From 54d3070b405c11c233658739ee8e454c2233c45b Mon Sep 17 00:00:00 2001
From: Minijackson <minijackson@riseup.net>
Date: Wed, 19 May 2021 19:23:37 +0200
Subject: backup-client: don't implicitely set path to secrets

---
 usecases/common/backup-client.nix | 28 ++++++++++------------------
 1 file changed, 10 insertions(+), 18 deletions(-)

(limited to 'usecases')

diff --git a/usecases/common/backup-client.nix b/usecases/common/backup-client.nix
index a9acd7a..d942c90 100644
--- a/usecases/common/backup-client.nix
+++ b/usecases/common/backup-client.nix
@@ -10,23 +10,15 @@ with lib;
     description = "List of Borgbackup jobs for which we want nice defaults";
   };
 
-  config.services.borgbackup.jobs = let
-    passFile = name:
-      "/etc/nixos/usecases/common/backup-client/private/${name}_pass.txt";
-    keyFile = name:
-      "/etc/nixos/usecases/common/backup-client/private/${name}_key";
-  in genAttrs config.services.borgbackup.jobList (name: {
-    compression = mkDefault "auto,zstd";
-    encryption = {
-      mode = mkDefault "repokey";
-      passCommand = mkDefault "cat ${passFile name}";
-    };
+  config.services.borgbackup.jobs = genAttrs
+    config.services.borgbackup.jobList
+    (name: {
+      compression = mkDefault "auto,zstd";
+      encryption = {
+        mode = mkDefault "repokey";
+      };
 
-    environment = {
-      BORG_RSH = mkDefault "ssh -i ${keyFile name}";
-    };
-
-    extraCreateArgs = mkDefault "--stats";
-    extraPruneArgs = mkDefault "--list --stats";
-  });
+      extraCreateArgs = mkDefault "--stats";
+      extraPruneArgs = mkDefault "--list --stats";
+    });
 }
-- 
cgit v1.2.3