X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fdiaspora%2Fdefault.nix;h=9119ead35e31e3e9a683c7f9dc1f09661f2479a4;hb=4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0;hp=5d2b19f27fa88d7affd70518961155f53ab10161;hpb=546864bc7d2d452803baafcb5d30438924e1d223;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/websites/tools/diaspora/default.nix b/modules/private/websites/tools/diaspora/default.nix index 5d2b19f..9119ead 100644 --- a/modules/private/websites/tools/diaspora/default.nix +++ b/modules/private/websites/tools/diaspora/default.nix @@ -16,9 +16,14 @@ in { }; users.users.diaspora.extraGroups = [ "keys" ]; - secrets.keys = [ - { - dest = "webapps/diaspora/diaspora.yml"; + secrets.keys = { + "webapps/diaspora" = { + isDir = true; + user = "diaspora"; + group = "diaspora"; + permissions = "0500"; + }; + "webapps/diaspora/diaspora.yml" = { user = "diaspora"; group = "diaspora"; permissions = "0400"; @@ -95,9 +100,8 @@ in { development: environment: ''; - } - { - dest = "webapps/diaspora/database.yml"; + }; + "webapps/diaspora/database.yml" = { user = "diaspora"; group = "diaspora"; permissions = "0400"; @@ -129,24 +133,23 @@ in { <<: *combined database: diaspora_integration2 ''; - } - { - dest = "webapps/diaspora/secret_token.rb"; + }; + "webapps/diaspora/secret_token.rb" = { user = "diaspora"; group = "diaspora"; permissions = "0400"; text = '' Diaspora::Application.config.secret_key_base = '${env.secret_token}' ''; - } - ]; + }; + }; services.diaspora = { enable = true; package = pkgs.webapps.diaspora.override { ldap = true; }; dataDir = "/var/lib/diaspora_immae"; adminEmail = "diaspora@tools.immae.eu"; - configDir = "/var/secrets/webapps/diaspora"; + configDir = config.secrets.fullPaths."webapps/diaspora"; }; services.filesWatcher.diaspora = {