Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

secrets: add separate withOwner/withGroup functions

Browse source
This commit is contained in:
Infinidoge 2024-04-14 09:26:02 -04:00
parent 3dc9346801
commit b561c223aa
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
1 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

12
secrets/default.nix
View file

@ -9,7 +9,9 @@ let
{ file = "${./.}/${name}"; };
secrets = listToAttrs (map mkSecret (attrNames (import ./secrets.nix)));
withOwner = name: secret: secret // { owner = name; group = name; };
withOwnerGroup = name: secret: secret // { owner = name; group = name; };
withOwner = name: secret: secret // { owner = name; };
withGroup = name: secret: secret // { group = name; };
in
{
options = {
@ -30,14 +32,14 @@ in
;
}
(mkIf config.services.nginx.enable {
"inx.moe.pem" = withOwner "nginx" secrets."inx.moe.pem";
"inx.moe.key" = withOwner "nginx" secrets."inx.moe.key";
"inx.moe.pem" = withOwnerGroup "nginx" secrets."inx.moe.pem";
"inx.moe.key" = withOwnerGroup "nginx" secrets."inx.moe.key";
})
(mkIf config.services.vaultwarden.enable {
"vaultwarden" = withOwner "vaultwarden" secrets."vaultwarden";
"vaultwarden" = withOwnerGroup "vaultwarden" secrets."vaultwarden";
})
(mkIf config.services.freshrss.enable {
"freshrss" = withOwner "freshrss" secrets."freshrss";
"freshrss" = withOwnerGroup "freshrss" secrets."freshrss";
})
];
};