Use container secrets to import borg passphrase

.gitignore

@@ -1,5 +1,5 @@
 data/source/*/
 data/.bash_history
-data/credentials/*
 data_sources_*
 secret_sources_*
+credentials/*

data/borgmatic/common.yaml

@@ -9,7 +9,7 @@ repositories:
 remote_path: borg-1.4
 ssh_command: ssh -i /var/run/secrets/${SSH_KEY_NAME}
 
-encryption_passphrase: "{credential file /credentials/borg_passphrase}"
+encryption_passphrase: "{credential container ${BORG_PASSPHRASE_NAME}}"
 compression: lz4
 
 checks:

start.py

@@ -51,14 +51,12 @@ def main():
     data_path = Path.cwd() / "data"
     config_d_path = data_path / "borgmatic.d"
     config_path = data_path / "borgmatic"
-    credentials_path = data_path / "credentials"
     history_file = data_path / ".bash_history"
     history_file.touch()
     ssh_config_path = Path.home() / ".ssh"
     volumes = [
         f"{config_d_path}:/etc/borgmatic.d/",
         f"{config_path}:/etc/borgmatic/",
-        f"{credentials_path}:/credentials/",
         f"{ssh_config_path}:/root/.ssh",
         f"{history_file}:/root/.bash_history",
         "borg_config:/root/.config/borg",