diff --git a/.gitattributes b/.gitattributes index 62988e9..5a52419 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,3 +1,3 @@ -secrets/*.secret filter=git-crypt diff=git-crypt +secrets/**/*.secret filter=git-crypt diff=git-crypt secrets/wireguard.nix filter=git-crypt diff=git-crypt home/secrets/*.secret filter=git-crypt diff=git-crypt diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix index e1a1fc2..d797b56 100644 --- a/hosts/poseidon/default.nix +++ b/hosts/poseidon/default.nix @@ -64,7 +64,7 @@ in borg-backup = { enable = true; - repo = secrets.borg-backup-repo; + repo = secrets.borg-backup.poseidon-repo; }; fail2ban = { diff --git a/secrets/borg-backup/default.nix b/secrets/borg-backup/default.nix new file mode 100644 index 0000000..1d6b630 --- /dev/null +++ b/secrets/borg-backup/default.nix @@ -0,0 +1,4 @@ +{ lib }: +{ + poseidon-repo = lib.fileContents ./poseidon-repo.secret; +} diff --git a/secrets/borg-backup-repo.secret b/secrets/borg-backup/poseidon-repo.secret similarity index 100% rename from secrets/borg-backup-repo.secret rename to secrets/borg-backup/poseidon-repo.secret diff --git a/secrets/default.nix b/secrets/default.nix index 0f21d45..a76b282 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -10,12 +10,13 @@ with lib; shadow-hashed-password-alarsyo = lib.fileContents ./shadow-hashed-password-alarsyo.secret; shadow-hashed-password-root = lib.fileContents ./shadow-hashed-password-root.secret; miniflux-admin-credentials = lib.fileContents ./miniflux-admin-credentials.secret; - borg-backup-repo = lib.fileContents ./borg-backup-repo.secret; transmission-password = lib.fileContents ./transmission.secret; nextcloud-admin-pass = lib.fileContents ./nextcloud-admin-pass.secret; nextcloud-admin-user = lib.fileContents ./nextcloud-admin-user.secret; lohr-shared-secret = lib.fileContents ./lohr-shared-secret.secret; + borg-backup = import ./borg-backup { inherit lib; }; + wireguard = pkgs.callPackage ./wireguard.nix { }; }; }