Move secrets to flakes

[perso/Immae/Config/Nix.git] / modules / private / system / quatresaisons / databases.nix

diff --git a/modules/private/system/quatresaisons/databases.nix b/modules/private/system/quatresaisons/databases.nix
index 8748058d6856d3450d25cb716f3f8db7e876d865..68ce27424f5279c81f00ec678f2865cb9f59b210 100644 (file)
--- a/modules/private/system/quatresaisons/databases.nix
+++ b/modules/private/system/quatresaisons/databases.nix
@@ -2,7 +2,7 @@
 {
   config = let
     serverSpecificConfig = config.myEnv.serverSpecific.quatresaisons;
-    phpLdapAdmin = pkgs.webapps.phpldapadmin.override { config = "/var/secrets/webapps/tools-ldap"; };
+    phpLdapAdmin = pkgs.webapps.phpldapadmin.override { config = config.secrets.fullPaths."webapps/tools-ldap"; };
   in {
     services.postgresql.enable = true;
     services.postgresql.package = pkgs.postgresql_12;
@@ -94,7 +94,7 @@
           by anonymous auth
           by * break
       '';
-      rootpwFile = "${config.secrets.location}/ldap/password";
+      rootpwFile = config.secrets.fullPaths."ldap/password";
       suffix = "dc=salle-s,dc=org";
       rootdn = "cn=root,dc=salle-s,dc=org";
       database = "hdb";
@@ -120,7 +120,7 @@
       group = "wwwrun";
       settings =
         let
-          basedir = builtins.concatStringsSep ":" [ phpLdapAdmin "/var/secrets/webapps/tools-ldap" ];
+          basedir = builtins.concatStringsSep ":" [ phpLdapAdmin config.secrets.fullPaths."webapps/tools-ldap" ];
         in {
           "listen.owner" = "wwwrun";
           "listen.group" = "wwwrun";