Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / performance / default.nix

diff --git a/modules/private/websites/tools/performance/default.nix b/modules/private/websites/tools/performance/default.nix
index df2b58d36b7c15c620e4fd696cec32867c03ad1a..5715ff08318a9c2b289d1e83c8470b65b7a3dcb8 100644 (file)
--- a/modules/private/websites/tools/performance/default.nix
+++ b/modules/private/websites/tools/performance/default.nix
@@ -11,9 +11,8 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    secrets.keys = [
-      {
-        dest = "status_engine_ui";
+    secrets.keys = {
+      status_engine_ui = {
         permissions = "0400";
         user = "wwwrun";
         group = "wwwrun";
@@ -44,8 +43,8 @@ in
           display_perfdata: 1
           perfdata_backend: mysql
         '';
-      }
-    ];
+      };
+    };
 
     services.websites.env.tools.modules = [ "proxy_fcgi" ];
 
@@ -80,7 +79,7 @@ in
         "pm.min_spare_servers" = "1";
         "pm.max_spare_servers" = "10";
 
-        "php_admin_value[open_basedir]" = "${package}:/tmp:/var/secrets/status_engine_ui";
+        "php_admin_value[open_basedir]" = "${package}:/tmp:${config.secrets.fullPaths."status_engine_ui"}";
       };
       phpPackage = pkgs.php74;
     };