Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / dmarc_reports.nix

diff --git a/modules/private/websites/tools/tools/dmarc_reports.nix b/modules/private/websites/tools/tools/dmarc_reports.nix
index e264e80f421ed1d4ccbd15a23b004642c1739d51..89da246167944a5cc842380bbc8935fdbdac7e33 100644 (file)
--- a/modules/private/websites/tools/tools/dmarc_reports.nix
+++ b/modules/private/websites/tools/tools/dmarc_reports.nix
@@ -1,7 +1,6 @@
-{ env }:
+{ env, config }:
 rec {
-  keys = [{
-    dest = "webapps/tools-dmarc-reports.php";
+  keys."webapps/tools-dmarc-reports.php" = {
     user = "wwwrun";
     group = "wwwrun";
     permissions = "0400";
@@ -15,7 +14,7 @@ rec {
       $anonymous_key = "${env.anonymous_key}";
       ?>
     '';
-  }];
+  };
   webRoot = ./dmarc_reports;
   apache = rec {
     user = "wwwrun";
@@ -43,7 +42,7 @@ rec {
   };
   phpFpm = rec {
     basedir = builtins.concatStringsSep ":"
-      [ webRoot "/var/secrets/webapps/tools-dmarc-reports.php" ];
+      [ webRoot config.secrets.fullPaths."webapps/tools-dmarc-reports.php" ];
     pool = {
       "listen.owner" = apache.user;
       "listen.group" = apache.group;
@@ -55,7 +54,7 @@ rec {
       "php_admin_value[open_basedir]" = "${basedir}:/tmp";
     };
     phpEnv = {
-      SECRETS_FILE = "/var/secrets/webapps/tools-dmarc-reports.php";
+      SECRETS_FILE = config.secrets.fullPaths."webapps/tools-dmarc-reports.php";
     };
   };
 }