chvp/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Start using age for secret management

Browse source
This commit is contained in:
Charlotte Van Petegem 2021-06-20 00:18:20 +02:00
parent 276c8f33c8
commit da9160559c
No known key found for this signature in database
GPG key ID: 019E764B7184435A
39 changed files with 281 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

9
modules/accentor.nix
View file

@ -106,7 +106,7 @@ in
environment = env;
path = [ pkgs.ffmpeg gems gems.wrappedRuby ];
serviceConfig = {
EnvironmentFile = "${config.chvp.dataPrefix}/var/secrets/accentor-api";
EnvironmentFile = config.age.secrets."passwords/services/accentor".path;
Type = "simple";
User = "accentor";
Group = "accentor";
@ -128,7 +128,7 @@ in
environment = env;
path = [ pkgs.ffmpeg gems gems.wrappedRuby ];
serviceConfig = {
EnvironmentFile = "${config.chvp.dataPrefix}/var/secrets/accentor-api";
EnvironmentFile = config.age.secrets."passwords/services/accentor".path;
Type = "simple";
User = "accentor";
Group = "accentor";
@ -140,6 +140,11 @@ in
}) 4));
age.secrets."passwords/services/accentor" = {
file = ../secrets/passwords/services/accentor.age;
owner = "accentor";
};
users.users.accentor = {
group = "accentor";
home = "${config.chvp.dataPrefix}/var/lib/accentor";