diff --git a/secrets/default.nix b/secrets/default.nix index f8b1a50..c1cafa6 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -3,9 +3,9 @@ lib, ... }: let - inherit (lib) mkIf; inherit (config.niksos) server; + isEnabled = x: lib.mkIf server.${x}.enable; serviceUser = x: config.systemd.services.${x}.serviceConfig.User; abstrServiceUser = x: config.services.${x}.user; abstrServiceGroup = x: config.services.${x}.group; @@ -14,35 +14,35 @@ in { password.file = ./password.age; # NOTE: server things - jsw-bot = mkIf server.jsw-bot.enable { + jsw-bot = isEnabled "jsw-bot" { file = ./jsw-bot.age; owner = serviceUser "jsw-bot"; # }; - derek-bot = mkIf server.derek-bot.enable { + derek-bot = isEnabled "derek-bot" { file = ./derek-bot.age; owner = "derek-bot"; }; - # matrix-registration = mkIf server.matrix.enable { + # matrix-registration = isEnabled "matrix" { # file = ./matrix-registration.age; # owner = abstrServiceUser "matrix-continuwuity"; # }; - mail-admin = mkIf server.stalwart.enable { + mail-admin = isEnabled "stalwart" { # owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart. file = ./mail-admin.age; }; - zitadel-key = mkIf server.zitadel.enable { + zitadel-key = isEnabled "zitadel" { file = ./zitadel-key.age; owner = abstrServiceUser "zitadel"; }; - forgejo-mailpass = mkIf server.forgejo.enable { + forgejo-mailpass = isEnabled "forgejo" { file = ./forgejo-mailpass.age; owner = abstrServiceUser "forgejo"; }; - immich-oidc = mkIf server.immich.enable { + immich-oidc = isEnabled "immich" { file = ./immich-oidc.age; owner = abstrServiceUser "immich"; }; - nextcloud-admin-pass = mkIf server.nextcloud.enable { + nextcloud-admin-pass = isEnabled "nextcloud" { file = ./nextcloud-admin-pass.age; owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'. };