50 lines
1.4 KiB
Nix
50 lines
1.4 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit (lib) mkIf;
|
|
inherit (config.niksos) server;
|
|
|
|
serviceUser = x: config.systemd.services.${x}.serviceConfig.User;
|
|
abstrServiceUser = x: config.services.${x}.user;
|
|
abstrServiceGroup = x: config.services.${x}.group;
|
|
in {
|
|
age.secrets = {
|
|
password.file = ./password.age;
|
|
|
|
# NOTE: server things
|
|
dcbot = mkIf server {
|
|
file = ./dcbot.age;
|
|
owner = serviceUser "dcbot"; #
|
|
};
|
|
bread-dcbot = mkIf server {
|
|
file = ./bread-dcbot.age;
|
|
owner = "bread-dcbot";
|
|
};
|
|
matrix-registration = mkIf server {
|
|
file = ./matrix-registration.age;
|
|
owner = abstrServiceUser "matrix-continuwuity";
|
|
};
|
|
mail-admin = mkIf server {
|
|
# owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart.
|
|
file = ./mail-admin.age;
|
|
};
|
|
zitadel-key = mkIf server {
|
|
file = ./zitadel-key.age;
|
|
owner = abstrServiceUser "zitadel";
|
|
};
|
|
forgejo-mailpass = mkIf server {
|
|
file = ./forgejo-mailpass.age;
|
|
owner = abstrServiceUser "forgejo";
|
|
};
|
|
immich-oidc = mkIf server {
|
|
file = ./immich-oidc.age;
|
|
owner = abstrServiceUser "immich";
|
|
};
|
|
nextcloud-admin-pass = mkIf server {
|
|
file = ./nextcloud-admin-pass.age;
|
|
owner = "nextcloud"; #NOTE: not a clear 'nextcloud.service' or 'services.nextcloud.user'.
|
|
};
|
|
};
|
|
}
|