Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / databases / redis_replication.nix

diff --git a/modules/private/databases/redis_replication.nix b/modules/private/databases/redis_replication.nix
index a3fe3bb775f0f412d846bc80f7b9049035fe38f6..9e48939ecf0a938bcfa35f924b071217fea8c8fa 100644 (file)
--- a/modules/private/databases/redis_replication.nix
+++ b/modules/private/databases/redis_replication.nix
@@ -64,13 +64,12 @@ in
         encrypt = true;
         source = "127.0.0.1:16379";
         target = "${config.myEnv.servers.eldiron.ips.main.ip4}:16379";
-        keyfile = "${config.secrets.location}/redis/spiped_eldiron_keyfile";
+        keyfile = config.secrets.fullPaths."redis/spiped_eldiron_keyfile";
       };
     };
 
-    secrets.keys = lib.flatten (lib.mapAttrsToList (name: hcfg: [
-      {
-        dest = "redis_replication/${name}/config";
+    secrets.keys = lib.mapAttrs' (name: hcfg:
+      lib.nameValuePair "redis_replication/${name}/config" {
         user = "redis";
         group = "redis";
         permissions = "0400";
@@ -97,15 +96,14 @@ in
           maxclients 1024
           '';
       }
-    ]) cfg.hosts) ++ [
-      { # For eldiron only
-        dest = "redis/spiped_eldiron_keyfile";
+    ) cfg.hosts // {
+      "redis/spiped_eldiron_keyfile" = { # For eldiron only
         user = "spiped";
         group = "spiped";
         permissions = "0400";
         text = config.myEnv.databases.redis.spiped_key;
-      }
-    ];
+      };
+    };
 
     services.cron = {
       enable = true;
@@ -162,7 +160,7 @@ in
         unitConfig.RequiresMountsFor = dataDir;
 
         serviceConfig = {
-          ExecStart = "${hcfg.package}/bin/redis-server ${config.secrets.location}/redis_replication/${name}/config";
+          ExecStart = "${hcfg.package}/bin/redis-server ${config.secrets.fullPaths."redis_replication/${name}/config"}";
           User = "redis";
           RuntimeDirectory = "redis_${name}";
         };