1 files changed, 4 insertions, 4 deletions

diff --git a/hosts/surtr/postgresql/default.nix b/hosts/surtr/postgresql/default.nix
index f0edfbac..54693b50 100644
--- a/hosts/surtr/postgresql/default.nix
+++ b/hosts/surtr/postgresql/default.nix
@@ -20,9 +20,9 @@ in {
           repo1-retention-archive = 2;
 
           repo2-host-type = "tls";
-          repo2-host = "pgbackrest.vidhar.yggdrasil";
+          repo2-host = "vidhar.yggdrasil.li";
           repo2-host-ca-file = toString ../../vidhar/pgbackrest/ca/ca.crt;
-          repo2-host-cert-file = toString ./pgbackrest.crt;
+          repo2-host-cert-file = toString ../../vidhar/pgbackrest/ca/surtr.crt;
           repo2-host-key-file = config.sops.secrets."pgbackrest.key".path;
           repo2-retention-full-type = "time";
           repo2-retention-full = 14;
@@ -40,7 +40,7 @@ in {
         "global:server" = {
           tls-server-address = "2a03:4000:52:ada:1::";
           tls-server-ca-file = toString ../../vidhar/pgbackrest/ca/ca.crt;
-          tls-server-cert-file = toString ./pgbackrest.crt;
+          tls-server-cert-file = toString ../../vidhar/pgbackrest/ca/surtr.crt;
           tls-server-key-file = config.sops.secrets."pgbackrest.key".path;
           tls-server-auth = ["vidhar.yggdrasil=surtr"];
         };
@@ -64,7 +64,7 @@ in {
 
     sops.secrets."pgbackrest.key" = {
       format = "binary";
-      sopsFile = ./pgbackrest.key;
+      sopsFile = ../../vidhar/pgbackrest/ca/surtr.key;
       owner = "postgres";
       group = "postgres";
       mode = "0400";