mirror of
https://github.com/foo-dogsquared/nixos-config.git
synced 2025-02-12 06:19:00 +00:00
hosts/plover: refactor code
This commit is contained in:
parent
7b5c25bf18
commit
c92077380b
@ -63,26 +63,23 @@ in
|
|||||||
"plover/${secret}"
|
"plover/${secret}"
|
||||||
((getKey secret) // config))
|
((getKey secret) // config))
|
||||||
secrets;
|
secrets;
|
||||||
in
|
|
||||||
getSecrets (
|
|
||||||
let
|
|
||||||
giteaUserGroup = config.users.users."${config.services.gitea.user}".group;
|
|
||||||
|
|
||||||
# It is hardcoded but as long as the module is stable that way.
|
giteaUserGroup = config.users.users."${config.services.gitea.user}".group;
|
||||||
vaultwardenUserGroup = config.users.groups.vaultwarden.name;
|
|
||||||
postgresUserGroup = config.users.groups.postgres.name;
|
# It is hardcoded but as long as the module is stable that way.
|
||||||
in
|
vaultwardenUserGroup = config.users.groups.vaultwarden.name;
|
||||||
{
|
postgresUserGroup = config.users.groups.postgres.name;
|
||||||
"ssh-key" = { };
|
in
|
||||||
"lego/env" = { };
|
getSecrets {
|
||||||
"gitea/db/password".owner = giteaUserGroup;
|
"ssh-key" = { };
|
||||||
"gitea/smtp/password".owner = giteaUserGroup;
|
"lego/env" = { };
|
||||||
"vaultwarden/env".owner = vaultwardenUserGroup;
|
"gitea/db/password".owner = giteaUserGroup;
|
||||||
"borg/patterns/keys" = { };
|
"gitea/smtp/password".owner = giteaUserGroup;
|
||||||
"borg/password" = { };
|
"vaultwarden/env".owner = vaultwardenUserGroup;
|
||||||
"keycloak/db/password".owner = postgresUserGroup;
|
"borg/patterns/keys" = { };
|
||||||
}
|
"borg/password" = { };
|
||||||
);
|
"keycloak/db/password".owner = postgresUserGroup;
|
||||||
|
};
|
||||||
|
|
||||||
# All of the keys required to deploy the secrets. Don't know how to make the
|
# All of the keys required to deploy the secrets. Don't know how to make the
|
||||||
# GCP KMS key work though without manually going into the instance and
|
# GCP KMS key work though without manually going into the instance and
|
||||||
|
Loading…
Reference in New Issue
Block a user