Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

secrets: add separate withOwner/withGroup functions

Browse source
This commit is contained in:
Infinidoge 2024-04-14 09:26:02 -04:00
parent 3dc9346801
commit b561c223aa
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
1 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

12
secrets/default.nix
View file

@ -9,7 +9,9 @@ let
{ file = "${./.}/${name}"; }; { file = "${./.}/${name}"; };
secrets = listToAttrs (map mkSecret (attrNames (import ./secrets.nix))); secrets = listToAttrs (map mkSecret (attrNames (import ./secrets.nix)));
withOwner = name: secret: secret // { owner = name; group = name; }; withOwnerGroup = name: secret: secret // { owner = name; group = name; };
withOwner = name: secret: secret // { owner = name; };
withGroup = name: secret: secret // { group = name; };
in in
{ {
options = { options = {
@ -30,14 +32,14 @@ in
; ;
} }
(mkIf config.services.nginx.enable { (mkIf config.services.nginx.enable {
"inx.moe.pem" = withOwner "nginx" secrets."inx.moe.pem"; "inx.moe.pem" = withOwnerGroup "nginx" secrets."inx.moe.pem";
"inx.moe.key" = withOwner "nginx" secrets."inx.moe.key"; "inx.moe.key" = withOwnerGroup "nginx" secrets."inx.moe.key";
}) })
(mkIf config.services.vaultwarden.enable { (mkIf config.services.vaultwarden.enable {
"vaultwarden" = withOwner "vaultwarden" secrets."vaultwarden"; "vaultwarden" = withOwnerGroup "vaultwarden" secrets."vaultwarden";
}) })
(mkIf config.services.freshrss.enable { (mkIf config.services.freshrss.enable {
"freshrss" = withOwner "freshrss" secrets."freshrss"; "freshrss" = withOwnerGroup "freshrss" secrets."freshrss";
}) })
]; ];
}; };