Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / databases / postgresql.nix

diff --git a/modules/private/databases/postgresql.nix b/modules/private/databases/postgresql.nix
index e73bf69eb7f78b5c73e6d2727b10fc8818ce0735..a6c4cc998fdb138ccf53671992a916794b6eff95 100644 (file)
--- a/modules/private/databases/postgresql.nix
+++ b/modules/private/databases/postgresql.nix
@@ -178,9 +178,8 @@ in {
       '';
     };
 
-    secrets.keys = [
-      {
-        dest = "postgresql/pam";
+    secrets.keys = {
+      "postgresql/pam" = {
         permissions = "0400";
         group = "postgres";
         user = "postgres";
@@ -192,9 +191,8 @@ in {
           pam_filter ${filter}
           ssl start_tls
         '';
-      }
-      {
-        dest = "postgresql/pam_replication";
+      };
+      "postgresql/pam_replication" = {
         permissions = "0400";
         group = "postgres";
         user = "postgres";
@@ -206,8 +204,8 @@ in {
           pam_login_attribute cn
           ssl start_tls
         '';
-      }
-    ];
+      };
+    };
 
     security.pam.services = let
       pam_ldap = "${pkgs.pam_ldap}/lib/security/pam_ldap.so";