diff options
| author | Silas Schöffel <sils@sils.li> | 2025-01-25 21:59:01 +0100 |
|---|---|---|
| committer | Silas Schöffel <sils@sils.li> | 2025-01-25 22:01:45 +0100 |
| commit | a9119f8e7d23047a08cfef26cd6b9c3139828e4f (patch) | |
| tree | d7508d9ddc5d1e5d9e856cd8d566b4a4cbda0cc4 | |
| parent | feat(peertube): make secrets configurable (diff) | |
| download | nixos-server-a9119f8e7d23047a08cfef26cd6b9c3139828e4f.zip | |
feat(miniflux): make secrets configurable
| -rw-r--r-- | hosts/by-name/server3/configuration.nix | 1 | ||||
| -rw-r--r-- | hosts/by-name/server3/secrets/miniflux/admin.age (renamed from modules/by-name/mi/miniflux/secrets/admin.age) | 0 | ||||
| -rw-r--r-- | modules/by-name/mi/miniflux/module.nix | 6 | ||||
| -rw-r--r-- | secrets.nix | 2 |
4 files changed, 7 insertions, 2 deletions
diff --git a/hosts/by-name/server3/configuration.nix b/hosts/by-name/server3/configuration.nix index 33dfd48..7337148 100644 --- a/hosts/by-name/server3/configuration.nix +++ b/hosts/by-name/server3/configuration.nix @@ -31,6 +31,7 @@ "rss.vhack.eu" "miniflux.vhack.eu" ]; + adminCredentialsFile = ./secrets/miniflux/admin.age; }; murmur = { enable = true; diff --git a/modules/by-name/mi/miniflux/secrets/admin.age b/hosts/by-name/server3/secrets/miniflux/admin.age index 12944a5..12944a5 100644 --- a/modules/by-name/mi/miniflux/secrets/admin.age +++ b/hosts/by-name/server3/secrets/miniflux/admin.age diff --git a/modules/by-name/mi/miniflux/module.nix b/modules/by-name/mi/miniflux/module.nix index ca6f476..0075bca 100644 --- a/modules/by-name/mi/miniflux/module.nix +++ b/modules/by-name/mi/miniflux/module.nix @@ -16,11 +16,15 @@ in { description = "Additional domains to serve miniflux on"; default = []; }; + adminCredentialsFile = lib.mkOption { + type = lib.types.path; + description = "The age encrypted admin credentials file passed to agenix"; + }; }; config = lib.mkIf cfg.enable { age.secrets = { minifluxAdmin = { - file = ./secrets/admin.age; + file = cfg.adminCredentialsFile; mode = "700"; owner = "root"; group = "root"; diff --git a/secrets.nix b/secrets.nix index d2b2b51..bf8cfaf 100644 --- a/secrets.nix +++ b/secrets.nix @@ -17,7 +17,6 @@ let server3HostKey ]; in { - "./modules/by-name/mi/miniflux/secrets/admin.age".publicKeys = server3; "./modules/by-name/ma/mastodon/mail.age".publicKeys = server3; "./modules/by-name/ma/matrix/passwd.age".publicKeys = server3; @@ -27,6 +26,7 @@ in { "./hosts/by-name/server3/secrets/backuppass.age".publicKeys = server3; "./hosts/by-name/server3/secrets/backupssh.age".publicKeys = server3; + "./hosts/by-name/server3/secrets/miniflux/secrets/admin.age".publicKeys = server3; "./hosts/by-name/server3/secrets/peertube/general.age".publicKeys = server3; "./hosts/by-name/server3/secrets/peertube/smtp.age".publicKeys = server3; } |