6 files changed, 4 insertions, 47 deletions
diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix
index 3558a421..ee5856c9 100644
--- a/hosts/vidhar/borg/default.nix
+++ b/hosts/vidhar/borg/default.nix
@@ -4,16 +4,16 @@ with lib;
 {
  config = {
-    services.borgbackup.repos.borg = {
+    services.borgbackup.repos.jotnar = {
-      path = "/srv/backup/borg";
+      path = "/srv/backup/borg/jotnar";
      authorizedKeysAppendOnly = let
-        dir = ./authorized-keys;
+        dir = ./jotnar;
        toAuthKey = fname: ftype: if ftype != "regular" || !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}");
      in filter (v: v != null) (lib.mapAttrsToList toAuthKey (builtins.readDir dir));
    };
    boot.postBootCommands = mkBefore ''
-      ${pkgs.findutils}/bin/find /srv/backup/borg -maxdepth 1 -type d -empty -delete
+      ${pkgs.findutils}/bin/find /srv/backup/borg -type d -empty -delete
    '';
    users.users.borg.extraGroups = ["ssh"];
@@ -25,14 +25,5 @@ with lib;
      Match All
    '';
-    sops.secrets.borg-passphrase = {
-      sopsFile = ./passphrase.yaml;
-      format = "yaml";
-      key = "borg";
-      owner = "borg";
-      group = "borg";
-      mode = "0440";
-    };
  };
 }
diff --git a/hosts/vidhar/borg/authorized-keys/surtr b/hosts/vidhar/borg/jotnar/surtr
index 26d286b4..26d286b4 100644
--- a/hosts/vidhar/borg/authorized-keys/surtr
+++ b/hosts/vidhar/borg/jotnar/surtr
diff --git a/hosts/vidhar/borg/authorized-keys/surtr.pub b/hosts/vidhar/borg/jotnar/surtr.pub
index 5c044d7a..5c044d7a 100644
--- a/hosts/vidhar/borg/authorized-keys/surtr.pub
+++ b/hosts/vidhar/borg/jotnar/surtr.pub
diff --git a/hosts/vidhar/borg/authorized-keys/ymir b/hosts/vidhar/borg/jotnar/ymir
index f3dd360c..f3dd360c 100644
--- a/hosts/vidhar/borg/authorized-keys/ymir
+++ b/hosts/vidhar/borg/jotnar/ymir
diff --git a/hosts/vidhar/borg/authorized-keys/ymir.pub b/hosts/vidhar/borg/jotnar/ymir.pub
index a62fcfdf..a62fcfdf 100644
--- a/hosts/vidhar/borg/authorized-keys/ymir.pub
+++ b/hosts/vidhar/borg/jotnar/ymir.pub
diff --git a/hosts/vidhar/borg/passphrase.yaml b/hosts/vidhar/borg/passphrase.yaml
deleted file mode 100644
index 2cb63790..00000000
--- a/hosts/vidhar/borg/passphrase.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-borg: ENC[AES256_GCM,data:o5pmEauOdKlmHxy0TRj8E8QXyy6ve+mP/rcDNfdn7N0=,iv:qJIaJxzDKf7dLJtxwQOQcPvqY4CW3XZMOZXGe9hqavQ=,tag:BUp8yuXq7mVMvZ4JjbXhug==,type:str]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age: []
-    lastmodified: "2022-02-06T20:32:52Z"
-    mac: ENC[AES256_GCM,data:FvSjzLSV3mnV1a0Sdt4PsdZtfOO7VhWe5LilR1fNTywwClOlr+g0SFVcJezU9AJDKsElfjoS2L3WFCNzyF9cHFnQFUt87TFbUxWbX0j4ib8lkJ4cpn2txeqXo0viq58/jnkNQD8o/f6fOlD5Y//0Lpyj055kWkPSGOmjoa4q/ps=,iv:Gnmo1ciA4FWsM+Qed/tKFjWEdQ/uqpAMQrHu44GsyWc=,tag:+8+YO9w/6glN+eNNSgzHiQ==,type:str]
-    pgp:
-        - created_at: "2022-02-06T20:32:40Z"
-          enc: |
-            -----BEGIN PGP MESSAGE-----
-            hF4DbYDvGI0HDr0SAQdAVAW0FHYzJhXVUvP/nvGrTrzSZhoAqLzuUnbjt0WiTRww
-            bVPtaek+koF+7cNFXO44nl0jwAZ3JhMAkbJThMkzKfVPGlSclIvlsx48fKDxeGlG
-            0l4BTnEn9Cooj9HAIVsnhicqkTw0iDfHuMHJKIKE5QHj6DspwmFTXN65yzA1rdLY
-            tYtMf5l7LLfZ1A/g4Ntem/BmivTyCGHo0H+KE5hYj0G/LPOAKd5u+gILMb0ieiEn
-            =/Hp4
-            -----END PGP MESSAGE-----
-          fp: A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362
-        - created_at: "2022-02-06T20:32:40Z"
-          enc: |
-            -----BEGIN PGP MESSAGE-----
-            hF4DXxoViZlp6dISAQdARXAvPGVP/xWyS7hihCv2r92juXZ0n38RDEYq6N4tPxAw
-            3JV5lFVE+EHIa8xB8WR8ACyV9kjZxhNkSmbUCBjyONCBMeS8aTzbYAC1xvOBOg/c
-            0l4BbpKdYpMeKjhoLgef0/DoO4cuPKFgq7GVfivErkb8s4Px5L5nVDsBCDb4gXvy
-            RWrsrgxHN1wtmRFfgOTahvYdPDneFYKa30vm7CLmBY1/XBZJ0vlzzhHvqOc9Xelb
-            =Y6lZ
-            -----END PGP MESSAGE-----
-          fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51
-    unencrypted_suffix: _unencrypted
-    version: 3.7.1

diff --git a/hosts/vidhar/borg/default.nix b/hosts/vidhar/borg/default.nix index 3558a421..ee5856c9 100644 --- a/hosts/vidhar/borg/default.nix +++ b/hosts/vidhar/borg/default.nix
@@ -4,16 +4,16 @@ with lib;
4		4
5	{	5	{
6	config = {	6	config = {
7	services.borgbackup.repos.borg = {	7	services.borgbackup.repos.jotnar = {
8	path = "/srv/backup/borg";	8	path = "/srv/backup/borg/jotnar";
9	authorizedKeysAppendOnly = let	9	authorizedKeysAppendOnly = let
10	dir = ./authorized-keys;	10	dir = ./jotnar;
11	toAuthKey = fname: ftype: if ftype != "regular" \|\| !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}");	11	toAuthKey = fname: ftype: if ftype != "regular" \|\| !(hasSuffix ".pub" fname) then null else builtins.readFile (dir + "/${fname}");
12	in filter (v: v != null) (lib.mapAttrsToList toAuthKey (builtins.readDir dir));	12	in filter (v: v != null) (lib.mapAttrsToList toAuthKey (builtins.readDir dir));
13	};	13	};
14		14
15	boot.postBootCommands = mkBefore ''	15	boot.postBootCommands = mkBefore ''
16	${pkgs.findutils}/bin/find /srv/backup/borg -maxdepth 1 -type d -empty -delete	16	${pkgs.findutils}/bin/find /srv/backup/borg -type d -empty -delete
17	'';	17	'';
18		18
19	users.users.borg.extraGroups = ["ssh"];	19	users.users.borg.extraGroups = ["ssh"];
@@ -25,14 +25,5 @@ with lib;
25		25
26	Match All	26	Match All
27	'';	27	'';
28
29	sops.secrets.borg-passphrase = {
30	sopsFile = ./passphrase.yaml;
31	format = "yaml";
32	key = "borg";
33	owner = "borg";
34	group = "borg";
35	mode = "0440";
36	};
37	};	28	};
38	}	29	}


diff --git a/hosts/vidhar/borg/authorized-keys/surtr b/hosts/vidhar/borg/jotnar/surtr index 26d286b4..26d286b4 100644 --- a/hosts/vidhar/borg/authorized-keys/surtr +++ b/hosts/vidhar/borg/jotnar/surtr


diff --git a/hosts/vidhar/borg/authorized-keys/surtr.pub b/hosts/vidhar/borg/jotnar/surtr.pub index 5c044d7a..5c044d7a 100644 --- a/hosts/vidhar/borg/authorized-keys/surtr.pub +++ b/hosts/vidhar/borg/jotnar/surtr.pub


diff --git a/hosts/vidhar/borg/authorized-keys/ymir b/hosts/vidhar/borg/jotnar/ymir index f3dd360c..f3dd360c 100644 --- a/hosts/vidhar/borg/authorized-keys/ymir +++ b/hosts/vidhar/borg/jotnar/ymir


diff --git a/hosts/vidhar/borg/authorized-keys/ymir.pub b/hosts/vidhar/borg/jotnar/ymir.pub index a62fcfdf..a62fcfdf 100644 --- a/hosts/vidhar/borg/authorized-keys/ymir.pub +++ b/hosts/vidhar/borg/jotnar/ymir.pub


diff --git a/hosts/vidhar/borg/passphrase.yaml b/hosts/vidhar/borg/passphrase.yaml deleted file mode 100644 index 2cb63790..00000000 --- a/hosts/vidhar/borg/passphrase.yaml +++ /dev/null
@@ -1,34 +0,0 @@
1	borg: ENC[AES256_GCM,data:o5pmEauOdKlmHxy0TRj8E8QXyy6ve+mP/rcDNfdn7N0=,iv:qJIaJxzDKf7dLJtxwQOQcPvqY4CW3XZMOZXGe9hqavQ=,tag:BUp8yuXq7mVMvZ4JjbXhug==,type:str]
2	sops:
3	kms: []
4	gcp_kms: []
5	azure_kv: []
6	hc_vault: []
7	age: []
8	lastmodified: "2022-02-06T20:32:52Z"
9	mac: ENC[AES256_GCM,data:FvSjzLSV3mnV1a0Sdt4PsdZtfOO7VhWe5LilR1fNTywwClOlr+g0SFVcJezU9AJDKsElfjoS2L3WFCNzyF9cHFnQFUt87TFbUxWbX0j4ib8lkJ4cpn2txeqXo0viq58/jnkNQD8o/f6fOlD5Y//0Lpyj055kWkPSGOmjoa4q/ps=,iv:Gnmo1ciA4FWsM+Qed/tKFjWEdQ/uqpAMQrHu44GsyWc=,tag:+8+YO9w/6glN+eNNSgzHiQ==,type:str]
10	pgp:
11	- created_at: "2022-02-06T20:32:40Z"
12	enc: \|
13	-----BEGIN PGP MESSAGE-----
14
15	hF4DbYDvGI0HDr0SAQdAVAW0FHYzJhXVUvP/nvGrTrzSZhoAqLzuUnbjt0WiTRww
16	bVPtaek+koF+7cNFXO44nl0jwAZ3JhMAkbJThMkzKfVPGlSclIvlsx48fKDxeGlG
17	0l4BTnEn9Cooj9HAIVsnhicqkTw0iDfHuMHJKIKE5QHj6DspwmFTXN65yzA1rdLY
18	tYtMf5l7LLfZ1A/g4Ntem/BmivTyCGHo0H+KE5hYj0G/LPOAKd5u+gILMb0ieiEn
19	=/Hp4
20	-----END PGP MESSAGE-----
21	fp: A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362
22	- created_at: "2022-02-06T20:32:40Z"
23	enc: \|
24	-----BEGIN PGP MESSAGE-----
25
26	hF4DXxoViZlp6dISAQdARXAvPGVP/xWyS7hihCv2r92juXZ0n38RDEYq6N4tPxAw
27	3JV5lFVE+EHIa8xB8WR8ACyV9kjZxhNkSmbUCBjyONCBMeS8aTzbYAC1xvOBOg/c
28	0l4BbpKdYpMeKjhoLgef0/DoO4cuPKFgq7GVfivErkb8s4Px5L5nVDsBCDb4gXvy
29	RWrsrgxHN1wtmRFfgOTahvYdPDneFYKa30vm7CLmBY1/XBZJ0vlzzhHvqOc9Xelb
30	=Y6lZ
31	-----END PGP MESSAGE-----
32	fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51
33	unencrypted_suffix: _unencrypted
34	version: 3.7.1