From 76d3410702124dade30cc979bbd51c2e838a2074 Mon Sep 17 00:00:00 2001
From: blake <me@blakedheld.xyz>
Date: Sat, 18 Oct 2025 15:00:50 -0500
Subject: [PATCH] new backup browser

---
 ...{backup_browse.sh => backup_browse_old.sh} |  0
 bin/lf_borg.sh                                | 73 +++++++++++++++++++
 modules/holocron/perms/default.nix            |  4 +-
 users/blake/dots/zsh/default.nix              |  2 +-
 4 files changed, 76 insertions(+), 3 deletions(-)
 rename bin/{backup_browse.sh => backup_browse_old.sh} (100%)
 create mode 100755 bin/lf_borg.sh

diff --git a/bin/backup_browse.sh b/bin/backup_browse_old.sh
similarity index 100%
rename from bin/backup_browse.sh
rename to bin/backup_browse_old.sh
diff --git a/bin/lf_borg.sh b/bin/lf_borg.sh
new file mode 100755
index 0000000..8478910
--- /dev/null
+++ b/bin/lf_borg.sh
@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# --- Configuration ---
+DEFAULT_REPO="/holocron/archives/homelab"
+SECRET_PATH="/run/secrets/borg_passwd"
+
+# --- Usage ---
+# ./browse-borg-root.sh [optional-path-to-repo]
+REPO="${1:-$DEFAULT_REPO}"
+
+# --- Always escalate to root at start ---
+if [[ $EUID -ne 0 ]]; then
+  exec sudo --preserve-env=BORG_PASSPHRASE,BORG_REPO "$0" "$@"
+fi
+
+# --- Determine passphrase ---
+if [[ -z "${BORG_PASSPHRASE:-}" ]]; then
+  if [[ "$REPO" == /holocron* && -f "$SECRET_PATH" ]]; then
+    echo "Using default Borg passphrase from $SECRET_PATH"
+    BORG_PASSPHRASE=$(<"$SECRET_PATH")
+  else
+    read -rsp "Enter Borg passphrase: " BORG_PASSPHRASE
+    echo
+  fi
+fi
+export BORG_PASSPHRASE
+
+# --- Check dependencies ---
+for cmd in borg fzf lf; do
+  if ! command -v "$cmd" &>/dev/null; then
+    echo "Error: '$cmd' is required but not installed." >&2
+    exit 1
+  fi
+done
+
+# --- Verify repo exists ---
+if [[ ! -d "$REPO" ]]; then
+  echo "Error: repository path '$REPO' not found."
+  exit 1
+fi
+
+# --- List archives (newest on bottom) ---
+archives=$(borg list --format "{archive} {time}\n" "$REPO" \
+  | sort -k2 \
+  | awk '{print $1}')
+
+if [[ -z "$archives" ]]; then
+  echo "No archives found in $REPO"
+  exit 0
+fi
+
+# --- Select archive with fzf ---
+archive=$(echo "$archives" | fzf --reverse --prompt="Select archive: ")
+if [[ -z "$archive" ]]; then
+  echo "No archive selected."
+  exit 0
+fi
+
+# --- Mount ---
+MOUNT_DIR=$(mktemp -d -t borg-mnt-XXXXXX)
+echo "Mounting archive '$archive' at $MOUNT_DIR..."
+
+cleanup() {
+  echo "Unmounting archive..."
+  borg umount "$MOUNT_DIR" >/dev/null 2>&1 || true
+  rmdir "$MOUNT_DIR" >/dev/null 2>&1 || true
+}
+trap cleanup EXIT INT TERM
+
+borg mount "$REPO::$archive" "$MOUNT_DIR"
+lf "$MOUNT_DIR"
+
diff --git a/modules/holocron/perms/default.nix b/modules/holocron/perms/default.nix
index 7b997f3..5100b81 100644
--- a/modules/holocron/perms/default.nix
+++ b/modules/holocron/perms/default.nix
@@ -44,8 +44,8 @@ in {
               user=$(basename "$user_dir")
               echo "starting $user_dir"
               chown -Rc $user:$user $user_dir
-              find $user_dir -type d -exec chmod 2770 "$@"' {} +
-              find $user_dir -type f -exec chmod 660 "$@"' {} +
+              find $user_dir -type d -exec chmod 2770 "$@" {} +
+              find $user_dir -type f -exec chmod 660 "$@" {} +
             fi
           done
           echo "fin"
diff --git a/users/blake/dots/zsh/default.nix b/users/blake/dots/zsh/default.nix
index e5c39d4..0652739 100644
--- a/users/blake/dots/zsh/default.nix
+++ b/users/blake/dots/zsh/default.nix
@@ -67,7 +67,7 @@
       # --- scripts ---
       rebuild = "sh ~/.nix/bin/rebuild.sh";
       perms = "sudo sh ~/.nix/bin/perms.sh";
-      bb = "sudo sh ~/.nix/bin/backup_browse.sh";
+      bb = "sudo sh ~/.nix/bin/lf_borg.sh";
 
       # --- git ---
       status = "git status";