From 5df6a0cb4a080c3a06c2f8aec9998c1faedc776c Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@private.storage>
Date: Mon, 2 May 2022 19:25:20 +0000
Subject: [PATCH] Borgbackup: Move repopath to public key part.

It's not really a key, and not really public, but not secret either.
This way, the tests can run.
---
 .../grid/local/private-keys/borgbackup/storage1.repopath | 1 -
 .../grid/local/public-keys/borgbackup/storage1.repopath  | 1 +
 .../borgbackup/storage2.repopath                         | 0
 .../public-keys/borgbackup/storage001.repopath           | 1 +
 .../public-keys/borgbackup/storage002.repopath           | 1 +
 .../public-keys/borgbackup/storage003.repopath           | 1 +
 .../public-keys/borgbackup/storage004.repopath           | 1 +
 .../public-keys/borgbackup/storage005.repopath           | 1 +
 .../testing/public-keys/borgbackup/storage001.repopath   | 1 +
 morph/lib/borgbackup.nix                                 | 9 +--------
 10 files changed, 8 insertions(+), 9 deletions(-)
 delete mode 100644 morph/grid/local/private-keys/borgbackup/storage1.repopath
 create mode 100644 morph/grid/local/public-keys/borgbackup/storage1.repopath
 rename morph/grid/local/{private-keys => public-keys}/borgbackup/storage2.repopath (100%)
 create mode 100644 morph/grid/production/public-keys/borgbackup/storage001.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage002.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage003.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage004.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage005.repopath
 create mode 100644 morph/grid/testing/public-keys/borgbackup/storage001.repopath

diff --git a/morph/grid/local/private-keys/borgbackup/storage1.repopath b/morph/grid/local/private-keys/borgbackup/storage1.repopath
deleted file mode 100644
index 9118f1f4..00000000
--- a/morph/grid/local/private-keys/borgbackup/storage1.repopath
+++ /dev/null
@@ -1 +0,0 @@
-ratatat@ratatat.repo.borgbase.com:repo
diff --git a/morph/grid/local/public-keys/borgbackup/storage1.repopath b/morph/grid/local/public-keys/borgbackup/storage1.repopath
new file mode 100644
index 00000000..7e24d080
--- /dev/null
+++ b/morph/grid/local/public-keys/borgbackup/storage1.repopath
@@ -0,0 +1 @@
+vjs989hy@vjs989hy.repo.borgbase.com:repo
diff --git a/morph/grid/local/private-keys/borgbackup/storage2.repopath b/morph/grid/local/public-keys/borgbackup/storage2.repopath
similarity index 100%
rename from morph/grid/local/private-keys/borgbackup/storage2.repopath
rename to morph/grid/local/public-keys/borgbackup/storage2.repopath
diff --git a/morph/grid/production/public-keys/borgbackup/storage001.repopath b/morph/grid/production/public-keys/borgbackup/storage001.repopath
new file mode 100644
index 00000000..8ab7655f
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage001.repopath
@@ -0,0 +1 @@
+tqxc4i79@tqxc4i79.repo.borgbase.com:repo
diff --git a/morph/grid/production/public-keys/borgbackup/storage002.repopath b/morph/grid/production/public-keys/borgbackup/storage002.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage002.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/production/public-keys/borgbackup/storage003.repopath b/morph/grid/production/public-keys/borgbackup/storage003.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage003.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/production/public-keys/borgbackup/storage004.repopath b/morph/grid/production/public-keys/borgbackup/storage004.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage004.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/production/public-keys/borgbackup/storage005.repopath b/morph/grid/production/public-keys/borgbackup/storage005.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage005.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/testing/public-keys/borgbackup/storage001.repopath b/morph/grid/testing/public-keys/borgbackup/storage001.repopath
new file mode 100644
index 00000000..8ab7655f
--- /dev/null
+++ b/morph/grid/testing/public-keys/borgbackup/storage001.repopath
@@ -0,0 +1 @@
+tqxc4i79@tqxc4i79.repo.borgbase.com:repo
diff --git a/morph/lib/borgbackup.nix b/morph/lib/borgbackup.nix
index 1dc48dd1..1cae71e9 100644
--- a/morph/lib/borgbackup.nix
+++ b/morph/lib/borgbackup.nix
@@ -23,13 +23,6 @@ in {
   config = lib.mkIf cfg.enable {
     deployment = {
       secrets = {
-        "borgbackup-repopath" = {
-          # This is the repo we are backing up to
-          # Not very secret, but not public either, and I'd rather keep it with
-          # the rest of the backup destination config
-          destination = "/run/keys/borgbackup/repopath";
-          source = "${privateKeyPath}/borgbackup/${config.networking.hostName}.repopath";
-        };
         "borgbackup-passphrase" = {
           # The passphrase is used to encrypt the repo key
           # https://borgbackup.readthedocs.io/en/stable/usage/init.html
@@ -47,7 +40,7 @@ in {
     services.borgbackup.jobs = {
       daily = {
         paths = cfg.paths;
-        repo = lib.fileContents config.deployment.secrets.borgbackup-repopath.source;
+        repo = lib.fileContents "${publicKeyPath}/borgbackup/${config.networking.hostName}.repopath";
         encryption = {
           mode = "repokey-blake2";
           passCommand = "cat /run/keys/borgbackup/passphrase";
-- 
GitLab