modules/restic-backup: use `escapeShellArgs` instead of `concatStringsSep` (breaks on paths with spaces)

commit 2efc31c67ffa976ca8c9cf951f89aa598e215973
parent 409b59dfda1e588be40461f04917a6252f115273
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 3 Feb 2022 14:22:25 +0100

modules/restic-backup: use `escapeShellArgs` instead of `concatStringsSep` (breaks on paths with spaces)

1 file changed, 2 insertions(+), 2 deletions(-)

modules/restic-backups.nix

++--

diff --git a/modules/restic-backups.nix b/modules/restic-backups.nix
@@ -71,7 +71,7 @@ in {
           RuntimeDirectory   = "restic-backup-${name}";
           CacheDirectory     = "restic-backup-${name}";
           CacheDirectoryMode = "0700";
-          ReadWritePaths     = backup.paths;
+#          ReadWritePaths     = backup.paths;
           PrivateTmp         = true;
           ProtectHome        = true;
           ProtectSystem      = "strict";

@@ -126,7 +126,7 @@ in {
           restic snapshots || restic init
 
           #backup files
-          restic backup ${concatStringsSep " " (backup.paths ++ optional (backup.postgresDatabases != []) "/tmp/postgresDatabases") }
+          restic backup ${escapeShellArgs (backup.paths ++ optional (backup.postgresDatabases != []) "/tmp/postgresDatabases") }
 
           restic check
         '') backup.targets;