From 692b3ae98465f58db28371ff1c025864fd3b4a13 Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@private.storage>
Date: Tue, 3 May 2022 18:33:13 +0000
Subject: [PATCH] Revert "Back up a whole grid into one repository. Have much
 fewer configuration."

This reverts commit c8a13555d8621e92329e5c2f88903236aa6cd5c3.

Sadly, Borg says this is not a good idea: https://borgbackup.readthedocs.io/en/stable/faq.html#can-i-backup-from-multiple-servers-into-a-single-repository
---
 morph/grid/local/config.json                               | 1 -
 morph/grid/local/grid.nix                                  | 2 +-
 morph/grid/local/public-keys/borgbackup/storage1.repopath  | 1 +
 morph/grid/local/public-keys/borgbackup/storage2.repopath  | 1 +
 morph/grid/production/config.json                          | 1 -
 morph/grid/production/grid.nix                             | 2 +-
 .../production/public-keys/borgbackup/storage001.repopath  | 1 +
 .../production/public-keys/borgbackup/storage002.repopath  | 1 +
 .../production/public-keys/borgbackup/storage003.repopath  | 1 +
 .../production/public-keys/borgbackup/storage004.repopath  | 1 +
 .../production/public-keys/borgbackup/storage005.repopath  | 1 +
 morph/grid/testing/config.json                             | 1 -
 morph/grid/testing/grid.nix                                | 2 +-
 .../testing/public-keys/borgbackup/storage001.repopath     | 1 +
 morph/lib/base.nix                                         | 7 +------
 morph/lib/borgbackup.nix                                   | 5 ++---
 16 files changed, 14 insertions(+), 15 deletions(-)
 create mode 100644 morph/grid/local/public-keys/borgbackup/storage1.repopath
 create mode 120000 morph/grid/local/public-keys/borgbackup/storage2.repopath
 create mode 100644 morph/grid/production/public-keys/borgbackup/storage001.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage002.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage003.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage004.repopath
 create mode 120000 morph/grid/production/public-keys/borgbackup/storage005.repopath
 create mode 100644 morph/grid/testing/public-keys/borgbackup/storage001.repopath

diff --git a/morph/grid/local/config.json b/morph/grid/local/config.json
index 3f643ca9..52809842 100644
--- a/morph/grid/local/config.json
+++ b/morph/grid/local/config.json
@@ -11,5 +11,4 @@
     "http://localhost:5000"
   ]
 , "monitoringGoogleOAuthClientID": ""
-, "borgBackupRepoPath": "vjs989hy@vjs989hy.repo.borgbase.com:repo"
 }
diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix
index 003f52a8..088d9e8c 100644
--- a/morph/grid/local/grid.nix
+++ b/morph/grid/local/grid.nix
@@ -57,7 +57,7 @@ let
     grid = {
       publicKeyPath = toString ./. + "/${grid-config.publicKeyPath}";
       privateKeyPath = toString ./. + "/${grid-config.privateKeyPath}";
-      inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail borgBackupRepoPath;
+      inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail;
     };
     # Configure deployment management authorization for all systems in the grid.
     services.private-storage.deployment = {
diff --git a/morph/grid/local/public-keys/borgbackup/storage1.repopath b/morph/grid/local/public-keys/borgbackup/storage1.repopath
new file mode 100644
index 00000000..7e24d080
--- /dev/null
+++ b/morph/grid/local/public-keys/borgbackup/storage1.repopath
@@ -0,0 +1 @@
+vjs989hy@vjs989hy.repo.borgbase.com:repo
diff --git a/morph/grid/local/public-keys/borgbackup/storage2.repopath b/morph/grid/local/public-keys/borgbackup/storage2.repopath
new file mode 120000
index 00000000..f8e96aa8
--- /dev/null
+++ b/morph/grid/local/public-keys/borgbackup/storage2.repopath
@@ -0,0 +1 @@
+storage1.repopath
\ No newline at end of file
diff --git a/morph/grid/production/config.json b/morph/grid/production/config.json
index 7d734e23..8cdeaab9 100644
--- a/morph/grid/production/config.json
+++ b/morph/grid/production/config.json
@@ -17,5 +17,4 @@
     "https://private.storage"
   ]
 , "monitoringGoogleOAuthClientID": "802959152038-klpkk38sfnqmknn1ucg7pvs4hcc2k8ae.apps.googleusercontent.com"
-, "borgBackupRepoPath": "still-to@fill-in.repo.borgbase.com:repo"
 }
diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix
index 2e9a1029..06fe07f8 100644
--- a/morph/grid/production/grid.nix
+++ b/morph/grid/production/grid.nix
@@ -19,7 +19,7 @@ let
     grid = {
       publicKeyPath = toString ./. + "/${grid-config.publicKeyPath}";
       privateKeyPath = toString ./. + "/${grid-config.privateKeyPath}";
-      inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail borgBackupRepoPath;
+      inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail;
     };
     # Configure deployment management authorization for all systems in the grid.
     services.private-storage.deployment = {
diff --git a/morph/grid/production/public-keys/borgbackup/storage001.repopath b/morph/grid/production/public-keys/borgbackup/storage001.repopath
new file mode 100644
index 00000000..8ab7655f
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage001.repopath
@@ -0,0 +1 @@
+tqxc4i79@tqxc4i79.repo.borgbase.com:repo
diff --git a/morph/grid/production/public-keys/borgbackup/storage002.repopath b/morph/grid/production/public-keys/borgbackup/storage002.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage002.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/production/public-keys/borgbackup/storage003.repopath b/morph/grid/production/public-keys/borgbackup/storage003.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage003.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/production/public-keys/borgbackup/storage004.repopath b/morph/grid/production/public-keys/borgbackup/storage004.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage004.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/production/public-keys/borgbackup/storage005.repopath b/morph/grid/production/public-keys/borgbackup/storage005.repopath
new file mode 120000
index 00000000..30741301
--- /dev/null
+++ b/morph/grid/production/public-keys/borgbackup/storage005.repopath
@@ -0,0 +1 @@
+storage001.repopath
\ No newline at end of file
diff --git a/morph/grid/testing/config.json b/morph/grid/testing/config.json
index 914ffd44..ba48a27d 100644
--- a/morph/grid/testing/config.json
+++ b/morph/grid/testing/config.json
@@ -18,5 +18,4 @@
   , "https://privatestorage-staging.com"
   ]
 , "monitoringGoogleOAuthClientID": "802959152038-6esn1c6u2lm3j82lf29jvmn8s63hi8dc.apps.googleusercontent.com"
-, "borgBackupRepoPath": "tqxc4i79@tqxc4i79.repo.borgbase.com:repo"
 }
diff --git a/morph/grid/testing/grid.nix b/morph/grid/testing/grid.nix
index 65adee9f..c033da12 100644
--- a/morph/grid/testing/grid.nix
+++ b/morph/grid/testing/grid.nix
@@ -19,7 +19,7 @@ let
     grid = {
       publicKeyPath = toString ./. + "/${grid-config.publicKeyPath}";
       privateKeyPath = toString ./. + "/${grid-config.privateKeyPath}";
-      inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail borgBackupRepoPath;
+      inherit (grid-config) monitoringvpnEndpoint letsEncryptAdminEmail;
     };
     # Configure deployment management authorization for all systems in the grid.
     services.private-storage.deployment = {
diff --git a/morph/grid/testing/public-keys/borgbackup/storage001.repopath b/morph/grid/testing/public-keys/borgbackup/storage001.repopath
new file mode 100644
index 00000000..8ab7655f
--- /dev/null
+++ b/morph/grid/testing/public-keys/borgbackup/storage001.repopath
@@ -0,0 +1 @@
+tqxc4i79@tqxc4i79.repo.borgbase.com:repo
diff --git a/morph/lib/base.nix b/morph/lib/base.nix
index bfaa4f48..41734977 100644
--- a/morph/lib/base.nix
+++ b/morph/lib/base.nix
@@ -30,6 +30,7 @@
         The domain name and port of the monitoring VPN endpoint.
       '';
     };
+
     letsEncryptAdminEmail = lib.mkOption {
       type = lib.types.str;
       description = ''
@@ -37,12 +38,6 @@
         certificate issuance.
       '';
     };
-    borgBackupRepoPath = lib.mkOption {
-      type = lib.types.str;
-      description = ''
-        The Borg backup repository shared between all nodes of one grid.
-      '';
-    };
   };
 
   # Any extra NixOS modules to load on all our servers.  Note that just
diff --git a/morph/lib/borgbackup.nix b/morph/lib/borgbackup.nix
index 9d17629d..229dc218 100644
--- a/morph/lib/borgbackup.nix
+++ b/morph/lib/borgbackup.nix
@@ -6,7 +6,7 @@
 { lib, config, ...}:
 let
   cfg = config.services.private-storage.borgbackup;
-  inherit (config.grid) publicKeyPath privateKeyPath borgBackupRepoPath;
+  inherit (config.grid) publicKeyPath privateKeyPath;
 
   # Get a per-host number of hours to start the backup at a
   # time that should be "night" in most of the USA:
@@ -46,9 +46,8 @@ in {
     services.borgbackup.jobs = {
       daily = {
         paths = cfg.paths;
+        repo = lib.fileContents "${publicKeyPath}/borgbackup/${config.networking.hostName}.repopath";
         doInit = false;
-        repo = borgBackupRepoPath;
-        archiveBaseName = config.networking.hostName;
         encryption = {
           mode = "repokey-blake2";
           passCommand = "cat /run/keys/borgbackup/passphrase";
-- 
GitLab