SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 18:41:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

sops: Make secrets root owned when possible

Browse source
This commit is contained in:
SebastianStork 2025-08-27 15:17:29 +02:00
parent 63d025f00f
commit 0cc7c80407
2 changed files with 6 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

14
modules/system/services/hedgedoc.nix
View file

@ -27,17 +27,13 @@ in
ports.list = [ cfg.port ];
};
sops =
let
sops = {
secrets."hedgedoc/gitlab-auth-secret" = { };
templates."hedgedoc/environment" = {
owner = config.users.users.hedgedoc.name;
in
{
secrets."hedgedoc/gitlab-auth-secret".owner = owner;
templates."hedgedoc/environment" = {
inherit owner;
content = "GITLAB_CLIENTSECRET=${config.sops.placeholder."hedgedoc/gitlab-auth-secret"}";
};
content = "GITLAB_CLIENTSECRET=${config.sops.placeholder."hedgedoc/gitlab-auth-secret"}";
};
};
services.hedgedoc = {
enable = true;