actually sops is nice enough that I dont really need hashicorp vault to manage secrets

modules/users/overseer/services.nix

@@ -19,8 +19,6 @@ in
       # Create the dirs we need
       systemd.tmpfiles.rules = [
         "d ${volumePath}"
-        "d ${volumePath}/vault/data 700 overseer overseer" # Vault says this needs to already exist upon boot
-        "d ${volumePath}/vault/snapshots 700 overseer overseer" # This is where we put snapshots for restic to backup
 
         "d ${volumePath}/paperless/data 700 overseer overseer"
         "d ${volumePath}/paperless/media 700 overseer overseer"
@@ -29,38 +27,8 @@ in
         "d ${volumePath}/NPM/letsencrypt 700 overseer overseer"
       ];
 
-      # Define some secrets to use in restic
-      sops.secrets."vault-backup/location" = {};
-      sops.secrets."vault-backup/pass" = {};
       # (Arguably) Most Important Service - backups
       services.restic.backups = {
-        vault = {
-          user = "root";
-          timerConfig = {
-            OnCalendar = "hourly";
-            Persistent = true;
-          };
-          paths = [
-            "${volumePath}/vault/snapshots"
-          ];
-          backupPrepareCommand = "${pkgs.vault}/bin/vault operator raft snapshot save ${volumePath}/vault/snapshots/backup.snap";
-          repositoryFile = config.sops.secrets."vault-backup/location".path;
-          passwordFile = config.sops.secrets."vault-backup/pass".path;
-        };
-      };
-
-      # Vault Service
-      services.vault = {
-        enable = true;
-        package = pkgs.vault-bin;
-        storageBackend = "raft";
-        storagePath = "${volumePath}/vault/data";
-        address = "127.0.0.1:8200";
-        extraConfig = ''
-          ui = true
-          api_addr = "http://127.0.0.1:8200"
-          cluster_addr = "http://127.0.0.1:8201"
-        '';
       };
 
       # Paperless-ngx