive backed by EBS. This is for the machine to run, this is not where backups are stored.
	ebs_block_device {
	# Name of the EBS volume. (Required)
	device_name = "/dev/xvda"

	# Whether to delete the volume on instance termination.
	delete_on_termination = true

	# Whether to encrypt the volume.
	encrypted = true

	# KMS key ID used to encrypt the volume.
	kms_key_id = "00000000-0000-0000-0000-000000000000"

	# Size in GiB.
	volume_size = 40

	# Type of volume. One of: standard, gp2, io1, io2
	volume_type = "io2"

	# Provisioned IOPS. Required for volume types `io1` and `io2`.
	iops = 400
	}

	placement {
	availability_zone = "us-west-2d"
	}

	attach_volume {
	device_name = "/dev/xvdb"
	volume_id = "vol-BACKUPVOLID"
	}
	}