store state passwords in map & edn

infrastructure/backup/image/resources/install.sh

@@ -27,6 +27,7 @@ function main() {
     install -m 0400 /tmp/functions.sh /usr/local/lib/
     install -m 0400 /tmp/pg-functions.sh /usr/local/lib/
     install -m 0400 /tmp/file-functions.sh /usr/local/lib/
+    install -m 0740 /tmp/restic_management.clj /usr/local/bin/
 
     cleanupDocker
 }

infrastructure/backup/image/resources/restic_management.clj

@@ -26,8 +26,26 @@
      (catch RuntimeException e
        (printf "Error parsing edn file '%s': %s\n" "backup-repository-state.edn" (.getMessage e)))))
 
-(println (read-backup-repository-state))
+(defn read-secret [s]
+  (slurp (str "/var/run/secrets/" s)))
+   ;"/var/run/secrets/rotation-credential-secret/rotation-credential"))
 
-(println (:state (read-backup-repository-state)))
+;(println (read-backup-repository-state))
 
-(println (s/valid? ::backup-repository-state (read-backup-repository-state)))
+;(println (:state (read-backup-repository-state)))
+
+;(println (s/valid? ::backup-repository-state (read-backup-repository-state)))
+
+(println (read-secret "rotation-credential-secret/rotation-credential"))
+(println (read-secret "backup-secrets/restic-password"))
+
+(s/def ::new-password string?)
+(s/def ::old-password string?)
+(s/def ::password-state
+  (s/keys :req-un [::new-password ::old-password]))
+
+(defn rotate []
+  (let [state {:new-password (read-secret "rotation-credential-secret/rotation-credential")
+               :old-password (read-secret "backup-secrets/restic-password")}]
+    (store-backup-repository-state (prn-str state))))
+(rotate)