diff --git a/hosts/chunk/borg.nix b/hosts/chunk/borg.nix index 3e7afdc..a66c470 100644 --- a/hosts/chunk/borg.nix +++ b/hosts/chunk/borg.nix @@ -31,13 +31,13 @@ passCommand = "cat ${config.sops.secrets."borg/rsyncnet".path}"; }; environment = { - BORG_RSH = "ssh -i /home/yt/.ssh/id_ed25519"; + BORG_RSH = ''ssh -i ${config.sops.secrets."rsyncnet/id_ed25519"}''; BORG_REMOTE_PATH = "borg1"; BORG_EXIT_CODES = "modern"; }; compression = "auto,zstd"; startAt = "hourly"; - extraCreateArgs = [ "--stats" ]; + extraCreateArgs = [ "--stats" "-x" ]; # warnings are often not that serious failOnWarnings = false; postHook = '' diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix index 8691ff0..eeee7f0 100644 --- a/hosts/chunk/default.nix +++ b/hosts/chunk/default.nix @@ -79,6 +79,9 @@ sopsFile = ../../secrets/services/gitlab.yaml; owner = config.users.users.git.name; }; + "rsyncnet/id_ed25519" = { + sopsFile = ../../secrets/de3911/chunk.yaml; + }; }; boot.loader.grub.enable = true; diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix index 5ac437e..f029a99 100644 --- a/hosts/ytnix/default.nix +++ b/hosts/ytnix/default.nix @@ -23,6 +23,9 @@ "wireguard/psk" = { sopsFile = ../../secrets/wireguard/yt.yaml; }; + "rsyncnet/id_ed25519" = { + sopsFile = ../../secrets/de3911/yt.yaml; + }; }; boot = { @@ -207,13 +210,13 @@ passCommand = ''cat ${config.sops.secrets."borg/rsyncnet".path}''; }; environment = { - BORG_RSH = "ssh -i /home/yt/.ssh/id_ed25519"; + BORG_RSH = ''ssh -i ${config.sops.secrets."rsyncnet/id_ed25519".path}''; BORG_REMOTE_PATH = "borg1"; BORG_EXIT_CODES = "modern"; }; compression = "auto,zstd"; startAt = "daily"; - extraCreateArgs = [ "--stats" ]; + extraCreateArgs = [ "--stats" "-x" ]; # warnings are often not that serious failOnWarnings = false; postHook = ''