Use sops for private key distribution

nixos/modules/borgbackup.nix

@@ -116,12 +116,12 @@ in {
       jobs.fsaccount = {
         preHook = ''
           mkdir -p /home/fsaccount/sicherung # Create if it does not exist
-          ${pkgs.rsync}/bin/rsync -e 'ssh -i /run/secrets/backupKey' -r fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
+          ${pkgs.rsync}/bin/rsync -e 'ssh -i /home/fsaccount/.ssh/backupKey' -r fachschaft@gw1.mathematik.tu-darmstadt.de:/home/fachschaft/* /home/fsaccount/sicherung
         '';
         paths = "/home/fsaccount/sicherung";
         encryption.mode = "none";
         environment = {
-          BORG_RSH = "ssh -i /run/secrets/backupKey";
+          BORG_RSH = "ssh -i /home/fsaccount/.ssh/backupKey";
           BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK = "yes";
         };
         repo = "borg@localhost:fsaccount";
@@ -141,6 +141,7 @@ in {
     };
     sops.secrets.backupKey = {
       sopsFile = ../machines/bragi/backupKey.yaml;
+      path = "/home/fsaccount/.ssh/backupKey";
       owner = config.users.users.fsaccount.name;
       inherit (config.users.users.fsaccount) group;
       mode = "0400";