foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-02-12 06:19:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

hosts/plover: refactor code

Browse Source
This commit is contained in:
Gabriel Arazas 2022-12-26 17:45:54 +08:00
parent 7b5c25bf18
commit c92077380b
1 changed files with 16 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hosts/plover/default.nix
View File

@ -63,16 +63,14 @@ in
"plover/${secret}" "plover/${secret}"
((getKey secret) // config)) ((getKey secret) // config))
secrets; secrets;
in
getSecrets (
let
giteaUserGroup = config.users.users."${config.services.gitea.user}".group; giteaUserGroup = config.users.users."${config.services.gitea.user}".group;
# It is hardcoded but as long as the module is stable that way. # It is hardcoded but as long as the module is stable that way.
vaultwardenUserGroup = config.users.groups.vaultwarden.name; vaultwardenUserGroup = config.users.groups.vaultwarden.name;
postgresUserGroup = config.users.groups.postgres.name; postgresUserGroup = config.users.groups.postgres.name;
in in
{ getSecrets {
"ssh-key" = { }; "ssh-key" = { };
"lego/env" = { }; "lego/env" = { };
"gitea/db/password".owner = giteaUserGroup; "gitea/db/password".owner = giteaUserGroup;
@ -81,8 +79,7 @@ in
"borg/patterns/keys" = { }; "borg/patterns/keys" = { };
"borg/password" = { }; "borg/password" = { };
"keycloak/db/password".owner = postgresUserGroup; "keycloak/db/password".owner = postgresUserGroup;
} };
);
# All of the keys required to deploy the secrets. Don't know how to make the # All of the keys required to deploy the secrets. Don't know how to make the
# GCP KMS key work though without manually going into the instance and # GCP KMS key work though without manually going into the instance and