Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / peertube / default.nix

diff --git a/modules/private/websites/tools/peertube/default.nix b/modules/private/websites/tools/peertube/default.nix
index 3345453d1cec5138a1c8f21c59419648fb861e09..daeeb1fef898435b3936ca7220e688abae00be65 100644 (file)
--- a/modules/private/websites/tools/peertube/default.nix
+++ b/modules/private/websites/tools/peertube/default.nix
@@ -14,13 +14,11 @@ in {
     };
     services.peertube = {
       enable = true;
-      configFile = "/var/secrets/webapps/tools-peertube";
-      package = pkgs.webapps.peertube.override { ldap = true; sendmail = true; light = "fr-FR"; };
+      configFile = config.secrets.fullPaths."webapps/tools-peertube";
     };
     users.users.peertube.extraGroups = [ "keys" ];
 
-    secrets.keys = [{
-      dest = "webapps/tools-peertube";
+    secrets.keys."webapps/tools-peertube" = {
       user = "peertube";
       group = "peertube";
       permissions = "0640";
@@ -44,18 +42,6 @@ in {
           socket: '${env.redis.socket}'
           auth: null
           db: ${env.redis.db}
-        auth:
-          local:
-            enabled: true
-          ldap:
-            enabled: true
-            ldap_only: false
-            url: ldaps://${env.ldap.host}/${env.ldap.base}
-            bind_dn: ${env.ldap.dn}
-            bind_password: ${env.ldap.password}
-            base: ${env.ldap.base}
-            mail_entry: "mail"
-            user_filter: "${env.ldap.filter}"
         smtp:
           transport: sendmail
           sendmail: '/run/wrappers/bin/sendmail'
@@ -73,8 +59,9 @@ in {
           captions: '${pcfg.dataDir}/storage/captions/'
           cache: '${pcfg.dataDir}/storage/cache/'
           plugins: '${pcfg.dataDir}/storage/plugins/'
+          client_overrides: '${pcfg.dataDir}/storage/client-overrides/'
         '';
-    }];
+    };
 
     services.websites.env.tools.modules = [
       "headers" "proxy" "proxy_http" "proxy_wstunnel"