diff options
| author | Silas Schöffel <sils@sils.li> | 2025-01-25 22:05:41 +0100 |
|---|---|---|
| committer | Silas Schöffel <sils@sils.li> | 2025-01-25 22:06:56 +0100 |
| commit | 7e16fa24fce05962c3a741df8b58e82507ae8bfe (patch) | |
| tree | 85a1bd540d31006c1cc65f62ec7bb72d8661d9a2 | |
| parent | feat(miniflux): make secrets configurable (diff) | |
| download | nixos-server-7e16fa24fce05962c3a741df8b58e82507ae8bfe.zip | |
feat(mastodon): make secrets configurable
| -rw-r--r-- | hosts/by-name/server3/configuration.nix | 1 | ||||
| -rw-r--r-- | hosts/by-name/server3/secrets/mastodon/mail.age (renamed from modules/by-name/ma/mastodon/mail.age) | 0 | ||||
| -rw-r--r-- | modules/by-name/ma/mastodon/module.nix | 6 | ||||
| -rw-r--r-- | secrets.nix | 2 |
4 files changed, 7 insertions, 2 deletions
diff --git a/hosts/by-name/server3/configuration.nix b/hosts/by-name/server3/configuration.nix index 7337148..2afc79f 100644 --- a/hosts/by-name/server3/configuration.nix +++ b/hosts/by-name/server3/configuration.nix @@ -17,6 +17,7 @@ domain = "mastodon.vhack.eu"; enableTLD = false; tld = "vhack.eu"; + mailPwFile = ./secrets/mastodon/mail.age; }; matrix = { enable = true; diff --git a/modules/by-name/ma/mastodon/mail.age b/hosts/by-name/server3/secrets/mastodon/mail.age index 882ade9..882ade9 100644 --- a/modules/by-name/ma/mastodon/mail.age +++ b/hosts/by-name/server3/secrets/mastodon/mail.age diff --git a/modules/by-name/ma/mastodon/module.nix b/modules/by-name/ma/mastodon/module.nix index 5645014..895428d 100644 --- a/modules/by-name/ma/mastodon/module.nix +++ b/modules/by-name/ma/mastodon/module.nix @@ -25,10 +25,14 @@ in { default = null; example = "vhack.eu"; }; + mailPwFile = lib.mkOption { + type = lib.types.path; + description = "The age encrypted mail password file passed to agenix"; + }; }; config = lib.mkIf cfg.enable { age.secrets.mastodonMail = { - file = ./mail.age; + file = cfg.mailPwFile; mode = "700"; owner = "mastodon"; group = "mastodon"; diff --git a/secrets.nix b/secrets.nix index bf8cfaf..10608f4 100644 --- a/secrets.nix +++ b/secrets.nix @@ -17,7 +17,6 @@ let server3HostKey ]; in { - "./modules/by-name/ma/mastodon/mail.age".publicKeys = server3; "./modules/by-name/ma/matrix/passwd.age".publicKeys = server3; "./hosts/by-name/server2/secrets/backuppass.age".publicKeys = server2; @@ -26,6 +25,7 @@ in { "./hosts/by-name/server3/secrets/backuppass.age".publicKeys = server3; "./hosts/by-name/server3/secrets/backupssh.age".publicKeys = server3; + "./hosts/by-name/server3/secrets/mastodon/mail.age".publicKeys = server3; "./hosts/by-name/server3/secrets/miniflux/secrets/admin.age".publicKeys = server3; "./hosts/by-name/server3/secrets/peertube/general.age".publicKeys = server3; "./hosts/by-name/server3/secrets/peertube/smtp.age".publicKeys = server3; |