felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-05-24 18:04:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

serverle: backup switch to new secrets

Browse source
This commit is contained in:
Felix Buehler 2022-11-30 13:40:35 +01:00
parent b2ff6fa5e6
commit edf356f6b3
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
nixos/serverle/backup.nix
View file

@ -29,8 +29,8 @@ in
];
sops.defaultSopsFile = ./secrets.yaml;
sops.secrets.borgbackup_password = { };
sops.secrets.borgbackup_private_ssh_key = { };
sops.secrets."borgbackup/password" = { };
sops.secrets."borgbackup/private_ssh_key" = { };
services.borgbackup.jobs.hetzner = {
paths = [
@ -59,9 +59,9 @@ in
extraCreateArgs = "--exclude-caches --keep-exclude-tags --stats";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets.borgbackup_password.path}";
passCommand = "cat ${config.sops.secrets."borgbackup/password".path}";
};
environment.BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i ${config.sops.secrets.borgbackup_private_ssh_key.path} -p 23";
environment.BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i ${config.sops.secrets."borgbackup/private_ssh_key".path} -p 23";
repo = borgbackupPath;
compression = "auto,zstd";
doInit = false;