From 47dfdfcac00c5f7af21693584a883c2563bf4977 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Fri, 26 Jul 2024 23:51:45 -0500 Subject: [PATCH] Fixes for borg --- nixos/hosts/gandalf/default.nix | 17 +++++++---------- nixos/hosts/gandalf/secrets.sops.yaml | 5 ++--- nixos/modules/nixos/system/borg/default.nix | 4 ---- 3 files changed, 9 insertions(+), 17 deletions(-) diff --git a/nixos/hosts/gandalf/default.nix b/nixos/hosts/gandalf/default.nix index dd6e3a0..2198c84 100644 --- a/nixos/hosts/gandalf/default.nix +++ b/nixos/hosts/gandalf/default.nix @@ -62,9 +62,6 @@ in mode = "0444"; sopsFile = ./secrets.sops.yaml; }; - "borg/repository/location" = { - sopsFile = ./secrets.sops.yaml; - }; "borg/repository/passphrase" = { sopsFile = ./secrets.sops.yaml; }; @@ -88,13 +85,13 @@ in resticBackup.local.enable = false; resticBackup.remote.enable = false; # # Borg - # borgbackup = { - # enable = true; - # paths = [ "/home" ]; - # exclude = [ ]; - # repo = "ssh://t3zvn0dd@t3zvn0dd.repo.borgbase.com/./repo"; - # repoKeyPath = "/run/secrets/borgbackup/telchar"; - # }; + borgbackup = { + enable = true; + paths = [ "/home" ]; + exclude = [ ]; + repo = "ssh://t3zvn0dd@t3zvn0dd.repo.borgbase.com/./repo"; + repoKeyPath = config.sops.secrets."borg/repository/passphrase".path; + }; }; services = { podman.enable = true; diff --git a/nixos/hosts/gandalf/secrets.sops.yaml b/nixos/hosts/gandalf/secrets.sops.yaml index 1a88bcd..b4c172d 100644 --- a/nixos/hosts/gandalf/secrets.sops.yaml +++ b/nixos/hosts/gandalf/secrets.sops.yaml @@ -3,7 +3,6 @@ lego: token: ENC[AES256_GCM,data:CfRFhGE8AyZfO9RzoXXTfm8kstvx+Fuy53o9ulYNZiufzzSQ4KzwYIoCRw==,iv:HEC8hRpmk7YDI7RHj29ZAeFKyPgsWTHw1sxjdZuhcrw=,tag:7RhEhZ9GkyBE9PJRe+gD+Q==,type:str] borg: repository: - location: ENC[AES256_GCM,data:C3W4H2Tp23jEAbkrXv2lvWLSsragsphl+i51sWGfrQ2wXjAwj59LPtLpPHxggvCc,iv:l5FA/wgoCnyzCnCChi6iE2Acq5aMkmWdFec2kYj9lA0=,tag:IB/4ThqFqbMIQKPAof7fbQ==,type:str] passphrase: ENC[AES256_GCM,data:lt0Rq269GoBuLNw9fxwuMAmtYjE=,iv:57IFde6EX7myLSCvYXkkbSulr8S7JPYoThWBsPLH0Yw=,tag:NwlpouurYF+2qmw2T3De8A==,type:str] sops: kms: [] @@ -74,8 +73,8 @@ sops: V1d0d1lKb3hyYVQ4elBIZ0hnU3FTbnMKiWERjAwlJRPK+PILCBV03uyNVnNgolA8 PS0vbIDVNiX0pIrRlM2sVivZwqajjTB3XROXMmbIKpQxDMjvpHgqJA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-27T03:58:24Z" - mac: ENC[AES256_GCM,data:1X1tYx+zciKiwSrxfdV5BF+MLzNZaw3umgNay5c1xO5zUilAIvf7iAoQPZoDh26AxSTG5qTL5A1IC0YGYYpIasF20bBThpLDzfaA2wMpZSL7OPggIH2t/GInwPOOvBph4O1POtpOtpyRGa2ZYB7e/Ix9dbHlagOsOSdAmi3xkRU=,iv:O5nrQDCCMiblm9PQzwV4xPzyY4GaIEJuA4LOgUJfmYA=,tag:WmdUbf+M9qDNGLJQEdvhdQ==,type:str] + lastmodified: "2024-07-27T04:50:25Z" + mac: ENC[AES256_GCM,data:IKLC9N4FvfV+eWFoVZa5ijyBdiQuNdXAE4Z/pQNhns+qTuMpuz9QLeQGysow8zCqg9z5WHPa+U10uBIJg0P6Bq2CkBTJ2/75axsQgqc+BPuY4cUfppbYqQaSzB831b3XMHei9m/IPXNoh277jk0E9A0mOzHu4YsBEEzyf5nESn4=,iv:dOIgrQD0eDB1lqTWoDoLXnDZTWJLf5m9a948Wabfc6I=,tag:MWoIe5UpTqZCDDJMcg0swA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/nixos/modules/nixos/system/borg/default.nix b/nixos/modules/nixos/system/borg/default.nix index 3d735c3..65ff7f0 100644 --- a/nixos/modules/nixos/system/borg/default.nix +++ b/nixos/modules/nixos/system/borg/default.nix @@ -8,24 +8,20 @@ in paths = lib.mkOption { type = lib.types.listOf lib.types.str; default = [ ]; - required = true; }; exclude = lib.mkOption { type = lib.types.listOf lib.types.str; default = [ ]; - required = false; }; repo = lib.mkOption { example = "borgbackup@myserver:repo"; type = lib.types.str; default = ""; - required = true; }; repoKeyPath = lib.mkOption { example = "/run/secrets/borgbackup/telchar"; type = lib.types.str; default = ""; - required = false; }; };