Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / system / quatresaisons / databases.nix

diff --git a/modules/private/system/quatresaisons/databases.nix b/modules/private/system/quatresaisons/databases.nix
index 68ce27424f5279c81f00ec678f2865cb9f59b210..f7b27e0911bcf342c1f24b89321ddfabe054de61 100644 (file)
--- a/modules/private/system/quatresaisons/databases.nix
+++ b/modules/private/system/quatresaisons/databases.nix
@@ -9,16 +9,14 @@
     services.postgresql.ensureUsers = [
       { name = "naemon"; }
     ];
-    secrets.keys = [
-      {
-        dest = "ldap/password";
+    secrets.keys = {
+      "ldap/password" = {
         permissions = "0400";
         user = "openldap";
         group = "openldap";
         text = "rootpw      ${serverSpecificConfig.ldap_root_pw}";
-      }
-      {
-        dest = "webapps/tools-ldap";
+      };
+      "webapps/tools-ldap" = {
         user = "wwwrun";
         group = "wwwrun";
         permissions = "0400";
@@ -42,8 +40,8 @@
           $servers->setValue('login','attr','uid');
           $servers->setValue('login','fallback_dn',true);
         '';
-      }
-    ];
+      };
+    };
 
     users.users.openldap.extraGroups = [ "keys" ];
     services.openldap = {