X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Faten%2Faten.nix;h=46a7361b583899613190e4d0e336e61138b79724;hb=1b3154e40a568a296c74759d68827366b5f26da9;hp=567dcd13dfc2fe7656f09a8db32d800ad18f3881;hpb=ca330baa14da56456ec538b232a91e1c443241bb;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/nixops/modules/websites/aten/aten.nix b/nixops/modules/websites/aten/aten.nix
index 567dcd1..46a7361 100644
--- a/nixops/modules/websites/aten/aten.nix
+++ b/nixops/modules/websites/aten/aten.nix
@@ -13,10 +13,10 @@ let
           /run/wrappers/bin/sudo -u wwwrun APP_ENV=${environment} ./bin/console --env=${environment} cache:clear --no-warmup
           popd > /dev/null
           echo -n "${webappDir}" > ${varDir}/currentWebappDir
-          sha512sum /run/keys/webapps/${environment}-aten > ${varDir}/currentKey
+          sha512sum /var/secrets/webapps/${environment}-aten > ${varDir}/currentKey
         fi
         '';
-      serviceDeps = [ "postgresql.service" "${environment}-aten-key.service" ];
+      serviceDeps = [ "postgresql.service" ];
       socket = "/var/run/phpfpm/aten-${environment}.sock";
       pool = ''
         listen = ${socket}
@@ -42,8 +42,8 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    keys."${environment}-aten" = {
-      destDir = "/run/keys/webapps";
+    keys = [{
+      dest = "webapps/${environment}-aten";
       user = apache.user;
       group = apache.group;
       permissions = "0400";
@@ -52,7 +52,7 @@ let
         SetEnv APP_SECRET   "${config.secret}"
         SetEnv DATABASE_URL "${config.psql_url}"
         '';
-    };
+    }];
     apache = rec {
       user = "wwwrun";
       group = "wwwrun";
@@ -64,7 +64,7 @@ let
         SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
       </FilesMatch>
 
-      Include /run/keys/webapps/${environment}-aten
+      Include /var/secrets/webapps/${environment}-aten
 
       ${if environment == "dev" then ''
       <Location />