another secret

This commit is contained in:
Motiejus Jakštys 2023-04-05 16:57:31 +03:00
parent a0c620725b
commit 6e1a5034c4
4 changed files with 15 additions and 4 deletions

View File

@ -253,7 +253,7 @@ in {
repo = "zh2769@zh2769.rsync.net:hel1-a.servers.jakst"; repo = "zh2769@zh2769.rsync.net:hel1-a.servers.jakst";
encryption = { encryption = {
mode = "repokey-blake2"; mode = "repokey-blake2";
passCommand = "cat /var/src/secrets/borgbackup/password"; passCommand = "cat ${config.age.secrets.borgbackup-password.path}";
}; };
paths = value.paths; paths = value.paths;
extraArgs = "--remote-path=borg1"; extraArgs = "--remote-path=borg1";

View File

@ -41,8 +41,8 @@
agenix.nixosModules.default agenix.nixosModules.default
{ {
#age.secrets.zfs-passphrase.file = ./secrets/hel1-a/zfs-passphrase.age; age.secrets.zfs-passphrase.file = ./secrets/hel1-a/zfs-passphrase.age;
age.secrets.x.file = ./secrets/hel1-a/zfs-passphrase.age; age.secrets.borgbackup-password.file = ./secrets/hel1-a/borgbackup/password.age;
} }
]; ];
}; };

View File

@ -6,5 +6,6 @@ let
systems = [ hel1-a ]; systems = [ hel1-a ];
in in
{ {
"secrets/hel1-a/zfs-passphrase.age".publicKeys = [ motiejus hel1-a ]; "secrets/hel1-a/zfs-passphrase.age".publicKeys = [ hel1-a ] ++ users;
"secrets/hel1-a/borgbackup/password.age".publicKeys = [ hel1-a ] ++ users;
} }

View File

@ -0,0 +1,10 @@
age-encryption.org/v1
-> ssh-ed25519 vDjOfg 0/IO1+EoGmn3ZEet4SMhOmAJQeT5YpttmKAipD1oCwg
iZLiUv9rhKU5LLPRsJOoCHTb8TIvJ0LlC3d2Sd9roo4
-> piv-p256 +y2G/w A730rF1kEug1nr308d+6913WteORiv4BiHJ3GgZIrSXA
qd0R3f3FDMldSvOTlzk2CljuGkSWP4/KImPRDbhOv/o
-> ~_^9s}-grease 4$%7. i/IdUD
8AYlo65+TL2iuJUfLDurHcr9l26OLjuzEbdaOjne6xZblfvHPYiRnzHmFdiLGNoY
HbzxgTmY0UjlR1stDc7JqigIiD0zNNr6AfeBDnOQtJItpTNvmPIH4OqGluR/cQ
--- hLALRFLVY80PGNkw0E8fUoM2h80+BJKegw9DeAjkC7g
Ë<EFBFBD>IÈ°ßm¨p¹OW<4F>Äqª‰íקfA yµ5 Íî#?ñ…oAéqYîq§fO;]± ¼ Ó