I want to setup restic and using agenix to use secrets. This is my agenix config
let
papanito = "ssh-rsa AAAA...;
users = [ papanito ];
in
{
"restic_password.age".publicKeys = [ papanito ];
"restic_b2_awscredentials.age".publicKeys = [ papanito ];
}
And this is my restic config, which uses agenix for restic_password and restic_b2_awscredentials
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
restic
autorestic
];
services.restic.backups.b2 = {
initialize = true;
passwordFile = config.age.secrets.restic_password.path;
paths = ["/home/papanito"];
repository = "b2:my-repo";
timerConfig = {
OnUnitActiveSec = "1d";
};
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 6"
"--keep-yearly 10"
];
};
systemd.services.restic-backups-b2 = {
environmentFile = {
s3CredentialsFile = config.age.secrets.restic_b2_awscredentials.path;
};
};
}
nixos-rebuils fails with
error: attribute 'restic_b2_awscredentials' missing
at /etc/nixos/services/restic.nix:112:27:
111| environmentFile = {
112| s3CredentialsFile = config.age.secrets.restic_b2_awscredentials.path;
| ^
113| };
Any clue why? The necessary files are under /etc/nixos/secrets and it works at least for the restic_password.