jsw/NiksOS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
NiksOS/secrets/default.nix
Jurn Wubben fa35e153c6 Converted seafile to openid login
2025-07-21 08:19:31 +02:00

49 lines
1.2 KiB
Nix
Raw Blame History

{
config,
lib,
...
}: let
inherit (lib) mkIf;
inherit (config.niksos) server;
serviceUser = x: config.systemd.services.${x}.serviceConfig.User;
abstrServiceUser = x: config.services.${x}.user;
in {
age.secrets = {
password.file = ./password.age;
# NOTE: server things
dcbot = mkIf server {
file = ./dcbot.age;
owner = serviceUser "dcbot"; #
};
bread-dcbot = mkIf server {
file = ./bread-dcbot.age;
owner = "bread-dcbot";
};
matrix-registration = mkIf server {
file = ./matrix-registration.age;
owner = abstrServiceUser "matrix-continuwuity";
};
mail-admin = mkIf server {
# owner = serviceUser "stalwart-mail"; #FIXME: revert when stopped using docker for stalwart.
file = ./mail-admin.age;
};
zitadel-key = mkIf server {
file = ./zitadel-key.age;
owner = abstrServiceUser "zitadel";
};
forgejo-mailpass = mkIf server {
file = ./forgejo-mailpass.age;
owner = abstrServiceUser "forgejo";
};
immich-oidc = mkIf server {
file = ./immich-oidc.age;
owner = abstrServiceUser "immich";
};
seafile-oidc = mkIf server {
file = ./seafile-oidc.age;
owner = abstrServiceUser "seafile";
};
};
}
Reference in a new issue View git blame Copy permalink