Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / websites / immae / temp.nix

diff --git a/modules/private/websites/immae/temp.nix b/modules/private/websites/immae/temp.nix
index 85182834a7bce60deeff6f81ee4e6fd69b21862f..61ed9cf4195fa9d1f6fb4d7593ae040486ef4997 100644 (file)
--- a/modules/private/websites/immae/temp.nix
+++ b/modules/private/websites/immae/temp.nix
@@ -28,24 +28,21 @@ in {
       '' ];
     };
 
-    secrets.keys = [
-      {
-        dest = "webapps/surfer";
-        permissions = "0400";
-        user = "wwwrun";
-        group = "wwwrun";
-        text = ''
-          CLOUDRON_LDAP_URL=ldaps://${env.ldap.host}
-          CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base}
-          TOKENSTORE_FILE=/var/lib/surfer/tokens.json
-          CLOUDRON_LDAP_BIND_DN=${env.ldap.dn}
-          CLOUDRON_LDAP_BIND_PASSWORD=${env.ldap.password}
-          CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base}
-          CLOUDRON_LDAP_FILTER="${env.ldap.filter}"
-          LISTEN=/run/surfer/listen.sock
-        '';
-      }
-    ];
+    secrets.keys."webapps/surfer" = {
+      permissions = "0400";
+      user = "wwwrun";
+      group = "wwwrun";
+      text = ''
+        CLOUDRON_LDAP_URL=ldaps://${env.ldap.host}
+        CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base}
+        TOKENSTORE_FILE=/var/lib/surfer/tokens.json
+        CLOUDRON_LDAP_BIND_DN=${env.ldap.dn}
+        CLOUDRON_LDAP_BIND_PASSWORD=${env.ldap.password}
+        CLOUDRON_LDAP_USERS_BASE_DN=${env.ldap.base}
+        CLOUDRON_LDAP_FILTER="${env.ldap.filter}"
+        LISTEN=/run/surfer/listen.sock
+      '';
+    };
 
     systemd.services.surfer = {
       description = "Surfer";