chvp/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Start using age for secret management

Browse source
This commit is contained in:
Charlotte Van Petegem 2021-06-20 00:18:20 +02:00
parent 276c8f33c8
commit da9160559c
No known key found for this signature in database
GPG key ID: 019E764B7184435A
39 changed files with 281 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/syncthing-server.nix
View file

@ -9,8 +9,8 @@
config = lib.mkIf config.chvp.syncthing-server.enable {
services.syncthing = {
enable = true;
dataDir = "${config.chvp.dataPrefix}/var/lib/synthing";
configDir = "${config.chvp.dataPrefix}/var/lib/synthing/.config";
dataDir = "${config.chvp.dataPrefix}/var/lib/syncthing";
configDir = "${config.chvp.dataPrefix}/var/lib/syncthing/.config";
openDefaultPorts = true;
guiAddress = "127.0.0.1:8384";
};
@ -20,9 +20,13 @@
fqdn = "syncthing.vanpetegem.me";
basicProxy = "http://localhost:8384";
options = {
basicAuthFile = "${config.chvp.dataPrefix}/var/secrets/syncthing.vanpetegem.me.htpasswd";
basicAuthFile = config.age.secrets."passwords/services/syncthing-basic-auth".path;
};
}
];
age.secrets."passwords/services/syncthing-basic-auth" = {
file = ../secrets/passwords/services/syncthing-basic-auth.age;
owner = "nginx";
};
};
}