diff options
Diffstat (limited to '')
| -rw-r--r-- | modules/by-name/et/etesync/module.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/modules/by-name/et/etesync/module.nix b/modules/by-name/et/etesync/module.nix index b82baa2..bcabc8a 100644 --- a/modules/by-name/et/etesync/module.nix +++ b/modules/by-name/et/etesync/module.nix @@ -9,6 +9,10 @@ in { enable = lib.mkEnableOption '' a secure, end-to-end encrypted, and privacy respecting sync for your contacts, calendars, tasks and notes. ''; + secretFile = lib.mkOption { + type = lib.types.path; + description = "The age encrypted globale etebase secretfile passed to agenix"; + }; }; config = lib.mkIf cfg.enable { @@ -25,7 +29,7 @@ in { }; age.secrets.etebase-server = { - file = ./secret_file.age; + file = cfg.secretFile; mode = "700"; owner = "etebase-server"; group = "etebase-server"; @@ -68,5 +72,9 @@ in { }; }; }; + users = { + users.etebase-server.uid = config.vhack.constants.ids.uids.etebase-server; + groups.etebase-server.gid = config.vhack.constants.ids.gids.etebase-server; + }; }; } |