jsw/NiksOS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Abstracted mkif enable for server options in secrets

Browse source
This commit is contained in:
Jurn Wubben 2025-09-15 20:27:23 +02:00
parent cc65757a1f
commit 080db81f5a
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

18
secrets/default.nix
View file

@ -3,9 +3,9 @@
lib, lib,
... ...
}: let }: let
inherit (lib) mkIf;
inherit (config.niksos) server; inherit (config.niksos) server;
isEnabled = x: lib.mkIf server.${x}.enable;
serviceUser = x: config.systemd.services.${x}.serviceConfig.User; serviceUser = x: config.systemd.services.${x}.serviceConfig.User;
abstrServiceUser = x: config.services.${x}.user; abstrServiceUser = x: config.services.${x}.user;
abstrServiceGroup = x: config.services.${x}.group; abstrServiceGroup = x: config.services.${x}.group;
@ -14,35 +14,35 @@ in {
password.file = ./password.age; password.file = ./password.age;
# NOTE: server things # NOTE: server things
jsw-bot = mkIf server.jsw-bot.enable { jsw-bot = isEnabled "jsw-bot" {
file = ./jsw-bot.age; file = ./jsw-bot.age;
owner = serviceUser "jsw-bot"; # owner = serviceUser "jsw-bot"; #
}; };
derek-bot = mkIf server.derek-bot.enable { derek-bot = isEnabled "derek-bot" {
file = ./derek-bot.age; file = ./derek-bot.age;
owner = "derek-bot"; owner = "derek-bot";
}; };
# matrix-registration = mkIf server.matrix.enable { # matrix-registration = isEnabled "matrix" {
# file = ./matrix-registration.age; # file = ./matrix-registration.age;
# owner = abstrServiceUser "matrix-continuwuity"; # owner = abstrServiceUser "matrix-continuwuity";
# }; # };
mail-admin = mkIf server.stalwart.enable { mail-admin = isEnabled "stalwart" {
# owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart. # owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart.
file = ./mail-admin.age; file = ./mail-admin.age;
}; };
zitadel-key = mkIf server.zitadel.enable { zitadel-key = isEnabled "zitadel" {
file = ./zitadel-key.age; file = ./zitadel-key.age;
owner = abstrServiceUser "zitadel"; owner = abstrServiceUser "zitadel";
}; };
forgejo-mailpass = mkIf server.forgejo.enable { forgejo-mailpass = isEnabled "forgejo" {
file = ./forgejo-mailpass.age; file = ./forgejo-mailpass.age;
owner = abstrServiceUser "forgejo"; owner = abstrServiceUser "forgejo";
}; };
immich-oidc = mkIf server.immich.enable { immich-oidc = isEnabled "immich" {
file = ./immich-oidc.age; file = ./immich-oidc.age;
owner = abstrServiceUser "immich"; owner = abstrServiceUser "immich";
}; };
nextcloud-admin-pass = mkIf server.nextcloud.enable { nextcloud-admin-pass = isEnabled "nextcloud" {
file = ./nextcloud-admin-pass.age; file = ./nextcloud-admin-pass.age;
owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'. owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'.
}; };