LDAPOpCacheTTL 600
</IfModule>
- Include /var/secrets/apache-ldap
+ Include ${config.secrets.fullPaths."apache-ldap"}
'';
};
global = {
users.users.wwwrun.extraGroups = [ "keys" ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
- secrets.keys = [{
- dest = "apache-ldap";
+ secrets.keys."apache-ldap" = {
user = "wwwrun";
group = "wwwrun";
permissions = "0400";
</IfModule>
</Macro>
'';
- }];
+ };
system.activationScripts = {
httpd = ''
};
};
- services.filesWatcher.httpdProd.paths = [ "/var/secrets/apache-ldap" ];
- services.filesWatcher.httpdInte.paths = [ "/var/secrets/apache-ldap" ];
- services.filesWatcher.httpdTools.paths = [ "/var/secrets/apache-ldap" ];
+ services.filesWatcher.httpdProd.paths = [ config.secrets.fullPaths."apache-ldap" ];
+ services.filesWatcher.httpdInte.paths = [ config.secrets.fullPaths."apache-ldap" ];
+ services.filesWatcher.httpdTools.paths = [ config.secrets.fullPaths."apache-ldap" ];
services.websites.env.production = {
enable = true;